urlscan.io logo urlscan.io
SecurityTrails logo

www.oann.com Open in urlscan Pro
2600:1f1c:adc:8702:a95e:4e18:d5c4:5ec8  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-j...
Submission: On November 12 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 164 IPs in 14 countries across 148 domains to perform 977 HTTP transactions. The main IP is 2600:1f1c:adc:8702:a95e:4e18:d5c4:5ec8, located in San Jose, United States and belongs to AMAZON-02, US. The main domain is www.oann.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 17th 2020. Valid for: 2 years.
This is the only time www.oann.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2600:1f1c:adc... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
22 2600:9000:223... 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:214... ()
2 2a03:2880:f02... 32934 (FACEBOOK)
7 142.250.185.130 15169 (GOOGLE)
2 143.204.101.81 16509 (AMAZON-02)
13 192.229.233.25 15133 (EDGECAST)
1 52.219.112.161 16509 (AMAZON-02)
16 2606:4700:20:... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 52.218.197.161 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
11 2a00:1450:400... 15169 (GOOGLE)
3 199.232.192.134 54113 (FASTLY)
2 2600:9000:223... 16509 (AMAZON-02)
17 172.66.41.9 13335 (CLOUDFLAR...)
12 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 8 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:225... 16509 (AMAZON-02)
35 2600:9000:224... 16509 (AMAZON-02)
9 151.101.128.134 54113 (FASTLY)
7 104.154.142.214 15169 (GOOGLE)
1 199.232.196.64 54113 (FASTLY)
3 199.232.196.134 54113 (FASTLY)
1 5 208.100.17.186 32748 (STEADFAST)
4 44 2.21.141.232 16625 (AKAMAI-AS)
14 51.89.9.251 16276 (OVH)
4 4 185.64.190.79 62713 (AS-PUBMATIC)
20 24 142.250.185.162 15169 (GOOGLE)
2 23 185.64.190.80 62713 (AS-PUBMATIC)
2 6 198.47.127.20 3257 (GTT-BACKB...)
18 31 37.252.173.215 29990 (ASN-APPNEX)
2 12 34.98.64.218 15169 (GOOGLE)
12 19 18.156.0.31 16509 (AMAZON-02)
18 22 213.19.147.44 3356 (LEVEL3)
8 15 52.223.40.198 16509 (AMAZON-02)
1 1 70.42.32.63 22075 (AS-OUTBRAIN)
15 178.162.133.149 60781 (LEASEWEB-...)
1 54.77.45.99 16509 (AMAZON-02)
1 174.137.133.49 27257 (WEBAIR-IN...)
5 5 54.93.162.63 16509 (AMAZON-02)
2 38.27.122.101 174 (COGENT-174)
2 6 216.52.2.19 30282 (AS-INAPCD...)
3 3 198.8.71.129 54312 (ROCKETFUEL)
3 208.100.17.177 32748 (STEADFAST)
9 68.183.31.14 14061 (DIGITALOC...)
2 49 151.101.193.44 54113 (FASTLY)
1 2 52.46.130.91 16509 (AMAZON-02)
5 10 37.157.5.142 198622 (ADFORM)
23 28 18.193.90.196 16509 (AMAZON-02)
1 2 54.174.249.39 14618 (AMAZON-AES)
1 3 13.32.121.17 16509 (AMAZON-02)
3 104.244.42.72 13414 (TWITTER)
1 3 3.120.154.132 16509 (AMAZON-02)
2 4 2a02:2638::1c 44788 (ASN-CRITE...)
4 178.250.0.157 44788 (ASN-CRITE...)
1 6 54.36.109.48 16276 (OVH)
3 7 37.252.173.22 29990 (ASN-APPNEX)
3 82.145.213.8 39832 (NO-OPERA)
4 132.226.41.106 31898 (ORACLE-BM...)
3 157.245.94.128 14061 (DIGITALOC...)
2 178.162.133.150 60781 (LEASEWEB-...)
2 34.149.20.76 15169 (GOOGLE)
2 35.158.25.241 16509 (AMAZON-02)
2 2602:803:c003... 26667 (RUBICONPR...)
6 185.86.139.95 201081 (SMARTADSE...)
2 34.107.148.139 15169 (GOOGLE)
2 185.64.189.112 62713 (AS-PUBMATIC)
2 185.239.173.210 55081 (24SHELLS)
2 213.19.147.42 3356 (LEVEL3)
1 1 204.62.13.72 46636 (NATCOWEB)
5 141.226.228.48 200478 (TABOOLA-AS)
2 2600:1f18:612... 14618 (AMAZON-AES)
4 4 185.94.180.125 35220 (SPOTX-AMS)
11 2a0c:5c81:514... 55081 (24SHELLS)
3 2606:2800:134... 15133 (EDGECAST)
11 2.18.235.93 16625 (AKAMAI-AS)
1 2.16.186.66 20940 (AKAMAI-ASN1)
4 2.21.140.74 16625 (AKAMAI-AS)
3 37.252.172.250 29990 (ASN-APPNEX)
1 151.101.193.108 54113 (FASTLY)
3 2600:9000:225... 16509 (AMAZON-02)
6 2a0c:5c81:513... 55081 (24SHELLS)
1 19 46.249.52.248 50673 (SERVERIUS-AS)
11 11 23.37.42.132 16625 (AKAMAI-AS)
28 104.92.74.8 16625 (AKAMAI-AS)
3 2.21.141.148 16625 (AKAMAI-AS)
6 130.211.115.4 15169 (GOOGLE)
6 8 66.155.71.149 13768 (COGECO-PEER1)
22 5.178.65.245 50673 (SERVERIUS-AS)
24 5.178.65.252 50673 (SERVERIUS-AS)
4 5 35.227.252.103 15169 (GOOGLE)
5 16 34.206.28.97 14618 (AMAZON-AES)
5 12 2a02:fa8:8806... 41041 (VCLK-EU-SE)
6 13 162.55.233.29 24940 (HETZNER-AS)
6 6 88.214.206.142 46636 (NATCOWEB)
15 2.21.141.175 16625 (AKAMAI-AS)
1 2.16.186.43 20940 (AKAMAI-ASN1)
9 2600:9000:224... 16509 (AMAZON-02)
2 5 37.157.4.28 198622 (ADFORM)
6 89.187.169.47 60068 (CDN77 ^_^)
6 69.173.144.165 26667 (RUBICONPR...)
2 152.199.22.191 15133 (EDGECAST)
2 104.17.120.107 13335 (CLOUDFLAR...)
1 2a04:4e42:600... 54113 (FASTLY)
29 2606:4700:10:... 13335 (CLOUDFLAR...)
4 4 69.173.144.138 26667 (RUBICONPR...)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
6 10 151.101.130.49 54113 (FASTLY)
2 6 2a05:d018:d29... 16509 (AMAZON-02)
3 35.244.174.68 15169 (GOOGLE)
1 141.226.224.32 200478 (TABOOLA-AS)
1 1 18.66.112.87 16509 (AMAZON-02)
2 4 198.47.127.19 62713 (AS-PUBMATIC)
9 9 185.29.134.244 30419 (MEDIAMATH...)
6 13.225.78.128 16509 (AMAZON-02)
20 2606:4700:10:... 13335 (CLOUDFLAR...)
1 31 35.157.138.20 16509 (AMAZON-02)
2 2 2001:678:cb4:... 56396 (AMOBEE)
3 7 52.212.206.16 16509 (AMAZON-02)
3 5 52.214.44.171 16509 (AMAZON-02)
2 2 54.87.192.123 14618 (AMAZON-AES)
4 6 35.227.248.159 15169 (GOOGLE)
1 2600:1f18:659... 14618 (AMAZON-AES)
2 2 2a05:d018:24:... 16509 (AMAZON-02)
1 54.78.254.47 16509 (AMAZON-02)
3 3 85.114.159.93 24961 (MYLOC-AS ...)
2 2 35.201.81.244 15169 (GOOGLE)
3 3 185.86.137.131 201081 (SMARTADSE...)
3 14 52.17.84.146 16509 (AMAZON-02)
1 2 212.82.100.182 34010 (YAHOO-IRD)
1 34.98.67.61 15169 (GOOGLE)
3 34.251.73.26 16509 (AMAZON-02)
1 1 54.217.170.69 16509 (AMAZON-02)
1 1 3.223.81.219 14618 (AMAZON-AES)
1 2 52.94.222.140 16509 (AMAZON-02)
2 3 104.111.215.191 16625 (AKAMAI-AS)
6 6 34.240.234.119 16509 (AMAZON-02)
6 18 188.132.147.235 42910 (PREMIERDC...)
2 2 213.155.156.182 1299 (TWELVE99 ...)
2 3 178.250.0.163 44788 (ASN-CRITE...)
1 1 162.55.6.210 24940 (HETZNER-AS)
2 2606:4700:303... 13335 (CLOUDFLAR...)
3 173.231.180.197 29791 (VOXEL-DOT...)
4 4 87.98.242.60 16276 (OVH)
1 1 195.5.165.20 44968 (IPROM-AS)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
2 38.91.45.7 398989 (DEEPINTENT)
3 3 146.59.148.16 16276 (OVH)
7 14 169.50.137.182 36351 (SOFTLAYER)
1 1 51.75.146.160 16276 (OVH)
1 1 178.62.202.251 14061 (DIGITALOC...)
1 1 34.102.253.54 15169 (GOOGLE)
1 54.228.52.99 16509 (AMAZON-02)
6 51.15.145.115 12876 (Online SAS)
3 3 18.184.122.71 16509 (AMAZON-02)
6 35.241.40.233 15169 (GOOGLE)
2 135.125.160.160 16276 (OVH)
1 192.132.33.46 18568 (BIDTELLECT)
4 4 3.125.99.7 16509 (AMAZON-02)
5 5 185.183.112.155 60350 (VP)
2 2 52.211.82.61 16509 (AMAZON-02)
1 3.216.236.90 14618 (AMAZON-AES)
2 3 104.111.242.53 16625 (AKAMAI-AS)
1 1 154.59.122.79 174 (COGENT-174)
1 1 18.210.180.232 14618 (AMAZON-AES)
1 1 52.4.244.165 14618 (AMAZON-AES)
1 1 52.86.199.207 14618 (AMAZON-AES)
1 1 35.186.193.173 15169 (GOOGLE)
1 2.18.234.233 16625 (AKAMAI-AS)
2 2 185.33.221.184 29990 (ASN-APPNEX)
2 2 52.17.35.107 16509 (AMAZON-02)
4 4 72.251.244.142 29791 (VOXEL-DOT...)
2 2 3.127.51.194 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 3.69.177.113 16509 (AMAZON-02)
1 205.234.175.175 30081 (CACHENETW...)
1 35.157.246.167 16509 (AMAZON-02)
1 54.77.47.243 16509 (AMAZON-02)
1 35.156.156.223 16509 (AMAZON-02)
4 2a00:1450:400... ()
2 2 23.111.200.118 ()
4 3.121.27.153 ()
1 2606:2800:220... ()
2 2 63.33.204.129 ()
1 12 2606:4700:10:... ()
2 2 35.201.96.126 ()
1 185.64.189.229 ()
1 2 77.243.60.138 ()
1 1 3.234.149.51 ()
1 2602:803:c003... ()
1 2606:4700:10:... ()
1 2a00:1450:400... ()
2 142.250.186.162 ()
1 104.111.218.85 ()
2 54.81.39.163 ()
6 2.18.233.201 ()
1 1 104.111.242.245 ()
1 104.22.34.177 ()
2 2 18.195.155.181 ()
1 1 89.163.211.233 ()
1 1 146.0.227.109 ()
1 1 2620:112:f002... ()
977 164
1    2600:1f1c:adc:8702:a95e:4e18:d5c4:5ec8 (San Jose, United States)

ASN16509 (AMAZON-02, US)
www.oann.com
2    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
22    2600:9000:223c:9800:9:da2a:f240:21 (United States)

ASN16509 (AMAZON-02, US)
dzm0ugdauank9.cloudfront.net
2    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
4    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2600:9000:214f:fe00:1:a3fa:7cc0:93a1 (United States)

ASN- ()
content.jwplatform.com
2    2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
7    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
securepubads.g.doubleclick.net
partner.googleadservices.com
2    143.204.101.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-81.fra50.r.cloudfront.net
d2pggiv3o55wnc.cloudfront.net
13    192.229.233.25 (Playa Vista, United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
1    52.219.112.161 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-1-r-w.amazonaws.com
hnwebcontent.s3-us-west-1.amazonaws.com
16    2606:4700:20::681a:a9c (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.pixfuture.com
3    2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
1    2606:4700:20::ac43:46b8 (United States)

ASN13335 (CLOUDFLARENET, US)
www.privacypolicies.com
1    52.218.197.161 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-r-w.amazonaws.com
oann-push.s3-us-west-2.amazonaws.com
3    2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2606:4700:20::681a:5da (United States)

ASN13335 (CLOUDFLARENET, US)
scripts.poll-maker.com
11    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    199.232.192.134 (United States)

ASN54113 (FASTLY, US)
oann.disqus.com
2    2600:9000:223c:9200:b:6268:b880:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn1.lockerdomecdn.com
17    172.66.41.9 (United States)

ASN13335 (CLOUDFLARENET, US)
resources.infolinks.com
router.infolinks.com
12    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
5    2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
8    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
googleads.g.doubleclick.net
www.googletagservices.com
2    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
d75550029ba183372abcd49096ced8df.safeframe.googlesyndication.com
2    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2600:9000:225e:5200:a:cbb7:a940:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn2.lockerdomecdn.com
35    2600:9000:224a:2200:6:8656:f5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
c.disquscdn.com
9    151.101.128.134 (United States)

ASN54113 (FASTLY, US)
disqus.com
7    104.154.142.214 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 214.142.154.104.bc.googleusercontent.com
lockerdome.com
1    199.232.196.64 (United States)

ASN54113 (FASTLY, US)
tempest.services.disqus.com
3    199.232.196.134 (United States)

ASN54113 (FASTLY, US)
referrer.disqus.com
5    208.100.17.186 (United States)

ASN32748 (STEADFAST, US)
PTR: ip186.208-100-17.static.steadfastdns.net
de.tynt.com
ic.tynt.com
44    2.21.141.232 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-141-232.deploy.static.akamaitechnologies.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
ssum.casalemedia.com
dsum.casalemedia.com
14    51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu
onetag-sys.com
4    185.64.190.79 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
24    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
cm.g.doubleclick.net
23    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
6    198.47.127.20 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image4.pubmatic.com
simage4.pubmatic.com
31    37.252.173.215 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
12    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
pixfuture2-d.openx.net
eu-u.openx.net
us-u.openx.net
19    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
22    213.19.147.44 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
sync.targeting.unrulymedia.com
usermatch.targeting.unrulymedia.com
15    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    70.42.32.63 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
15    178.162.133.149 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
1    54.77.45.99 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-45-99.eu-west-1.compute.amazonaws.com
s.cpx.to
1    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
dsp.adkernel.com
5    54.93.162.63 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-162-63.eu-central-1.compute.amazonaws.com
pixel.advertising.com
2    38.27.122.101 (Chestertown, United States)

ASN174 (COGENT-174, US)
match.bnmla.com
6    216.52.2.19 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
3    198.8.71.129 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
3    208.100.17.177 (United States)

ASN32748 (STEADFAST, US)
PTR: ip177.208-100-17.static.steadfastdns.net
ssc-cms.33across.com
9    68.183.31.14 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
served-by.pixfuture.com
49    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
15.taboola.com
images.taboola.com
vidstat.taboola.com
imprammp.taboola.com
c3.taboola.com
wf.taboola.com
match.taboola.com
2    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
10    37.157.5.142 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
dmp.adform.net
28    18.193.90.196 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-90-196.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    54.174.249.39 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-174-249-39.compute-1.amazonaws.com
um2.eqads.com
3    13.32.121.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-17.fra60.r.cloudfront.net
sb.scorecardresearch.com
3    104.244.42.72 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
3    3.120.154.132 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-154-132.eu-central-1.compute.amazonaws.com
aa.agkn.com
4    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
4    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
6    54.36.109.48 (France)

ASN16276 (OVH, FR)
PTR: p03.id5-sync.com
id5-sync.com
7    37.252.173.22 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
3    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
s.adx.opera.com
4    132.226.41.106 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
pixfuture.technoratimedia.com
3    157.245.94.128 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
prebidserver.pixfuture.com
2    178.162.133.150 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com
apex.go.sonobi.com
2    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
2    35.158.25.241 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-25-241.eu-central-1.compute.amazonaws.com
hb.emxdgt.com
2    2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
6    185.86.139.95 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
2    34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
2    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
2    185.239.173.210 (United Kingdom)

ASN55081 (24SHELLS, US)
ghb.adtelligent.com
2    213.19.147.42 (United Kingdom)

ASN3356 (LEVEL3, US)
tag.1rx.io
1    204.62.13.72 (Clifton, United States)

ASN46636 (NATCOWEB, US)
pixfuture-inv-nyc.admixer.net
5    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
am-match.taboola.com
am-vid-events.taboola.com
sync-t1.taboola.com
am-wf.taboola.com
2    2600:1f18:612b:4232:542e:84b1:1361:c28e (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
taboola-supply-partners.tremorhub.com
4    185.94.180.125 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
11    2a0c:5c81:5147::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
ads57.adtelligent.com
3    2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST, US)
cdn.syndication.twimg.com
pbs.twimg.com
11    2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com
contextual.media.net
c21lg-d.media.net
1    2.16.186.66 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-66.deploy.static.akamaitechnologies.com
qsearch-a.akamaihd.net
4    2.21.140.74 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-140-74.deploy.static.akamaitechnologies.com
warp.media.net
lg3.media.net
hblg.media.net
3    37.252.172.250 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
fra1-ib.adnxs.com
1    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
cdn.adnxs.com
3    2600:9000:2250:ce00:a:deb0:3380:93a1 (United States)

ASN16509 (AMAZON-02, US)
js.ad-score.com
6    2a0c:5c81:5139::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
s.console.adtarget.com.tr
s.adtelligent.com
19    46.249.52.248 (Aalsmeer, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
ads.us.e-planning.net
sync.e-planning.net
11    23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
28    104.92.74.8 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-74-8.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
3    2.21.141.148 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-141-148.deploy.static.akamaitechnologies.com
acdn.adnxs.com
6    130.211.115.4 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 4.115.211.130.bc.googleusercontent.com
data.ad-score.com
8    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel.sitescout.com
pixel-sync.sitescout.com
22    5.178.65.245 (Woerden, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
u-ams02.e-planning.net
24    5.178.65.252 (Woerden, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: i.e-planning.net
s.e-planning.net
5    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
16    34.206.28.97 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-28-97.compute-1.amazonaws.com
a.audrte.com
12    2a02:fa8:8806:12::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
prebid-match.dotomi.com
pubmatic-match.dotomi.com
casale-match.dotomi.com
13    162.55.233.29 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.29.233.55.162.clients.your-server.de
sync.richaudience.com
6    88.214.206.142 (United Kingdom)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
15    2.21.141.175 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-141-175.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    2.16.186.43 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-43.deploy.static.akamaitechnologies.com
res-a.akamaihd.net
9    2600:9000:224a:8600:f:4f64:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)
js.adscale.de
5    37.157.4.28 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
track.adform.net
6    89.187.169.47 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-47.cdn77.com
cdn.admatic.com.tr
6    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
pixel-eu.rubiconproject.com
2    152.199.22.191 (United States)

ASN15133 (EDGECAST, US)
ad-cdn.technoratimedia.com
2    104.17.120.107 (None, )

ASN13335 (CLOUDFLARENET, US)
biddr.brealtime.com
1    2a04:4e42:600::300 (United States)

ASN54113 (FASTLY, US)
pips.taboola.com
29    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
4    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    2a00:1288:80:800::7000 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
10    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
6    2a05:d018:d29:3605:dc78:e42b:b41a:32a0 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
3    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
idsync.rlcdn.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
1    18.66.112.87 (United States)

ASN16509 (AMAZON-02, US)
cm.smadex.com
4    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
9    185.29.134.244 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
6    13.225.78.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-128.fra2.r.cloudfront.net
tags.crwdcntrl.net
20    2606:4700:10::6816:397e (United States)

ASN13335 (CLOUDFLARENET, US)
sync.quantumdex.io
31    35.157.138.20 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-138-20.eu-central-1.compute.amazonaws.com
ih.adscale.de
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
7    52.212.206.16 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-206-16.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
5    52.214.44.171 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-44-171.eu-west-1.compute.amazonaws.com
dpm.demdex.net
2    54.87.192.123 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-87-192-123.compute-1.amazonaws.com
sync.srv.stackadapt.com
6    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
1    2600:1f18:6593:f606:b0c3:6468:eab1:934c (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dmp.v.fwmrm.net
2    2a05:d018:24:b002:2591:850:d183:b9b4 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
1    54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
loadeu.exelator.com
3    85.114.159.93 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    35.201.81.244 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 244.81.201.35.bc.googleusercontent.com
idsync.frontend.weborama.fr
3    185.86.137.131 (France)

ASN201081 (SMARTADSERVER, FR)
sync.smartadserver.com
14    52.17.84.146 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-84-146.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
sync.crwdcntrl.net
2    212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com
1    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
3    34.251.73.26 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-73-26.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    54.217.170.69 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-170-69.eu-west-1.compute.amazonaws.com
engine.widespace.com
1    3.223.81.219 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-223-81-219.compute-1.amazonaws.com
usermatch.krxd.net
2    52.94.222.140 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
3    104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com
tags.bluekai.com
6    34.240.234.119 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-234-119.eu-west-1.compute.amazonaws.com
obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com
18    188.132.147.235 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)
PTR: static-235-147-132-188.sadecehosting.net
ads3.admatic.com.tr
ads4.admatic.com.tr
2    213.155.156.182 (Uppsala, Sweden)

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-182.teliacarrier-cust.com
d5p.de17a.com
3    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    162.55.6.210 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.210.6.55.162.clients.your-server.de
csync.loopme.me
2    2606:4700:3039::6815:c057 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
3    173.231.180.197 (United States)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
4    87.98.242.60 (Saarbrücken, Germany)

ASN16276 (OVH, FR)
PTR: ip60.ip-87-98-242.eu
green.erne.co
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
2    2606:4700::6812:c05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    38.91.45.7 (United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
3    146.59.148.16 (France)

ASN16276 (OVH, FR)
PTR: pikafka-2.cloudy.ovh
pixel.onaudience.com
14    169.50.137.182 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b6.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
1    51.75.146.160 (France)

ASN16276 (OVH, FR)
PTR: de03.roqad.pl
ws.rqtrk.eu
1    178.62.202.251 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    34.102.253.54 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    54.228.52.99 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-52-99.eu-west-1.compute.amazonaws.com
rtb.gumgum.com
6    51.15.145.115 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: 51-15-145-115.rev.poneytelecom.eu
js.cookieless-data.com
3    18.184.122.71 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-122-71.eu-central-1.compute.amazonaws.com
match.sharethrough.com
6    35.241.40.233 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 233.40.241.35.bc.googleusercontent.com
dmp.brand-display.com
2    135.125.160.160 (France)

ASN16276 (OVH, FR)
PTR: ns3198892.ip-135-125-160.eu
gu.dyntrk.com
1    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
4    3.125.99.7 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-99-7.eu-central-1.compute.amazonaws.com
pm.w55c.net
5    185.183.112.155 (Paris, France)

ASN60350 (VP, FR)
sync.adotmob.com
2    52.211.82.61 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-82-61.eu-west-1.compute.amazonaws.com
d.adroll.com
1    3.216.236.90 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-216-236-90.compute-1.amazonaws.com
rtb.adentifi.com
3    104.111.242.53 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-53.deploy.static.akamaitechnologies.com
px.owneriq.net
1    154.59.122.79 (United States)

ASN174 (COGENT-174, US)
ums.acuityplatform.com
1    18.210.180.232 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-180-232.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
1    52.4.244.165 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-244-165.compute-1.amazonaws.com
sync.extend.tv
1    52.86.199.207 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-199-207.compute-1.amazonaws.com
nep.advangelists.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
cm.ctnsnet.com
1    2.18.234.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
2    185.33.221.184 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 882.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
adscale-emea.adnxs.com
2    52.17.35.107 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-35-107.eu-west-1.compute.amazonaws.com
r.scoota.co
4    72.251.244.142 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
tracking.m6r.eu
2    3.127.51.194 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-51-194.eu-central-1.compute.amazonaws.com
ads.creative-serving.com
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    3.69.177.113 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-177-113.eu-central-1.compute.amazonaws.com
prebid-server.rubiconproject.com
1    205.234.175.175 (United States)

ASN30081 (CACHENETWORKS, US)
PTR: vip1.G-anycast1.cachefly.net
i.e-planning.net
1    35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
c2shb.ssp.yahoo.com
1    54.77.47.243 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
g2.gumgum.com
1    35.156.156.223 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-156-223.eu-central-1.compute.amazonaws.com
ads.adaptv.advertising.com
4    2a00:1450:4001:802::2001 (None, )

ASN- ()
tpc.googlesyndication.com
2    23.111.200.118 (None, )

ASN- ()
ads.betweendigital.com
4    3.121.27.153 (None, )

ASN- ()
ps.eyeota.net
1    2606:2800:220:1:248:1893:25c8:1946 (None, )

ASN- ()
www.example.com
2    63.33.204.129 (None, )

ASN- ()
ads.avct.cloud
12    2606:4700:10::6816:118d (None, )

ASN- ()
api.retargetly.com
app.retargetly.com
2    35.201.96.126 (None, )

ASN- ()
visitor.fiftyt.com
1    185.64.189.229 (None, )

ASN- ()
aud.pubmatic.com
2    77.243.60.138 (None, )

ASN- ()
uipglob.semasio.net
1    3.234.149.51 (None, )

ASN- ()
sync.ipredictive.com
1    2602:803:c003:200::27 (None, )

ASN- ()
beacon-ams3.rubiconproject.com
1    2606:4700:10::6816:4acb (None, )

ASN- ()
resources-rt.idx.lat
1    2a00:1450:4001:82b::2006 (None, )

ASN- ()
s0.2mdn.net
2    142.250.186.162 (None, )

ASN- ()
googleads4.g.doubleclick.net
1    104.111.218.85 (None, )

ASN- ()
ad.yieldlab.net
2    54.81.39.163 (None, )

ASN- ()
rt.idx.lat
6    2.18.233.201 (None, )

ASN- ()
pixel.mathtag.com
1    104.111.242.245 (None, )

ASN- ()
sync.teads.tv
1    104.22.34.177 (None, )

ASN- ()
ads01.groovinads.com
2    18.195.155.181 (None, )

ASN- ()
cs.emxdgt.com
1    89.163.211.233 (None, )

ASN- ()
brain.rvty.net
1    146.0.227.109 (None, )

ASN- ()
inv-nets.admixer.net
1    2620:112:f002:bbbb::23 (None, )

ASN- ()
d.turn.com
Apex Domain
Subdomains		 Transfer
66 e-planning.net
ads.us.e-planning.net
u-ams02.e-planning.net
sync.e-planning.net
s.e-planning.net
i.e-planning.net
110 KB
56 taboola.com
cdn.taboola.com
trc.taboola.com
15.taboola.com
images.taboola.com
vidstat.taboola.com
imprammp.taboola.com
c3.taboola.com
am-match.taboola.com
wf.taboola.com
am-vid-events.taboola.com
sync-t1.taboola.com
pips.taboola.com
cds.taboola.com
match.taboola.com
am-wf.taboola.com
2 MB
55 pubmatic.com
image8.pubmatic.com
image2.pubmatic.com
image4.pubmatic.com
hbopenbid.pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
simage2.pubmatic.com
simage4.pubmatic.com
aud.pubmatic.com
106 KB
53 rubiconproject.com
fastlane.rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
pixel.rubiconproject.com
token.rubiconproject.com
pixel-eu.rubiconproject.com
prebid-server.rubiconproject.com
beacon-ams3.rubiconproject.com
159 KB
47 adnxs.com
ib.adnxs.com
secure.adnxs.com
fra1-ib.adnxs.com
cdn.adnxs.com
acdn.adnxs.com
adscale-emea.adnxs.com
111 KB
44 casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
ssum.casalemedia.com
dsum.casalemedia.com
72 KB
41 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
googleads4.g.doubleclick.net
255 KB
40 adscale.de
js.adscale.de
ih.adscale.de
47 KB
35 disquscdn.com
c.disquscdn.com
914 KB
29 zeotap.com
spl.zeotap.com
mwzeom.zeotap.com
10 KB
29 yahoo.com
ups.analytics.yahoo.com
ads.yahoo.com
pr-bh.ybp.yahoo.com
cms.analytics.yahoo.com
c2shb.ssp.yahoo.com
11 KB
28 bidswitch.net
x.bidswitch.net
11 KB
28 pixfuture.com
cdn.pixfuture.com
served-by.pixfuture.com
prebidserver.pixfuture.com
4 MB
24 admatic.com.tr
cdn.admatic.com.tr
ads3.admatic.com.tr
ads4.admatic.com.tr
64 KB
24 cloudfront.net
dzm0ugdauank9.cloudfront.net
d2pggiv3o55wnc.cloudfront.net
927 KB
20 quantumdex.io
sync.quantumdex.io
5 KB
20 crwdcntrl.net
tags.crwdcntrl.net
bcp.crwdcntrl.net
sync.crwdcntrl.net
76 KB
17 media.net
prebid.media.net
contextual.media.net
warp.media.net
lg3.media.net
hblg.media.net
c21lg-d.media.net
172 KB
17 sonobi.com
sync.go.sonobi.com
apex.go.sonobi.com
9 KB
17 openx.net
u.openx.net
pixfuture2-d.openx.net
rtb.openx.net
eu-u.openx.net
us-u.openx.net
3 KB
17 googlesyndication.com
pagead2.googlesyndication.com
d75550029ba183372abcd49096ced8df.safeframe.googlesyndication.com
tpc.googlesyndication.com
274 KB
17 infolinks.com
resources.infolinks.com
router.infolinks.com
147 KB
16 audrte.com
a.audrte.com
19 KB
16 adtelligent.com
ghb.adtelligent.com
ads57.adtelligent.com
aux-log2-ah.adtelligent.com Failed
sync.adtelligent.com Failed
s.adtelligent.com
24 KB
16 disqus.com
oann.disqus.com
disqus.com
tempest.services.disqus.com
referrer.disqus.com
123 KB
16 twitter.com
platform.twitter.com
syndication.twitter.com
440 KB
15 mathtag.com
sync.mathtag.com
pixel.mathtag.com
10 KB
15 adform.net
c1.adform.net
cm.adform.net
dmp.adform.net
track.adform.net
5 KB
15 adsrvr.org
match.adsrvr.org
6 KB
14 simpli.fi
um.simpli.fi
5 KB
14 1rx.io
sync.1rx.io
tag.1rx.io
7 KB
14 onetag-sys.com
onetag-sys.com
11 KB
13 richaudience.com
sync.richaudience.com
3 KB
12 retargetly.com
api.retargetly.com
app.retargetly.com
11 KB
12 dotomi.com
prebid-match.dotomi.com
pubmatic-match.dotomi.com
casale-match.dotomi.com
2 KB
11 criteo.com
gum.criteo.com
mug.criteo.com
dis.criteo.com
4 KB
11 gstatic.com
fonts.gstatic.com
242 KB
10 everesttech.net
sync-tm.everesttech.net
2 KB
10 unrulymedia.com
sync.targeting.unrulymedia.com
usermatch.targeting.unrulymedia.com
3 KB
9 ad-score.com
js.ad-score.com
data.ad-score.com
117 KB
9 smartadserver.com
prg.smartadserver.com
sync.smartadserver.com
5 KB
8 sitescout.com
pixel.sitescout.com
pixel-sync.sitescout.com
2 KB
7 bidr.io
match.prod.bidr.io
3 KB
7 lockerdome.com
lockerdome.com
7 KB
6 brand-display.com
dmp.brand-display.com
962 B
6 cookieless-data.com
js.cookieless-data.com
3 KB
6 imrworldwide.com
obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com
1 KB
6 tapad.com
pixel.tapad.com
3 KB
6 admanmedia.com
cs.admanmedia.com
3 KB
6 technoratimedia.com
pixfuture.technoratimedia.com
ad-cdn.technoratimedia.com
12 KB
6 id5-sync.com
id5-sync.com
7 KB
6 lijit.com
ap.lijit.com
2 KB
6 advertising.com
pixel.advertising.com
ads.adaptv.advertising.com
2 KB
5 adotmob.com
sync.adotmob.com
1 KB
5 demdex.net
dpm.demdex.net
3 KB
5 33across.com
ssc-cms.33across.com
ssc.33across.com
516 B
5 tynt.com
de.tynt.com
ic.tynt.com
710 B
5 googleapis.com
fonts.googleapis.com
imasdk.googleapis.com
126 KB
4 eyeota.net
ps.eyeota.net
3 KB
4 m6r.eu
tracking.m6r.eu
2 KB
4 w55c.net
pm.w55c.net
3 KB
4 erne.co
green.erne.co
1018 B
4 krxd.net
beacon.krxd.net
usermatch.krxd.net
1 KB
4 spotxchange.com
sync.search.spotxchange.com
3 KB
4 emxdgt.com
hb.emxdgt.com
cs.emxdgt.com
836 B
4 amazon-adsystem.com
s.amazon-adsystem.com
aax-eu.amazon-adsystem.com
3 KB
4 google.com
adservice.google.com
www.google.com
2 KB
3 idx.lat
resources-rt.idx.lat
rt.idx.lat
8 KB
3 owneriq.net
px.owneriq.net
1 KB
3 sharethrough.com
match.sharethrough.com
550 B
3 onaudience.com
pixel.onaudience.com
1 KB
3 adgrx.com
cm.adgrx.com
1 KB
3 bluekai.com
tags.bluekai.com
961 B
3 adition.com
dsp.adfarm1.adition.com
2 KB
3 turn.com
ad.turn.com
d.turn.com
1 KB
3 adtarget.com.tr
s.console.adtarget.com.tr
sync.console.adtarget.com.tr Failed
3 KB
3 twimg.com
cdn.syndication.twimg.com
pbs.twimg.com
49 KB
3 opera.com
s.adx.opera.com
627 B
3 rlcdn.com
api.rlcdn.com Failed
id.rlcdn.com
idsync.rlcdn.com
3 agkn.com
aa.agkn.com
747 B
3 scorecardresearch.com
sb.scorecardresearch.com
2 KB
3 rfihub.com
p.rfihub.com
2 KB
3 google.de
adservice.google.de
www.google.de
1 KB
3 lockerdomecdn.com
cdn1.lockerdomecdn.com
cdn2.lockerdomecdn.com
28 KB
3 google-analytics.com
www.google-analytics.com
21 KB
3 onesignal.com
cdn.onesignal.com
onesignal.com
73 KB
2 semasio.net
uipglob.semasio.net
1 KB
2 fiftyt.com
visitor.fiftyt.com
1 KB
2 avct.cloud
ads.avct.cloud
888 B
2 betweendigital.com
ads.betweendigital.com
1 KB
2 creative-serving.com
ads.creative-serving.com
1 KB
2 scoota.co
r.scoota.co
1 KB
2 adroll.com
d.adroll.com
223 B
2 dyntrk.com
gu.dyntrk.com
430 B
2 gumgum.com
rtb.gumgum.com
g2.gumgum.com
1 KB
2 deepintent.com
match.deepintent.com
60 B
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 ad4m.at
ad4m.at
915 B
2 de17a.com
d5p.de17a.com
637 B
2 weborama.fr
idsync.frontend.weborama.fr
843 B
2 tidaltv.com
sync.tidaltv.com
791 B
2 stackadapt.com
sync.srv.stackadapt.com
896 B
2 brealtime.com
biddr.brealtime.com
2 KB
2 akamaihd.net
qsearch-a.akamaihd.net
res-a.akamaihd.net
25 KB
2 tremorhub.com
taboola-supply-partners.tremorhub.com
365 B
2 admixer.net
pixfuture-inv-nyc.admixer.net
inv-nets.admixer.net
1 KB
2 eqads.com
um2.eqads.com
563 B
2 googletagservices.com
www.googletagservices.com
73 KB
2 bnmla.com
match.bnmla.com
228 B
2 amazonaws.com
hnwebcontent.s3-us-west-1.amazonaws.com
oann-push.s3-us-west-2.amazonaws.com
3 KB
2 facebook.net
connect.facebook.net
83 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com
62 KB
2 googletagmanager.com
www.googletagmanager.com
66 KB
1 rvty.net
brain.rvty.net
623 B
1 groovinads.com
ads01.groovinads.com
592 B
1 teads.tv
sync.teads.tv
202 B
1 yieldlab.net
ad.yieldlab.net
522 B
1 2mdn.net
s0.2mdn.net
23 KB
1 ipredictive.com
sync.ipredictive.com
522 B
1 example.com
www.example.com
1 googleadservices.com
partner.googleadservices.com
247 B
1 stickyadstv.com
ads.stickyadstv.com
725 B
1 ctnsnet.com
cm.ctnsnet.com
413 B
1 advangelists.com
nep.advangelists.com
233 B
1 extend.tv
sync.extend.tv
546 B
1 cognitivlabs.com
beacon.lynx.cognitivlabs.com
380 B
1 acuityplatform.com
ums.acuityplatform.com
637 B
1 adentifi.com
rtb.adentifi.com
88 B
1 bttrack.com
bttrack.com
380 B
1 playground.xyz
ads.playground.xyz
463 B
1 bidtheatre.com
match.adsby.bidtheatre.com
550 B
1 rqtrk.eu
ws.rqtrk.eu
516 B
1 iprom.net
core.iprom.net
517 B
1 loopme.me
csync.loopme.me
185 B
1 widespace.com
engine.widespace.com
471 B
1 mookie1.com
odr.mookie1.com
324 B
1 exelator.com
loadeu.exelator.com
324 B
1 fwmrm.net
dmp.v.fwmrm.net
411 B
1 smadex.com
cm.smadex.com
535 B
1 adkernel.com
dsp.adkernel.com
233 B
1 cpx.to
s.cpx.to
945 B
1 zemanta.com
b1sync.zemanta.com
288 B
1 poll-maker.com
scripts.poll-maker.com
2 KB
1 privacypolicies.com
www.privacypolicies.com
45 KB
1 jwplatform.com
content.jwplatform.com
1 oann.com
www.oann.com
14 KB
0 ib-ibi.com Failed
global.ib-ibi.com Failed
0 quantserve.com Failed
pixel.quantserve.com Failed
977 148
Domain Requested by
35 c.disquscdn.com oann.disqus.com
disqus.com
c.disquscdn.com
www.oann.com
31 ih.adscale.de 1 redirects js.adscale.de
ih.adscale.de
31 ib.adnxs.com 18 redirects cdn.pixfuture.com
acdn.adnxs.com
spl.zeotap.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
28 eus.rubiconproject.com am-match.taboola.com
imprammp.taboola.com
eus.rubiconproject.com
ads.us.e-planning.net
s.adtelligent.com
cdn.pixfuture.com
www.oann.com
28 x.bidswitch.net 23 redirects ssum-sec.casalemedia.com
imprammp.taboola.com
am-match.taboola.com
ssum.casalemedia.com
24 s.e-planning.net ads.us.e-planning.net
24 cm.g.doubleclick.net 20 redirects eus.rubiconproject.com
eu-u.openx.net
bcp.crwdcntrl.net
22 mwzeom.zeotap.com spl.zeotap.com
ads.pubmatic.com
22 u-ams02.e-planning.net ads.us.e-planning.net
ssum.casalemedia.com
ads.pubmatic.com
22 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
um2.eqads.com
ssum.casalemedia.com
22 dzm0ugdauank9.cloudfront.net www.oann.com
20 sync.quantumdex.io ads.us.e-planning.net
sync.quantumdex.io
ssum-sec.casalemedia.com
20 images.taboola.com www.oann.com
vidstat.taboola.com
19 ups.analytics.yahoo.com 12 redirects ssum-sec.casalemedia.com
www.oann.com
ssum.casalemedia.com
16 simage2.pubmatic.com ads.pubmatic.com
16 a.audrte.com 5 redirects ads.us.e-planning.net
a.audrte.com
www.oann.com
ads.pubmatic.com
16 cdn.pixfuture.com www.oann.com
cdn.pixfuture.com
served-by.pixfuture.com
15 ads.pubmatic.com ads.us.e-planning.net
s.adtelligent.com
s.console.adtarget.com.tr
cdn.pixfuture.com
ads.pubmatic.com
15 sync.go.sonobi.com router.infolinks.com
ads.us.e-planning.net
sync.quantumdex.io
15 match.adsrvr.org 8 redirects ssum-sec.casalemedia.com
cdn.pixfuture.com
imprammp.taboola.com
am-match.taboola.com
eus.rubiconproject.com
eu-u.openx.net
bcp.crwdcntrl.net
15 router.infolinks.com resources.infolinks.com
router.infolinks.com
ssum-sec.casalemedia.com
14 um.simpli.fi 7 redirects ads.pubmatic.com
ssum.casalemedia.com
ssum-sec.casalemedia.com
14 onetag-sys.com router.infolinks.com
ads57.adtelligent.com
cdn.pixfuture.com
ads.us.e-planning.net
sync.quantumdex.io
13 sync.richaudience.com 6 redirects ads.us.e-planning.net
spl.zeotap.com
13 platform.twitter.com www.oann.com
platform.twitter.com
12 ads3.admatic.com.tr cdn.admatic.com.tr
s.console.adtarget.com.tr
12 sync.e-planning.net ads.us.e-planning.net
sync.quantumdex.io
12 sync.1rx.io 12 redirects
12 pagead2.googlesyndication.com www.googletagmanager.com
cdn.pixfuture.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.oann.com
googleads.g.doubleclick.net
11 secure-assets.rubiconproject.com 11 redirects
11 ads57.adtelligent.com www.oann.com
ads57.adtelligent.com
11 fonts.gstatic.com fonts.googleapis.com
10 sync-tm.everesttech.net 6 redirects ssum.casalemedia.com
9 sync.mathtag.com 9 redirects
9 js.adscale.de s.console.adtarget.com.tr
js.adscale.de
ih.adscale.de
9 served-by.pixfuture.com securepubads.g.doubleclick.net
cdn.pixfuture.com
pagead2.googlesyndication.com
9 ssum-sec.casalemedia.com 1 redirects router.infolinks.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
sync.quantumdex.io
9 disqus.com oann.disqus.com
c.disquscdn.com
8 app.retargetly.com api.retargetly.com
www.oann.com
8 ssum.casalemedia.com 2 redirects ads.us.e-planning.net
7 sync.crwdcntrl.net 1 redirects bcp.crwdcntrl.net
7 bcp.crwdcntrl.net 2 redirects ssum-sec.casalemedia.com
tags.crwdcntrl.net
api.retargetly.com
7 match.prod.bidr.io 3 redirects ssum.casalemedia.com
ads.pubmatic.com
eu-u.openx.net
7 spl.zeotap.com ads.us.e-planning.net
ads.pubmatic.com
7 ads.us.e-planning.net 1 redirects ads57.adtelligent.com
s.console.adtarget.com.tr
cdn.pixfuture.com
7 contextual.media.net ads57.adtelligent.com
contextual.media.net
www.oann.com
cdn.pixfuture.com
7 secure.adnxs.com 3 redirects cdn.pixfuture.com
ssum.casalemedia.com
ssum-sec.casalemedia.com
7 c1.adform.net 3 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
ssum.casalemedia.com
7 cdn.taboola.com www.oann.com
cdn.taboola.com
7 image2.pubmatic.com 2 redirects ads.pubmatic.com
7 lockerdome.com cdn2.lockerdomecdn.com
www.oann.com
6 pixel.mathtag.com api.retargetly.com
pixel.mathtag.com
www.oann.com
6 ads4.admatic.com.tr 6 redirects
6 dmp.brand-display.com ssum.casalemedia.com
ssum-sec.casalemedia.com
6 js.cookieless-data.com s.e-planning.net
6 obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com 6 redirects
6 pixel.tapad.com 4 redirects spl.zeotap.com
api.retargetly.com
6 tags.crwdcntrl.net s.e-planning.net
6 pr-bh.ybp.yahoo.com 2 redirects ssum.casalemedia.com
ads.pubmatic.com
eu-u.openx.net
6 eu-u.openx.net cdn.pixfuture.com
eu-u.openx.net
6 cdn.admatic.com.tr s.console.adtarget.com.tr
cdn.admatic.com.tr
6 cs.admanmedia.com 6 redirects
6 prebid-match.dotomi.com ads.us.e-planning.net
6 data.ad-score.com js.ad-score.com
6 prg.smartadserver.com cdn.pixfuture.com
6 id5-sync.com 1 redirects cdn.pixfuture.com
sync.quantumdex.io
www.oann.com
6 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
6 ap.lijit.com 2 redirects cdn.pixfuture.com
6 sync.targeting.unrulymedia.com 6 redirects
6 securepubads.g.doubleclick.net www.oann.com
securepubads.g.doubleclick.net
www.googletagservices.com
5 sync.adotmob.com 5 redirects
5 dsum.casalemedia.com ssum.casalemedia.com
ssum-sec.casalemedia.com
5 casale-match.dotomi.com 5 redirects
5 dpm.demdex.net 3 redirects ssum.casalemedia.com
ssum-sec.casalemedia.com
5 pixel-sync.sitescout.com 3 redirects api.retargetly.com
bcp.crwdcntrl.net
5 pixel.rubiconproject.com eus.rubiconproject.com
5 rtb.openx.net 4 redirects eu-u.openx.net
5 trc.taboola.com 2 redirects cdn.taboola.com
spl.zeotap.com
5 pixel.advertising.com 5 redirects
5 stats.g.doubleclick.net www.google-analytics.com
lockerdome.com
4 api.retargetly.com 1 redirects s.e-planning.net
api.retargetly.com
4 ps.eyeota.net www.oann.com
4 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
4 tracking.m6r.eu 4 redirects
4 pm.w55c.net 4 redirects
4 usermatch.targeting.unrulymedia.com sync.quantumdex.io
4 green.erne.co 4 redirects
4 image6.pubmatic.com 2 redirects ads.pubmatic.com
4 token.rubiconproject.com 4 redirects
4 c21lg-d.media.net contextual.media.net
4 sync.search.spotxchange.com 4 redirects
4 pixfuture.technoratimedia.com cdn.pixfuture.com
4 mug.criteo.com www.oann.com
4 gum.criteo.com 2 redirects
4 image4.pubmatic.com 2 redirects ads.pubmatic.com
4 image8.pubmatic.com 4 redirects
4 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
www.oann.com
4 fonts.googleapis.com www.oann.com
cdn.pixfuture.com
client
3 px.owneriq.net 2 redirects ssum-sec.casalemedia.com
3 match.sharethrough.com 3 redirects
3 pixel.onaudience.com 3 redirects
3 cm.adgrx.com ads.pubmatic.com
ssum.casalemedia.com
3 dis.criteo.com 2 redirects ads.pubmatic.com
3 tags.bluekai.com 2 redirects bcp.crwdcntrl.net
3 beacon.krxd.net spl.zeotap.com
bcp.crwdcntrl.net
3 sync.smartadserver.com 3 redirects
3 dsp.adfarm1.adition.com 3 redirects
3 dmp.adform.net 2 redirects spl.zeotap.com
3 cm.adform.net s.console.adtarget.com.tr
googleads.g.doubleclick.net
3 pixel.sitescout.com 3 redirects
3 acdn.adnxs.com www.oann.com
cdn.pixfuture.com
3 s.adtelligent.com ads57.adtelligent.com
cdn.pixfuture.com
3 ic.tynt.com ads57.adtelligent.com
cdn.pixfuture.com
3 s.console.adtarget.com.tr ads57.adtelligent.com
cdn.pixfuture.com
3 js.ad-score.com ads57.adtelligent.com
js.ad-score.com
3 fra1-ib.adnxs.com ads57.adtelligent.com
www.oann.com
cdn.adnxs.com
3 imprammp.taboola.com www.oann.com
vidstat.taboola.com
3 prebidserver.pixfuture.com cdn.pixfuture.com
www.oann.com
3 s.adx.opera.com cdn.pixfuture.com
3 15.taboola.com cdn.taboola.com
3 aa.agkn.com 1 redirects cdn.pixfuture.com
3 syndication.twitter.com platform.twitter.com
www.oann.com
3 sb.scorecardresearch.com 1 redirects cdn.taboola.com
www.oann.com
3 ssc-cms.33across.com router.infolinks.com
cdn.pixfuture.com
3 p.rfihub.com 3 redirects
3 referrer.disqus.com www.oann.com
3 oann.disqus.com dzm0ugdauank9.cloudfront.net
oann.disqus.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 cs.emxdgt.com 2 redirects
2 rt.idx.lat resources-rt.idx.lat
2 googleads4.g.doubleclick.net googleads.g.doubleclick.net
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 visitor.fiftyt.com 2 redirects
2 ads.avct.cloud 2 redirects
2 ads.betweendigital.com 2 redirects
2 simage4.pubmatic.com ads.pubmatic.com
2 ads.creative-serving.com 2 redirects
2 r.scoota.co 2 redirects
2 track.adform.net 2 redirects
2 adscale-emea.adnxs.com 2 redirects
2 idsync.rlcdn.com ssum.casalemedia.com
ssum-sec.casalemedia.com
2 d.adroll.com 2 redirects
2 gu.dyntrk.com ssum.casalemedia.com
ssum-sec.casalemedia.com
2 match.deepintent.com ads.pubmatic.com
ssum.casalemedia.com
2 ad4m.at ads.pubmatic.com
ssum.casalemedia.com
2 d5p.de17a.com 2 redirects
2 aax-eu.amazon-adsystem.com 1 redirects spl.zeotap.com
2 cms.analytics.yahoo.com 1 redirects api.retargetly.com
2 idsync.frontend.weborama.fr 2 redirects
2 sync.tidaltv.com 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 ad.turn.com 2 redirects
2 us-u.openx.net eu-u.openx.net
2 biddr.brealtime.com cdn.pixfuture.com
2 ad-cdn.technoratimedia.com cdn.pixfuture.com
2 pbs.twimg.com www.oann.com
2 lg3.media.net www.oann.com
2 sync-t1.taboola.com imprammp.taboola.com
am-match.taboola.com
2 taboola-supply-partners.tremorhub.com imprammp.taboola.com
am-match.taboola.com
2 wf.taboola.com vidstat.taboola.com
2 c3.taboola.com www.oann.com
2 tag.1rx.io cdn.pixfuture.com
2 ghb.adtelligent.com cdn.pixfuture.com
2 hbopenbid.pubmatic.com cdn.pixfuture.com
2 prebid.media.net cdn.pixfuture.com
2 fastlane.rubiconproject.com cdn.pixfuture.com
2 hb.emxdgt.com cdn.pixfuture.com
2 ssc.33across.com cdn.pixfuture.com
2 apex.go.sonobi.com cdn.pixfuture.com
2 pixfuture2-d.openx.net cdn.pixfuture.com
2 um2.eqads.com 1 redirects ssum-sec.casalemedia.com
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 www.googletagservices.com securepubads.g.doubleclick.net
googleads.g.doubleclick.net
2 match.bnmla.com router.infolinks.com
ads.pubmatic.com
2 u.openx.net 2 redirects
2 de.tynt.com 1 redirects router.infolinks.com
2 www.google.com www.oann.com
tpc.googlesyndication.com
2 adservice.google.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
2 adservice.google.de securepubads.g.doubleclick.net
pagead2.googlesyndication.com
2 resources.infolinks.com www.googletagmanager.com
www.oann.com
2 cdn1.lockerdomecdn.com www.googletagmanager.com
cdn1.lockerdomecdn.com
2 cdn.onesignal.com www.oann.com
cdn.onesignal.com
2 d2pggiv3o55wnc.cloudfront.net www.oann.com
2 connect.facebook.net www.oann.com
connect.facebook.net
2 maxcdn.bootstrapcdn.com www.oann.com
maxcdn.bootstrapcdn.com
2 www.googletagmanager.com www.oann.com
1 d.turn.com 1 redirects
1 inv-nets.admixer.net 1 redirects
1 am-wf.taboola.com vidstat.taboola.com
1 brain.rvty.net 1 redirects
1 ads01.groovinads.com api.retargetly.com
1 sync.teads.tv 1 redirects
1 ad.yieldlab.net googleads.g.doubleclick.net
1 s0.2mdn.net googleads.g.doubleclick.net
1 resources-rt.idx.lat api.retargetly.com
1 beacon-ams3.rubiconproject.com www.oann.com
1 sync.ipredictive.com 1 redirects
1 aud.pubmatic.com ads.pubmatic.com
1 www.example.com www.oann.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 ads.adaptv.advertising.com cdn.pixfuture.com
1 g2.gumgum.com cdn.pixfuture.com
1 c2shb.ssp.yahoo.com cdn.pixfuture.com
1 i.e-planning.net cdn.pixfuture.com
1 prebid-server.rubiconproject.com cdn.pixfuture.com
1 imasdk.googleapis.com cdn.pixfuture.com
1 ads.stickyadstv.com ssum-sec.casalemedia.com
1 cm.ctnsnet.com 1 redirects
1 nep.advangelists.com 1 redirects
1 sync.extend.tv 1 redirects
1 beacon.lynx.cognitivlabs.com 1 redirects
1 ums.acuityplatform.com 1 redirects
1 rtb.adentifi.com ssum-sec.casalemedia.com
1 bttrack.com ssum.casalemedia.com
1 rtb.gumgum.com ads.pubmatic.com
1 ads.playground.xyz 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 ws.rqtrk.eu 1 redirects
1 match.taboola.com ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 core.iprom.net 1 redirects
1 csync.loopme.me 1 redirects
1 usermatch.krxd.net 1 redirects
1 engine.widespace.com 1 redirects
1 odr.mookie1.com spl.zeotap.com
1 loadeu.exelator.com spl.zeotap.com
1 dmp.v.fwmrm.net spl.zeotap.com
1 pixel-eu.rubiconproject.com eus.rubiconproject.com
1 cm.smadex.com 1 redirects
1 cds.taboola.com cdn.taboola.com
1 id.rlcdn.com eus.rubiconproject.com
1 ads.yahoo.com eus.rubiconproject.com
1 pips.taboola.com cdn.taboola.com
1 res-a.akamaihd.net www.oann.com
1 hblg.media.net www.oann.com
1 cdn.adnxs.com ads57.adtelligent.com
1 warp.media.net ads57.adtelligent.com
1 qsearch-a.akamaihd.net ads57.adtelligent.com
1 cdn.syndication.twimg.com platform.twitter.com
1 am-vid-events.taboola.com www.oann.com
1 am-match.taboola.com vidstat.taboola.com
1 pixfuture-inv-nyc.admixer.net 1 redirects
1 dsp.adkernel.com router.infolinks.com
1 s.cpx.to router.infolinks.com
1 b1sync.zemanta.com 1 redirects
1 tempest.services.disqus.com oann.disqus.com
1 cdn2.lockerdomecdn.com cdn1.lockerdomecdn.com
1 www.google.de www.oann.com
1 d75550029ba183372abcd49096ced8df.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 onesignal.com cdn.onesignal.com
1 scripts.poll-maker.com www.oann.com
1 oann-push.s3-us-west-2.amazonaws.com www.oann.com
1 www.privacypolicies.com www.oann.com
1 hnwebcontent.s3-us-west-1.amazonaws.com www.oann.com
1 content.jwplatform.com www.oann.com
1 www.oann.com
0 global.ib-ibi.com Failed bcp.crwdcntrl.net
0 pixel.quantserve.com Failed eu-u.openx.net
ads.pubmatic.com
ssum.casalemedia.com
ssum-sec.casalemedia.com
0 sync.console.adtarget.com.tr Failed s.console.adtarget.com.tr
ads.us.e-planning.net
js.adscale.de
0 sync.adtelligent.com Failed ads57.adtelligent.com
www.oann.com
s.adtelligent.com
cdn.pixfuture.com
ads.us.e-planning.net
0 aux-log2-ah.adtelligent.com Failed ads57.adtelligent.com
0 api.rlcdn.com Failed cdn.pixfuture.com
977 264

This site contains links to these domains. Also see Links.

Domain
store.oann.com
www.klowdtv.com
pbs.twimg.com
www.facebook.com
www.pixfuture.com
lockerdome.com
Subject Issuer Validity Valid
www.herringnetwork.com
Sectigo RSA Domain Validation Secure Server CA		 2020-07-17 -
2022-10-19		 2 years crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-03-01 -
2022-02-28		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
jwplayer.com
Amazon		 2021-01-29 -
2022-02-26		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-08-21 -
2021-11-19		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-20 -
2022-10-19		 a year crt.sh
*.s3-us-west-1.amazonaws.com
DigiCert Baltimore CA-2 G2		 2021-06-23 -
2022-07-24		 a year crt.sh
privacypolicies.com
Cloudflare Inc ECC CA-3		 2021-06-26 -
2022-06-25		 a year crt.sh
*.s3-us-west-2.amazonaws.com
Amazon		 2021-03-26 -
2022-03-05		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.disqus.com
DigiCert SHA2 Secure Server CA		 2020-04-20 -
2022-05-09		 2 years crt.sh
*.lockerdomecdn.com
Amazon		 2021-02-24 -
2022-03-25		 a year crt.sh
*.google.de
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
a.disquscdn.com
Amazon		 2021-10-31 -
2022-11-28		 a year crt.sh
*.lockerdome.com
Go Daddy Secure Certificate Authority - G2		 2021-09-27 -
2022-10-29		 a year crt.sh
*.services.disqus.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-26 -
2022-05-28		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
onetag-sys.com
R3		 2021-11-02 -
2022-01-31		 3 months crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2020-12-06 -
2022-01-07		 a year crt.sh
*.adkernel.com
Sectigo RSA Domain Validation Secure Server CA		 2020-12-22 -
2022-01-05		 a year crt.sh
*.bnmla.com
Go Daddy Secure Certificate Authority - G2		 2021-01-06 -
2022-02-07		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
*.pixfuture.com
Sectigo RSA Domain Validation Secure Server CA		 2019-12-03 -
2021-12-02		 2 years crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-17 -
2022-02-09		 6 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
um3.eqads.com
Amazon		 2021-06-26 -
2022-07-25		 a year crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
*.agkn.com
RapidSSL RSA CA 2018		 2020-07-25 -
2022-09-18		 2 years crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-09 -
2021-12-07		 3 months crt.sh
*.id5-sync.com
R3		 2021-10-05 -
2022-01-03		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.adx.opera.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-14 -
2022-06-10		 a year crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-17 -
2022-10-05		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
ssc.33across.com
GTS CA 1D4		 2021-09-28 -
2021-12-27		 3 months crt.sh
*.emxdgt.com
Amazon		 2021-07-02 -
2022-07-31		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-04		 a year crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2021-04-12 -
2022-05-05		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2021-08-04 -
2022-09-04		 a year crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2021-10-09 -
2022-01-07		 3 months crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2021-06-01 -
2022-07-02		 a year crt.sh
*.tremorhub.com
Amazon		 2021-06-27 -
2022-07-26		 a year crt.sh
ads57.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2021-10-10 -
2022-01-08		 3 months crt.sh
a248.e.akamai.net
DigiCert SHA2 Secure Server CA		 2021-07-15 -
2022-07-20		 a year crt.sh
cdn.adnxs.com
GlobalSign Organization Validated CA - SHA256 - G4		 2021-05-10 -
2022-06-11		 a year crt.sh
*.ad-score.com
Go Daddy Secure Certificate Authority - G2		 2021-09-02 -
2022-10-04		 a year crt.sh
s.console.adtarget.com.tr
ZeroSSL ECC Domain Secure Site CA		 2021-09-30 -
2021-12-29		 3 months crt.sh
ads.us.e-planning.net
R3		 2021-10-09 -
2022-01-07		 3 months crt.sh
s.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2021-10-04 -
2022-01-02		 3 months crt.sh
*.e-planning.net
R3		 2021-10-22 -
2022-01-20		 3 months crt.sh
*.audrte.com
Amazon		 2021-01-26 -
2022-02-24		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
*.adscale.de
Amazon		 2021-08-08 -
2022-09-06		 a year crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-28 -
2022-06-15		 a year crt.sh
cdn.admatic.com.tr
R3		 2021-10-16 -
2022-01-14		 3 months crt.sh
*.brealtime.com
Go Daddy Secure Certificate Authority - G2		 2020-01-22 -
2022-03-22		 2 years crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-24 -
2022-02-16		 6 months crt.sh
*.match.prod.bidr.io
Amazon		 2021-02-26 -
2022-03-27		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-03-22 -
2022-04-23		 a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-17 -
2021-12-18		 a year crt.sh
*.exelator.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-06-02 -
2022-06-07		 a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-22 -
2022-03-25		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-03 -
2022-11-02		 a year crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-17 -
2022-03-16		 a year crt.sh
ads4.admatic.com.tr
R3		 2021-10-05 -
2022-01-03		 3 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.gumgum.com
Amazon		 2021-06-05 -
2022-07-04		 a year crt.sh
js.cookieless-data.com
R3		 2021-09-30 -
2021-12-29		 3 months crt.sh
*.targeting.unrulymedia.com
DigiCert SHA2 Secure Server CA		 2020-05-04 -
2022-05-09		 2 years crt.sh
*.brand-display.com
GeoTrust RSA CA 2018		 2020-06-24 -
2022-06-24		 2 years crt.sh
*.dyntrk.com
R3		 2021-10-23 -
2022-01-21		 3 months crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2021-03-29 -
2022-03-29		 a year crt.sh
adentifi.com
Amazon		 2021-09-04 -
2022-10-03		 a year crt.sh
ads.stickyadstv.com
DigiCert SHA2 Secure Server CA		 2021-09-19 -
2022-09-20		 a year crt.sh
i.e-planning.net
Sectigo RSA Domain Validation Secure Server CA		 2021-02-03 -
2022-03-06		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-10-14 -
2022-04-06		 6 months crt.sh
*.v.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-10-19 -
2022-04-13		 6 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2021-10-18 -
2022-04-26		 6 months crt.sh
*.eyeota.net
R3		 2021-10-26 -
2022-01-24		 3 months crt.sh
www.example.org
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-24 -
2021-12-25		 a year crt.sh
*.retargetly.com
Sectigo RSA Domain Validation Secure Server CA		 2020-12-22 -
2021-12-22		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
idx.lat
Amazon		 2021-10-31 -
2022-11-28		 a year crt.sh
pixel.mathtag.com
DigiCert SHA2 Secure Server CA		 2021-06-29 -
2022-07-07		 a year crt.sh
*.tapad.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-13 -
2022-10-14		 a year crt.sh
*.sitescout.com
RapidSSL RSA CA 2018		 2020-01-15 -
2022-02-02		 2 years crt.sh
*.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-05-24 -
2021-11-17		 6 months crt.sh
*.groovinads.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-01 -
2022-03-03		 a year crt.sh

This page contains 195 frames:

Primary Page: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Frame ID: 53E1E1EB2AC603C1B125E70772D7CCF0
Requests: 141 HTTP requests in this frame

Frame: https://d75550029ba183372abcd49096ced8df.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F4F73A4329546869C9C58749CA5915FD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20190131/zrt_lookup.html
Frame ID: 0FC53583E586C7F72905BCC7C5F5B6D4
Requests: 1 HTTP requests in this frame

Frame: https://lockerdome.com/lad/13804039184004198?pubid=ld-13804039184004198&pubo=https%3A%2F%2Fwww.oann.com&rid=&width=374
Frame ID: F4E490FFACF72C214662A2F65080963E
Requests: 2 HTTP requests in this frame

Frame: https://lockerdome.com/lad/13247072555993446?pubid=ld-13247072555993446&pubo=https%3A%2F%2Fwww.oann.com&rid=&width=777
Frame ID: 71263E7524270CAF7D33F9D026E4E6B9
Requests: 2 HTTP requests in this frame

Frame: https://lockerdome.com/lad/13247071683578214?pubid=ld-13247071683578214&pubo=https%3A%2F%2Fwww.oann.com&rid=&width=777
Frame ID: F33FAAF3D7D950918E5BBFFDDD3387E4
Requests: 2 HTTP requests in this frame

Frame: https://router.infolinks.com/usync/manage?pid=3311725&wsid=0&pdom=www.oann.com&purl=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F
Frame ID: B85EF3227BF960DF0A01FE04BA372552
Requests: 17 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=oann&t_i=2578519%20https%3A%2F%2Fwww.oann.com%2F%3Fp%3D2578519&t_u=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&t_e=Federal%20court%20orders%20Biden%E2%80%99s%20DOJ%20to%20stop%20extracting%20data%20from%20phones%20of%20Project%20Veritas%20founder%20James%20O%E2%80%99Keefe&t_d=Federal%20court%20orders%20Biden%E2%80%99s%20DOJ%20to%20stop%20extracting%20data%20from%20phones%20of%20Project%20Veritas%20founder%20James%20O%E2%80%99Keefe&t_t=Federal%20court%20orders%20Biden%E2%80%99s%20DOJ%20to%20stop%20extracting%20data%20from%20phones%20of%20Project%20Veritas%20founder%20James%20O%E2%80%99Keefe&s_o=default
Frame ID: 2DCF7983C37C34DDC7A55A0341E10B33
Requests: 27 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Frame ID: 07F5DAD9925672DFE3DEBE347CA19E1F
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Frame ID: 8394271225F5A5F8061BC4E7C5E07B89
Requests: 9 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90
Frame ID: 5BF801C8432509670C7FD1FD11203862
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsukY8RXlZ8O1lkullNR9e_xj_CXZ5vklpWmop_tNhdc7HlC1VFmfk8QCUjgKJhGsS1gb3r7woplSCxGT-cvd7PE2BP8keyJjGwjjR2yWBL2t5OTEeKwT8OVaYdH7-8qZazUcudCw4xm6XOI3Ceto0JEtGD9A7rP8fjPTxSbD6vzhGFytylOonuj4WmCS4Vm8mTFSgVg1loOeX_0pmMDOC-F-dYaX29GAEfFs1GwY9bvR90q2h29t1QYSj88ciKcJGyikAWH6ipKKaYdfYRGUICRseuPX7vzOFGjx09kQf6FernoJrR-mnZHNF9rk_A&sai=AMfl-YT5bPz0suOTa4Qn6bfPa2C6EGd9fmOSdB8MDHz_tVlnhgXpUHzE5pUrn41ew01B_b9J7BmT4omCIeQYVl6EmkoQtTDKouAGASS18b2ekWJuNUZnjHuKmofCFnDitMU&sig=Cg0ArKJSzOlMy_fi6XyZEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 3239A5E9F2E1D7FA117F2931DDB98E3D
Requests: 39 HTTP requests in this frame

Frame: https://disqus.com/recommendations/?base=default&f=oann&t_i=2578519%20https%3A%2F%2Fwww.oann.com%2F%3Fp%3D2578519&t_u=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&t_e=Federal%20court%20orders%20Biden%E2%80%99s%20DOJ%20to%20stop%20extracting%20data%20from%20phones%20of%20Project%20Veritas%20founder%20James%20O%E2%80%99Keefe&t_d=Federal%20court%20orders%20Biden%E2%80%99s%20DOJ%20to%20stop%20extracting%20data%20from%20phones%20of%20Project%20Veritas%20founder%20James%20O%E2%80%99Keefe&t_t=Federal%20court%20orders%20Biden%E2%80%99s%20DOJ%20to%20stop%20extracting%20data%20from%20phones%20of%20Project%20Veritas%20founder%20James%20O%E2%80%99Keefe
Frame ID: 80704A26D61F919397A03A93A920B5BB
Requests: 19 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/disqus-network/loader.js
Frame ID: 132F9B32F7B80490CAAF32FFED43C04E
Requests: 44 HTTP requests in this frame

Frame: https://lockerdome.com/lad/14262018928489574?pubid=ld-14262018928489574&pubo=https%3A%2F%2Fwww.oann.com&rid=&width=1560
Frame ID: 3B699A8EF848D9E1D0689C9D3033BF9B
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Fwww.oann.com
Frame ID: C3C3D8F7FD55863CE18215E94965BF63
Requests: 2 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: 6103C7A99966CC3AD27543299F0CBE23
Requests: 2 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.b23ff3c36dd0169627f8e54ca1621eca.css
Frame ID: D6C2E463ABDBB81B96018D412CED5C3F
Requests: 1 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.b23ff3c36dd0169627f8e54ca1621eca.css
Frame ID: DF4A85D8FC66F22FAAFF100991729F84
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=DC5A89F54276567556757653211&cicmp=1337627&cijs=1&dast=V79s0CFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHHMRhLYjLGWs02c1Ws91qtVrMhovJarmbDJcwMYvFYjRcrUZjzWKxGE1mq-EUDLbwOd3dbQgMRNPp8Lnu9brf76532O12jd_tl7lMLsvD7Nb4XZfTW285uSyft8Rpctk9b5Hf6hb93ZrT3_BWGU-Xh8f0tPvcIofp4ZZZ_m634Oi3uzxvvc0tuPytLo_pLXtZnqaH5y3zu-4ml-Utdbhdnrfe63LZXH45AAAAADwAELVEQ-z4NrRHAAAAAEjwjFwrUARU_FsIXAAAAABgABCIhWsAQHEovMVl-ZxOfsvNHwAADwogAAACGCEABUYWIgAAAAAjAAAAACQAAomFJQAOd4smAAABfRI4_j4nAAAAB3UyT9ss_____zEAee9NMgAUaRs3Bj0ADz4AD0IAAAAfQ3_dTHyzPbXVRAWWRYwAAAAAto7tlI4mdUJlUfX___9vBXAFABDQJ4Hjj5Z1c1LMGgYAABAwtkAPi99vdtg1frfL_v_________N_s8A0IR6uFLSgkii2NV4Rq4V1n4BAQDY3g0A4E0ALuYA7AAAAADu_v____MAAACa9ijZXqvx7FHW-wy28Dnd3fWbsMVoNZlslsPZcjEZDEfD0Wh_Arka4EQMlsvJZDHZrUar0Wa4G80GCxSIwQQpWjSYrEajyWIyXI0mq9lysdttkKJVq9loMxiuZpPZbrcaDobL0QgnbDFaTSab5XC2XEwGw9FwNBriQdW5dD6vzseGXMwVy-VcsRjOdaNVAgAAAAAAAABYwpR5EwAAAIDTIGazyW634sabPRPEWq2WNQAAAAC3buQA!&excid=22&tst=1&docw=0&cs=false
Frame ID: 1B0D3A00F1AC29CA19316F1CB5FB603C
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=058D7DAB577273184651956307&cicmp=1337627&cijs=1&dast=V7Se8CFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHGrAajngjBoW12012m8VwM1mMVsvVYDFawsQsFovRcLUajTWLxWI0ma2GUzDYwud0d7chMBBNp8Pnutfrfr-73mG32zV-t1_mMrksD7Nb43ddTm-95eSyfN4Sp8ll97xFfqtb9HdrTn_DW2U8XR4e09Puc4scpodbZvm73YKj3-7yvPU2t-Dyt7o8prfsZXmaHp63zO-6m1yWt9Thdnneeq_LZXP55QAAAADwAEDUEg2x49vQHgEAAAAgwTNyrUARUPFvIXABAAAAgAFAIBauAQDFofAWl-VzOvktN38AADwogAAACGCEABQYWYgAAAAAjAAAAACQAAgkFpYAONwtmgAABPRJ4Pj7nAAAABzUyTxts_z____HAOS9N8kAUKRt3Bj0ADz4ADwIAQAAfAylSa2VFIcTZREVKBYxAgAAANg6tlM6mtQJlUXV____vxXAFQBAQJ8Ejr9Z1s1JMWsYAABAwNgCPSx-v9lh1_jdLvv_________N_s_A0AT6uFKSQsiiWJX4xm5Vlj7BQQAYHs3AIA3AbiYA7ADAAAAuPv____PAwAAaNqjZHutxrNHWe8z2MLndHfXb8IWo9VkslkOZ8vFZDAcDUej_QnkaoATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiAdV59L5vDofG3IxVyyXc8ViONeNVgkAAAAAAAAAYAlT5k0AAAAAToOYzSa73Yobb_ZMEGu1WtYAAAAA3LqRAw!&excid=22&tst=1&docw=0&cs=false
Frame ID: 166B97AB1D8C4E2E9809429BA9F6ED08
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1458904181540995079&lang=en&origin=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&sessionId=6cdd71d210df1c09d32d5179b0a61410ce4fe9c9&theme=light&widgetsVersion=f001879%3A1634581029404&width=550px
Frame ID: C1E43959429FB3ECC67C4768CF252466
Requests: 15 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8061395&crid=4711345&dast=V7uckCFgNjSzY4k9p6fwRjSzY4k9p6fwUAAAAGBuIHG7AajngjBoW12012m8VuMhmslrPBYLDaDWEDVsMRb8SgsHa7yW6z2C0Wk9lmNhnNdsspBCLuReR3O5x2i3QgEZpOh891r9f9fne9w263a_xui1ggURkPL8vT7bKbLtKBRO4y_f6Wr7_ksjlcZ9NFLJAI_p6n6em3W6QDicRvOv3dFrFAojn6Lae7w-2ySAcSvcNut4gFEtnD8nTYTRfpQCJzmM2mo-Xv-hkt6jcEBqLpdPhc93rd73fXO-x2u8bv9stcJpflYXZr_K7L6a23nFyWz1viNLnsnrfIb3WL_m7N6W94q4yny8Njetp9bpHD9HDLLH-3W3D0212et97mFlz-VpfH9Ja9LE_Tw_OW-V13k8vyljrcLs9b73W5bC6_HAAAAAAeAI7GYyF-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAAKUqM0AKA4FN7isnxOJ7_l5g8AgAcFEAAAAQwSgAG3phIACbKwEwAAAAAAAAAAlv____8YgL2AaRmAC8CxHoAHH4AHogLFIkYAAAAAW8d2SkeTOqGyqAIAIEi3ArgCAAjok8DxLwoDAAAIEJO9n91VZX-IGVugh8XvNzvsGr_bZQAAAAAAAAAAZv9n_2hCPVwpaUEkUexqv4AAAGu_gAAAbOoGAPAmABdygYFoOh0-171e9_vd9Q673a7xu_0yl8lleZjdGr_rcnrrLSeX5fOWOE0uu-ct8lvdor9bc_ob3irj6fLwmJ52n1vkMD3cMsvf7RYc_XaX5623uQWXv9XlMb1lL8vT9PC8ZX7X3eSyvKUOt8vz1ntdLpvLLzqCVgwGq1OI3XC22I0Wu8HsAAAAAO7-____8WTvZ3dV2R9i9EDGMlrZRiubcTAZGWYrk8kxW84mo9Vw49jNLKaV9zhlZisx0BMR-gIR9yLyux1Ou0U6kAhNp8Pnutfrfr-73mG32zV-t0UskKiMh5fl6XbZTRfpQCJ3mX5_y9dfctkcrrPpIhZIBH_P0_T02y3SgUTiN53-botYINEc_ZbT3eF2WaQDid5ht1vEAonsYXk67KaLdCCROcxm09Hyd_2MFvX9JmwxWk0mm-VwtlxMBsPRcDTan0CuBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBihYNJqvRaLKYDFejyWq2XOx2G6Ro1Wo22gyGq9lkttuthoPhcjTCCVuMVpPJZjmcLReTwXA0HI2GCBOW4WiwWK3cCsNm5hZNHB63cLjZrSWL3WiyGCxXDo9xLXp9TMfhbrYbDLcoGPC3F8FFOhE5PY_X5617mnwu01vvsNstYonmZJFOZJd9xzJa2UYrm3EwGRlmK5PJMVvOJqPVcOPYzSymlb9hGY4Gi9XKrTBsZm7RxOFxC4eb3Vqy2I0mi8Fy5fAY16LXx3Qc7ma7wXDfmG1ms-FwMhvtG7PNbDYcTmajfYfJ9Ex9zkbTX2PwmLzRaDWklJkPCpfB4v1JTItpd3bw_H5Hp8oZeRZ0RuHle_QaFJ6DRzUdn_0617j6tVZU3oNBEUsEp4t0InoZTxexRPK0SCfKmc23nFgcC4trMZzZbM7ZyLMxOVwb22DmMDlcE7FEabpIJ3qZy-SyPMxujd91Ob31lpPL8nlLnCaX3fMW-a1u0d-tOf0Nb5XxdHl4TE-7zy1ymB5umeXvdguOfrvL89bb3ILL3-rymN6yl-VpenjeMr_rbnJZ3lKH2-V5670ul81lUf-xIRdzxXI5VyyGc91olQAAAAAAAAAAljBn3gQAAADgNJDJaDhaLRcAAmdRFxgEAAAAAABg9x5silJb5uuiuPFjCXJ6Hq_PW_c0-Vymt95ht1sZ4MFpkXmzZ4JYq9WyBgAAEMAGAAAIyM6tm7eAMEsO!&cmcv=&pix=undefined&cb=1636688265231&uv=3065&tms=1636688265231&abt=adh5c-1_vA!adh5c_vA!t45!ufm&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=058D7DAB5772731722059600057&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 9459FF00387BF9183A35740AEDF6D8A4
Requests: 5 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7uckCFgNjSzY4k9p6fwRjSzY4k9p6fwUAAAAGBuIHG7AajngjBoW12012m8VuMhmslrPBYLDaDWEDVsMRb8SgsHa7yW6z2C0Wk9lmNhnNdsspBCLuReR3O5x2i3QgEZpOh891r9f9fne9w263a_xui1ggURkPL8vT7bKbLtKBRO4y_f6Wr7_ksjlcZ9NFLJAI_p6n6em3W6QDicRvOv3dFrFAojn6Lae7w-2ySAcSvcNut4gFEtnD8nTYTRfpQCJzmM2mo-Xv-hkt6jcEBqLpdPhc93rd73fXO-x2u8bv9stcJpflYXZr_K7L6a23nFyWz1viNLnsnrfIb3WL_m7N6W94q4yny8Njetp9bpHD9HDLLH-3W3D0212et97mFlz-VpfH9Ja9LE_Tw_OW-V13k8vyljrcLs9b73W5bC6_HAAAAAAeAI7GYyF-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAAKUqM0AKA4FN7isnxOJ7_l5g8AgAcFEAAAAQwSgAG3phIACbKwEwAAAAAAAAAAlv____8YgL2AaRmAC8CxHoAHH4AHogLFIkYAAAAAW8d2SkeTOqGyqAIAIEi3ArgCAAjok8DxLwoDAAAIEJO9n91VZX-IGVugh8XvNzvsGr_bZQAAAAAAAAAAZv9n_2hCPVwpaUEkUexqv4AAAGu_gAAAbOoGAPAmABdygYFoOh0-171e9_vd9Q673a7xu_0yl8lleZjdGr_rcnrrLSeX5fOWOE0uu-ct8lvdor9bc_ob3irj6fLwmJ52n1vkMD3cMsvf7RYc_XaX5623uQWXv9XlMb1lL8vT9PC8ZX7X3eSyvKUOt8vz1ntdLpvLLzqCVgwGq1OI3XC22I0Wu8HsAAAAAO7-____8WTvZ3dV2R9i9EDGMlrZRiubcTAZGWYrk8kxW84mo9Vw49jNLKaV9zhlZisx0BMR-gIR9yLyux1Ou0U6kAhNp8Pnutfrfr-73mG32zV-t0UskKiMh5fl6XbZTRfpQCJ3mX5_y9dfctkcrrPpIhZIBH_P0_T02y3SgUTiN53-botYINEc_ZbT3eF2WaQDid5ht1vEAonsYXk67KaLdCCROcxm09Hyd_2MFvX9JmwxWk0mm-VwtlxMBsPRcDTan0CuBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBihYNJqvRaLKYDFejyWq2XOx2G6Ro1Wo22gyGq9lkttuthoPhcjTCCVuMVpPJZjmcLReTwXA0HI2GCBOW4WiwWK3cCsNm5hZNHB63cLjZrSWL3WiyGCxXDo9xLXp9TMfhbrYbDLcoGPC3F8FFOhE5PY_X5617mnwu01vvsNstYonmZJFOZJd9xzJa2UYrm3EwGRlmK5PJMVvOJqPVcOPYzSymlb9hGY4Gi9XKrTBsZm7RxOFxC4eb3Vqy2I0mi8Fy5fAY16LXx3Qc7ma7wXDfmG1ms-FwMhvtG7PNbDYcTmajfYfJ9Ex9zkbTX2PwmLzRaDWklJkPCpfB4v1JTItpd3bw_H5Hp8oZeRZ0RuHle_QaFJ6DRzUdn_0617j6tVZU3oNBEUsEp4t0InoZTxexRPK0SCfKmc23nFgcC4trMZzZbM7ZyLMxOVwb22DmMDlcE7FEabpIJ3qZy-SyPMxujd91Ob31lpPL8nlLnCaX3fMW-a1u0d-tOf0Nb5XxdHl4TE-7zy1ymB5umeXvdguOfrvL89bb3ILL3-rymN6yl-VpenjeMr_rbnJZ3lKH2-V5670ul81lUf-xIRdzxXI5VyyGc91olQAAAAAAAAAAljBn3gQAAADgNJDJaDhaLRcAAmdRFxgEAAAAAABg9x5silJb5uuiuPFjCXJ6Hq_PW_c0-Vymt95ht1sZ4MFpkXmzZ4JYq9WyBgAAEMAGAAAIyM6tm7eAMEsO!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: 90318ECC7C760A76657A9D3FE22C65A2
Requests: 5 HTTP requests in this frame

Frame: https://ads57.adtelligent.com/display/?adid=39B6835BB354F397&aid=500592&cb=1684978975
Frame ID: FBAC58A0CE5E1BD12B976256AF2C6E8E
Requests: 28 HTTP requests in this frame

Frame: https://contextual.media.net/nmedianet.js?cid=8CUL2446F
Frame ID: 3B5AA04DB07EB975F84DE7C8FF1E9058
Requests: 10 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=dcd0568f-0725-4172-8200-f3ef41aa761a
Frame ID: 514747EF9CA40B55B5BC6416EED9CB23
Requests: 1 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=609096
Frame ID: 1D8D878C523AB935F22D40DD42126285
Requests: 2 HTTP requests in this frame

Frame: https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Frame ID: 5F0E6784695DA1FA4AAD6506519EB96E
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Frame ID: C67541161EA10432A6CE7ADEDF933632
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Frame ID: 060E6CEDE89B9B7FF8554AB2E75E53B5
Requests: 15 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=651796
Frame ID: 7D7B9F465F5C46894EB8A8A989A31D91
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Frame ID: 64F43F9C42B0629FE9AF45F56EABF7EC
Requests: 11 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Frame ID: 6E8E5D2F8081029DBFF1E436EB947441
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CUL2446F&https=1&itype=CM
Frame ID: 9988C24F69D174FA5E61FB4620048433
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CU6M287B&prvid=99,77,3018,4,246,10000,9,2033&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=APPNEXUS
Frame ID: 34223B38232C0D9744991D52C05253F7
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CU6M287B&prvid=99,77,3018,4,246,10000,9,2033&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=APPNEXUS
Frame ID: 258C3F87FCD44DEF7890CFADC8C28F69
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=3153&pub_id=1798592
Frame ID: 440D5E266C7972DC8EB29FB82B35FA5D
Requests: 3 HTTP requests in this frame

Frame: https://js.ad-score.com/x.html?pid=1000152
Frame ID: 5C63398E7546F56E4797C283C161A8B5
Requests: 2 HTTP requests in this frame

Frame: data://truncated
Frame ID: 03DABE3789D82C294B38A854523AD343
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: 3D919F67D8B3BA240261A673B0565E80
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D679a98072152b165%26uid%3D
Frame ID: 669E27B0D9A6BAC10808EECE0AFA700A
Requests: 22 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17184-d
Frame ID: BAF210C873184C8128783A7E19828985
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: E805D88BE45D5E3C5712656E1223CE94
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: BA056CFF4F2393F6C126790D35818855
Requests: 4 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=9g0j12fACH6DwS0AE7Em&pi=admatic&tc=1
Frame ID: 9B2B750E3CFC44F853E1722EDBCD3C31
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Frame ID: FF0A69C929D064F2EEE48CDA828C7D41
Requests: 15 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Frame ID: C4BC9738387277AAEAF031FAACB03336
Requests: 1 HTTP requests in this frame

Frame: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Frame ID: BC22994623080E4E1E7160075BAEC610
Requests: 5 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Frame ID: AE14C676FAB509F5E3EE96E7B98360FD
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admatic.com.tr/user
Frame ID: A5F95E2ECB25D5AA5DE9DDB3C1BEBE01
Requests: 8 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=502624&extuid=${USER_ID}
Frame ID: 4AC9A76C6B94A285CF59B205CBAEF675
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
Frame ID: E2E5D76947C67A3E5431F71027222DF2
Requests: 7 HTTP requests in this frame

Frame: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_5.9.0-pre
Frame ID: 744E8F6BB34108BED95AC7C23AD747B3
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: E49150D29CC3A407F7B274B2A8FA8D5E
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Frame ID: EEC947972D20A3F85178D9CDF94F9D4A
Requests: 1 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=609096
Frame ID: E928F3D1B5EBAA2970A0C2896EF15345
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 4FC39E9D6F1C04A19E2B5DB00FAC6795
Requests: 2 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=0726f4b9-e46b-4137-a1a7-ad37aab9b12d
Frame ID: CF89FC879A5830D327099EE3415E43CB
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Frame ID: 054C124738BA792C22E81FF6D19F9E18
Requests: 1 HTTP requests in this frame

Frame: https://ic.tynt.com/r/d?m=xch&rt=html&gdpr={gdpr}gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Frame ID: 9CF7B18FE7C0D19C85C54BF5EF0906C7
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIUMTP7&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2029%2C2028%2C2027%2C236%2C237%2C2025%2C238%2C117%2C97%2C99%2C3012%2C3011%2C3010%2C3007%2C201%2C4%2C246%2C2037%2C203%2C9%2C2011%2C3022%2C3020%2C251%2C175%2C2009%2C255%2C178%2C3018%2C3017%2C3016%2C214%2C3014%2C70%2C77%2C38%2C182%2C261%2C141%2C222%2C301%2C225%2C80%2C10000%2C108&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Frame ID: C998FD4E76BA54EAAC7F3B3E92E75974
Requests: 2 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Frame ID: 34E13C4F12D7209D7E728F6479E52008
Requests: 19 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: D94BE3AB1874D780489DF58EF11EEB35
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13480300
Frame ID: D47BB29D6CC8A5102225F63F3C2AF4CA
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=azC7qard4r6OkMaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: E999B61AB44C6395A1463E60C8E51558
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=651796
Frame ID: 4833E74844E1E364B045D438670162AD
Requests: 3 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D679a98072152b165%26uid%3D
Frame ID: 245DCD25B7B3A0F8CB13484189341D08
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: B7FA3E1D1B9B92B3CBD4A1301FE4BE02
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: 659FC46C3D90F867243DEA9342C0AB60
Requests: 28 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: 649D1B0B65153E7AC989A2D55C2A1127
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D679a98072152b165%26uid%3D
Frame ID: 4DB0537F945A6F06C0F0F3B63F1730A6
Requests: 1 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: CEED13B69C9E1F0C4886216D936AE9E9
Requests: 2 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/e-planning
Frame ID: 457AF78ECEDAB9E1C80BDE0FCE037EEE
Requests: 8 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=ABn3kU3ZN4YFHSZk
Frame ID: 8873F7A5050A731EB79A408FAEB486AA
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Frame ID: 7585E2A3595D4EA1119C741DFC1D9F42
Requests: 12 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Frame ID: A3719394880A0F4A682EA5D0777DE385
Requests: 1 HTTP requests in this frame

Frame: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Frame ID: 534D83F369777E066F3927EC00798BEE
Requests: 4 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Frame ID: 1A83EFC3AB7DCD6FA3FB60B857539810
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admatic.com.tr/user
Frame ID: 226254EB1BEA0E139A913FF0B3745999
Requests: 6 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=502624&extuid=${USER_ID}
Frame ID: A9E874F24708EF75390B348EE0873CE7
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=9g0j12fACH6DwS0AE7Em&pi=admatic
Frame ID: 24CCE27E8F40CD79F792A517F9ECEAD6
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: DAF8D038B948AFCB8487B85F5FDC8853
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D13da9cbf695e00d3%26uid%3D
Frame ID: ACAD8CC4DAFAE1A7163E619096A1D175
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17184-d
Frame ID: AA6F8DA45163E5B2DA50AB4A9B4539B6
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: 06DC14317BAF2967D50F79DB111FAB30
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D679a98072152b165%26uid%3D
Frame ID: A9302A2D92F14A8106E48A10C92E1FB5
Requests: 10 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D13da9cbf695e00d3%26uid%3D
Frame ID: E452B84BF81E7DF1A0C7DFCCD1A3D97F
Requests: 10 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=F7758E58-A6FE-4EE5-A3E4-8A9A780B336D
Frame ID: E240BB685F1D5E9BCD4246CD393128F4
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4178678748820002827
Frame ID: 5D0129A94893E424F8A8738A545CEC6E
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 91BCED0DAE20A69E4AD3DC7DEEF163DA
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7029522580518533270
Frame ID: 30EC39590CB0DE2BE1DFF2F6ABB4EA8D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YY3hiwAAAbzr6wBG&gdpr=0&gdpr_consent=
Frame ID: F9D0BD7F4797119A39F9604E9D345F72
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: BF5E0B0B63449A211527D59F8DA57303
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: 6E5C8340865ABCD6101AAF9E00B46DD0
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: 68DAD6945322155DE47952DA0AD9C687
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 49AF8ACCB120025E453D6EABF6DBA402
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-d09719eb-9e0b-4fa7-b0cf-b78a75f3cf54-003
Frame ID: 12E16798351834F3AAB15CA0D82F76DA
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=5EUJvoksFrJIRubrTtzNXzX5
Frame ID: A72991BE43592F2108A8CF4E64E6AB1B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzcmdGw9ODY0MDA=&piggybackCookie=188361944838372
Frame ID: 894F6838E651FFC524CC6693927D4A03
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 6339B759BBC863C1EF40003D906877AE
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 88B5ADF01C06B3C02C25ACAD37EE71F7
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=99df2d6b-f89a-491a-82d2-cd98d43c0b1a-tuct8876709&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 5119E04BC014FE780984FD32782B6ECE
Requests: 1 HTTP requests in this frame

Frame: https://u-ams02.e-planning.net/um?dc=a208d9366469aa64&fi=679a98072152b165&uid=F7758E58-A6FE-4EE5-A3E4-8A9A780B336D
Frame ID: C387D29CD9E6D278C8AAA4FEF19CCAD2
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 651508A64AE09D89C2D37101FBE5CD3A
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: 702E97290463FF299ECBD627B894EB4E
Requests: 2 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: D4571FF506351C7A236CBD73A26BA621
Requests: 2 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/e-planning
Frame ID: 3BA6D95369DF8BAF28B72AB87342D99B
Requests: 8 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307442&extuid=ABn3kU3ZN4YFHSZk
Frame ID: 357DBDC54E5D741CF7001495FD37E879
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 93455472300565D60AF3A9DDE7EEE686
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: 8786B3872C197E6C21675EE04207C53F
Requests: 2 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: 981225A9EBA343D9BBA59EE4D605A64B
Requests: 2 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/e-planning
Frame ID: AB43FC9DD53A6C1573BB82AEA27A37F7
Requests: 8 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=ABn3kU3ZN4YFHSZk
Frame ID: 994638B25BF2660219116788B502D004
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: B93DCDB2ED72D9093496675EA6F86A6C
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D13da9cbf695e00d3%26uid%3D
Frame ID: 07B41476B8D265F8680898B9AF91F294
Requests: 1 HTTP requests in this frame

Frame: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=&consent=&us_privacy=&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Frame ID: 75A9BB8D45E101458FD53F66C5F8BF1D
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: 8D109B140D055BA9A85D08910E516F07
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: 5650A4E8FB9DF3FA9B64D9C0A1820858
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 8B1F7B290B663B61CD20D0E8CE4809D6
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D13da9cbf695e00d3%26uid%3D
Frame ID: 42263EEAD44D5E6D5BF8D8820F334513
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 718850D79DA7F9F3E2EB2CFF210B349C
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: EC66B18F52549069C43FCA634E114A3C
Requests: 2 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: B2DF3CFD053AD773DEC5CB73516EDE60
Requests: 2 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/e-planning
Frame ID: CE49DC71AC3573CBAD16B21CAA03A6C4
Requests: 4 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307442&extuid=ABn3kU3ZN4YFHSZk
Frame ID: 68F3999F4AE12CD8BF611A0A50C81755
Requests: 1 HTTP requests in this frame

Frame: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=&consent=&us_privacy=&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Frame ID: AADD00299F7BB6C91BADC123DE5FEDCF
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: EDBA9C90F00E348F60B5C7851531DD2F
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: 612CCF306741ADF5259BA3668AEE630C
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: D14AD1F83289A26AB78F3F98450AEAD3
Requests: 1 HTTP requests in this frame

Frame: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=&consent=&us_privacy=&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Frame ID: B59AF99C3F930F61AD0D23DF90DC2339
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: F0C2DD926D123ED88D73586090117FD0
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: 392244382F06DE8EFE8B9B6E542D9556
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: DCAD01CB67BD06F8049AB43435167033
Requests: 1 HTTP requests in this frame

Frame: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Frame ID: CA467DAC9D997996963F06AE5BEAA300
Requests: 10 HTTP requests in this frame

Frame: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Frame ID: E7A51A84E134D480DB154F2891AC633E
Requests: 10 HTTP requests in this frame

Frame: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=&consent=&us_privacy=&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Frame ID: 3B33F51BE6ADD835C0D575FB9CA94613
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: D5314A964DE58B0E5151C76A9232E25F
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: 6F752B760865AD4D4EF09968E38EF958
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: EBA7F7A6EF5C8AEACA642000807672EC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: AAA6D1BBB141D9D11C3347A7F12016FE
Requests: 8 HTTP requests in this frame

Frame: https://served-by.pixfuture.com/www/delivery/afr.php
Frame ID: 9E2409F691D417131444B95929207E76
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 0A3CDD9713046FC6AA7C7B6CC386D59C
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 27D9D3CF98EEC371275DF0DAA52BE2BD
Requests: 2 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/c=15238/rand=431377501/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20www.oann.com/rt=ifr
Frame ID: 551B173953BDAA8D3F0CE90E34EE24EC
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 9DBEA4354EE7720A1BB87DB5B63E0DD7
Requests: 3 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13480300
Frame ID: F909366E2CDB7635311B82B4C64E4575
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
Frame ID: 0F34FA70B2EE1004AC32FC8720430D2A
Requests: 7 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=651796
Frame ID: 105A08568AFDE62F7D69B02B62DDDD12
Requests: 3 HTTP requests in this frame

Frame: https://ic.tynt.com/r/d?m=xch&rt=html&gdpr={gdpr}gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Frame ID: 8E54A2B6A3B111F7AAFD6B9AC21D5B6D
Requests: 1 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=609096
Frame ID: 0FD702BEF99FE2B67B043FFE5CC1D702
Requests: 2 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Frame ID: 6C540802E5D30788721644E0E7AAC993
Requests: 17 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=c5b33dd8-fbfd-4a05-badc-d38f5c8aa507
Frame ID: F307B14C5ACF1B699859C61D204E80CA
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 3180662078C7368C12C85FA4C03DD596
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Frame ID: 9A28A81C34C0256EC17569870BE4846B
Requests: 8 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Frame ID: D3B73AEF17EB7DE04B31DD62026B3281
Requests: 1 HTTP requests in this frame

Frame: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_5.9.0-pre
Frame ID: B83E4859FA25384C0FCAA08C13586B88
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 083D0E688DB430742A4D44557AAD8B25
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIUMTP7&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2029%2C2028%2C2027%2C236%2C237%2C2025%2C238%2C117%2C97%2C99%2C3012%2C3011%2C3010%2C3007%2C201%2C4%2C246%2C2037%2C203%2C9%2C2011%2C3022%2C3020%2C251%2C175%2C2009%2C255%2C178%2C3018%2C3017%2C3016%2C214%2C3014%2C70%2C77%2C38%2C182%2C261%2C141%2C222%2C301%2C225%2C80%2C10000%2C108&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Frame ID: C7113D5776DCC570CD839E83CCDDE131
Requests: 2 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=azC7qard4r6OkMaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 53F99AB7A7ED30A782CF90C6FABB0E66
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: 7A3237A630B331BF36EB8B241D619957
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17184-d
Frame ID: 6312C92062C6F220507E72CE03C7E2BA
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: F9D94129AB0F711D13999262C2C245FB
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D6c99d864c877fcf3%26uid%3D
Frame ID: 9FDF9AC1AB051D12464F36BE238C1188
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=502624&extuid=${USER_ID}
Frame ID: 21C8D559B843CFD3539366064C1F5F2D
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=9g0j12fACH6DwS0AE7Em&pi=admatic
Frame ID: 4BA22EB31F63436EFA50AEE54BF6303E
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Frame ID: 42304C60D830E5F26FB24072A0D5A9F9
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Frame ID: E080D17E0C92EA8D2F043ACCCA92F199
Requests: 1 HTTP requests in this frame

Frame: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Frame ID: 65A578A87DEAE4AFED5194387BBC1C6D
Requests: 4 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=1034124019680978443
Frame ID: 87A7B0727A0851E610E352505CA78839
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admatic.com.tr/user
Frame ID: A8AEA2D37C13C47AC9A9A49CDBB74306
Requests: 5 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D6c99d864c877fcf3%26uid%3D
Frame ID: A2570CB2777DE41A9BA7AAB9AD4247D2
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: D5B360191C3842D842DEA788C410F4FF
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: CECB761B000A6D6B229DF419BACE6FEC
Requests: 2 HTTP requests in this frame

Frame: https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Frame ID: 81A3CB55710E3FC1D04985E4626058F2
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:LlpRG4f11MLnnS5&gdpr=0&gdpr_consent=
Frame ID: EB6A2C4ACDC513BB4C18780F6E5E3CE7
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:8AC5227B8F2D4D5C8108AA8B2418A4EF
Frame ID: 86635BCDA33CED548D550F1E1A23A56C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=JTTjVY0qS5JtcVusoecQ11vHdko
Frame ID: 1A34BCF4B571CFD3D6202BB8C4D7AE6A
Requests: 1 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: B1D98BDD0BCA82FFB3F66670AE42A3A9
Requests: 2 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=ABn3kU3ZN4YFHSZk
Frame ID: 1C7833F228DAA22AC24A782C52571C4B
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: 7C1FDBDAB54A0A3E7D4E98B82176FCA6
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D6c99d864c877fcf3%26uid%3D
Frame ID: 858FA2B8FC4665768748F1B656FB4ABB
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D6c99d864c877fcf3%26uid%3D
Frame ID: AEAE6689D2F4D8A05C4B336D73CF0CB0
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJz66wIQu_jwAhjWi5u5ATAB&v=APEucNU8gwvfMpq2wwUZqgD3nhKYIkzSlzVlDH70tn6KnzT4ogBmGHv2i6Ppzp4T37a_8ec_lN7yDbuEeOZQOwCyCe3SaJ1g3XFPbxOTRYF2PoSsLKPn64mECOqOjp7owhEQuUHjUkr0i5VCcJJwldOUbOYSdTcyPhkI7yC5vXGiKcPC1xdJnS8
Frame ID: B01E2840E0BC61086BD6C22CA64937A1
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AXQMCyXhaP_cQNnPqiLQTOcctGtLiajzsY61dwlm9n7b-Se9dDXvlIXICnn2vB5uOQg6G8c0M-Rmh-c8dyhkRcpgpoLcVLBFsawou-4GxcYjGDqQ-Qhgtbz6R6IHsmiAHMfO7XJ82HBsochgV9hoQQQTXqjA&cry=1&dbm_d=AKAmf-Ccx_-VI5i2qHeDt0TPb_E4w-dv0swuK1qSE2AtkNeOAgsrhl_t8NthvtSP7oKJ28UCGUq1wz35_LnxM4ObxGetRq3GIANwqapIcxJ4tH-xjdWfMsUMTAxeR2oK1CfJF5P2dyYZlaP-MrNyKdSzLZf1-Swb6-2ekLJIt6esHosGwhDJyJ8t6IbWCSc2-7gXH9cheQE-1XlQ3IuasCmXwq0_cnDCOKQ79jg7m0QU4i6FaUeOwiyXmWLAXmad13jXZv2lwIOQPPSN4lhvsmMW77G9dJ4RZCud3Tb4CeJN6ayNlRMBn6sfI5BBH5_nOLNy9N2if9epEif-G8BGUssOQxcD7MIPA3dRhL2SAfALT_DScSArkDS3zHbcw132XNVHmVi3pwSnk6HwsBQkkoXu2QsJQY1xpH1WbHmyRASiTsi4dhwmzYWgAQ95PiCKGw1kwQYLRJdH0NTwHoS_Ib7fToCWN0miBaIQ8QGQ8r9NcaXO8B-CLxrcWzkDHj3fmDpbo8NShre13nkZ1IhHt1SJSwPgH3C7rI_CHETC6zdNY2uTx-1Db17ucHcW5DFSxVgEAY-HrZUWwBJFJpNmKZENyJOxavu5K3uXfVaX-V3tSpjRfC6Cp7d5iZ78OmQ-NxTKSIbVhmebYKtP81UgLIjRxNWXSX-630RtFBSxX_ISHfUq6g3ahpkP4wsG-n4OM0swVcpzUNARd-BAzevNB1Cfy24uhi6ubwMKcRzUM2o1tNMRHs4fl50cmOwbPWz5A5onqJWBQxi1G9qgmCMd0ThNeTX1wq_KIAl4ixu9s8TUmepSzUVUmGzI8pMGPtFaoWjElVRS_dQxibJsj9uVw03oL8FgMBEJ9ugR8Sp1Mh6Z2AIUsiXLdv8D9AbOrKZzDUgzNg1TrzCo-E9aEthtrUL-MMGYmNz5E1hFIYOZ-B_02uPVUlo8J7q1lId32WUujIgyv0811ePS7TpWnWZnv2sO569JWXVD6Lps1VfH-_8JpQJCsA3a_XuDGX_vx630aZJsjKjrEYfWdWQJKwll3FhkObDV8wLXz12LzvJHEzFcuZ33n5ZSSCk3X_7t9ojpXRqMueu4J38DPVxBDeVefeZ0AE3yyPPe_x-4fvC4vOUw7AGGoiVVbt1a9Zh9IxNqWjPPlO79sPwXcTBl_QoiE46p65jVa-n4mf-gHhJmFB1ib_rQfdYw95kuMXypzWsTGfmNaM6MrjbHPWbyFU8AEhZcyy4vcDK8WkRJYoLVh_DeKCN5CTrmW1lql_ph4CDvhObycCN-9cpaYa5G-3TuzrLxtfmPHkVfL452bOVPiCmi5xvZFCTxSkM7gm56p0xFPBKR8tf5meqnNY23hlnHPbdlOGPflIWQ3zm7KL7gh90Tk6-5MUU5JA6Pis4QI6pVA94HgtKImFvBPBlRmxDp_qm05TpvE4sG4uxxG_zvfKpltcrbOlrEj_5cbkOsSU3FZL08XWu0Yl2oyL1pPlInj14U83sj1sQp1zwVe888zRmOXcGVtiv2bWfDWv98aZBnGHMl784zUx3KgLT9fL2RKrzZYwKZ_lIUgpIOPmTn_bQ_FLCZWGw1LMKZHy_xnIO5b5oa3ODKadaLoSCrJP6nmyR5KwR98GGUO7KaqRLMOzemfMKVm_fEEYI5ChgxwhM4eFHyUzhhacJ-P2EU7TONhjLXc9NSyodUvwj70kns5XWK0S-2DIk9Zohzlt0Fj7HO20KiZIsuMJne1_LA9e28ECgkiPvR4rI2P_EkyOiVwx5-8Nb-l7ILsbZE9ni-_h7xJMS3U2BuwebjYSUsGaYu1EtIncRYcKY-PsJqHAzS5abf3nPqa22DHsRBonCO3YLOf-zUe6YVmEB6OHVRDadm1tNZkBLdv_XvUjwjHsQepGw2P9u5bgYUQhB0ZVLf5YLF3HoK_-2jVQ1PpeRwyJjN0LJDy4yF_3NNSTW8R37HfqMS5CNxOUZ010-Xy5oL6rzECnBlSMx2w-E6ote26FcD1kND-_IjQt69L5zO0hH0aNDs_RLfND_vs3vbdJD9Ukf98AjgBAFP5mcJ8BvmXaJayfTDr0cVLBL43bCaEbFKWqd06Dn6BhlhmnDkfdJ-QIvBvMyHKeS2RInSysi5TX4_6IW9ZCre-uNhY714YaQY0WCRRCpQdDPWUQsz6vJ4WA_xo1eX4-UyQge1pmuBB-90w2SCLczhltqVEmasfn2wSV_R5Gr3BDEmY4tpA8y4jKwyJGwexutJrz8DyKb8Muc6f95R8myBcEyCmpkORmCdUNNrIhK_AX5XPD4YtQI8j78-f-L4wyN84ZWxOSvac9uz2wJCrfx0_SQDuinXA-H31yERBk9z7bhWDkCIINaPSpSQlbvNppr1Dy1Nt6z4MXS-IVQuMGg2X4ERDOzNLwDUaK3CkUuTu92yBZ-_Ng29Ln4LnAQ4Pq1g1Yqw6TQ4KJQhKkV9rDJ1cn12AQdh-umlRUlVthRusKVv_siP1upyAt6a4wq4tSpP5DUgFKz9El55SWkgCc_DEAe7FiptIxdfMq2sWPErb4MwtQ7P-8qPyXRPKnMkdRVcgdcIL1nbfPzqxZhRHgaAqwObeADNz98RI4sSQhQ4bP49Wz3urFaQmU6uhd3-ktFxt-mYwPVCTl2UPTYJ7qkAY7dsY_KkTrJEN5XOpLJSieODMLKBgm2YlMqvre9ITLxkX2o7Qtcm2juyb3pgBq3alIcwg_3a9aNbb2TEMc-s0WRBefKkoKTlhmcsAE6Q3nlgdn-5j-Z9Er77X9mhUjcwa6SZvnl64w1mfDu_rWgBzP0igPkhVAs-lnRjJq40IcBREbbgHpVW1gJl_fKBkI0Uy3zzDl-LSoR6-Nm7wOCja8uAgqzQhtPT3YnNjPaSJZUzHiMNr2ybGgddlcssg3atvTRJkwTNwIqHeddxbMEPj8bM2kd2LXOKuuPKKgI3hDY1nmB9OkUGsm53_FqrwCUjszIyDj7iPcTVD8GUp646mH0RCz2G0WgQGF1Gatuvv5qsv6VQ2dGJPqY-yCB_-m2Yf8Rn-PwY1aEadWiX65i2l4gRbuzaXjoPTN0udgrZ6yt-SQn7esIT3JX-0IuSACHMSMiAMk6zwrstBbyynUt_NzK-21Qhj-uZGuiqyoeimr9RqD7xfJZEevI5_GY__pCFj8U9n5-N93VocWCuz7xvikXFZJe74g38ianaTW45m_v1ugRHfDGZOGwWMa2DYIXi58Hc90HjRJ13Vg7jNAFqzQHx2_UPKMRGJ8-dZZo1c2Z52oT7vPFHwUOYI8sWCe4uxlGhpFaRYdYxg1S_-4LzU38RyXPnFZXx1CNhSxrW7vSrfbGH34m9K8DGCJNmY5GxkQT4WCQGGKpVe_X4XajPXrJ_MaTkgqmCU6OeMZ47g4SP78SHhc54UkrBwxq6Ceqx0oM3Ya5RJZFw_z4_GYKS86ffhbM&pr=8:EE495833C0FDFC5D&cid=CAASEuRo38X2CEA0jqbOmmHz-b2-2g&rfl=1%2Chttps%253A%252F%252Fwww.oann.com%252Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%252F%240
Frame ID: B7FB7D8DE9B0B5973225AB246EF5DB86
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 35FF782E9A0796921A5F236F735794DD
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: A496D5A49A0BC3615D4BD8F66E440E68
Requests: 2 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: CD421C157B83C8E900C517546137499D
Requests: 2 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307442&extuid=ABn3kU3ZN4YFHSZk
Frame ID: 345CD68FAE891E7CC94723D38CACB432
Requests: 1 HTTP requests in this frame

Frame: https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fdu%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fdu%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=e753df97-ec21-42f3-b3f1-6bd0dc96c361&idx=&_rlid=e753df97-ec21-42f3-b3f1-6bd0dc96c361
Frame ID: 1CC97ADF997E3AE13CFC30D0FC7AAAB7
Requests: 16 HTTP requests in this frame

Frame: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Frame ID: BC47E1AC08AD5460CDE2123191065E1C
Requests: 9 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: F16A1268EFED4D70B22F00EB5EA2551C
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 87F9370008DCD052A42404D12B8893EC
Requests: 3 HTTP requests in this frame

Frame: https://pixel.mathtag.com/sync/iframe?mt_uuid=e626618d-e18b-4900-b346-8a6c848cdf60&no_iframe=1&exsync=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%5BMM_UUID%5D%26pid%3D10&mt_lim=12&source=mathtag
Frame ID: 0AFAE19B67579A25A7CA391FAA64822D
Requests: 5 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/c=15238/rand=552559904/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20www.oann.com/rt=ifr
Frame ID: AC697282D6980CB883C162A2876DE629
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Federal court orders Biden’s DOJ to stop extracting data from phones of Project Veritas founder James O’Keefe | One America News NetworkOne America News Network - Breaking News Updates | Latest News Headlines | Photos and News Videos

Page Statistics

977
Requests

73 %
HTTPS

23 %
IPv6

148
Domains

264
Subdomains

164
IPs

14
Countries

11334 kB
Transfer

18762 kB
Size

190
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 85
  • https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV HTTP 307
  • https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Request Chain 86
  • https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Request Chain 88
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Rjc3NThFNTgtQTZGRS00RUU1LUEzRTQtOEE5QTc4MEIzMzZE&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3DF7758E58-A6FE-4EE5-A3E4-8A9A780B336D HTTP 302
  • https://router.infolinks.com/dyn/pbm-usync?uid=F7758E58-A6FE-4EE5-A3E4-8A9A780B336D
Request Chain 89
  • https://ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID HTTP 302
  • https://router.infolinks.com/dyn/apn-usync?user_id=7051991869510472897
Request Chain 90
  • https://u.openx.net/w/1.0/cm?id=9b5994f2-035d-46de-8c12-bc0e9a4e66c2&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fox-usync%3Fuid%3D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=9b5994f2-035d-46de-8c12-bc0e9a4e66c2&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fox-usync%3Fuid%3D HTTP 302
  • https://router.infolinks.com/dyn/ox-usync?uid=4be39d0c-5552-4334-ba89-a428969abc89
Request Chain 91
  • https://ups.analytics.yahoo.com/ups/58422/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58422/occ?verify=true HTTP 302
  • https://router.infolinks.com/dyn/VR-usync?uid=y-M2iu6oNE2uH9BCA7nc0lZZ320v3ogD.GRbxXZoA-~A
Request Chain 92
  • https://sync.1rx.io/usersync2/infolinks HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7293018513 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7293018513 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/c6f7b90a-8be6-489e-aed8-3443d34fbebe HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-d09719eb-9e0b-4fa7-b0cf-b78a75f3cf54-003?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fr1-usync%3Fuid%3DRX-d09719eb-9e0b-4fa7-b0cf-b78a75f3cf54-003 HTTP 302
  • https://router.infolinks.com/dyn/r1-usync?uid=RX-d09719eb-9e0b-4fa7-b0cf-b78a75f3cf54-003
Request Chain 93
  • https://b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__ HTTP 302
  • https://router.infolinks.com/dyn/zmn-usync?uid=
Request Chain 95
  • https://ib.adnxs.com/getuid?https://s.cpx.to/ca.png?ref=https%253A%252F%252Fwww.oann.com%252Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%252F&pid=12306&adnxs_uid=$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttps%25253A%25252F%25252Fwww.oann.com%25252Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%25252F%26pid%3D12306%26adnxs_uid%3D%24UID HTTP 302
  • https://s.cpx.to/ca.png?ref=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&pid=12306&adnxs_uid=7051991869510472897
Request Chain 97
  • https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPe54983f6-4369-11ec-a004-02c1570f7238 HTTP 302
  • https://router.infolinks.com/dyn/outh-usync?uid=y-KhzSmu1E2uH3tu0eyeeWQGgQucq1QaOI~A~UPe54983f6-4369-11ec-a004-02c1570f7238
Request Chain 99
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID&sovrn_retry=true HTTP 307
  • https://router.infolinks.com/dyn/sovrn-usync?uid=f84f02358cfc80548d3f33c7
Request Chain 100
  • https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=60809&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fusersync%3Fpmuservalue%3DF7758E58-A6FE-4EE5-A3E4-8A9A780B336D HTTP 302
  • https://router.infolinks.com/dyn/usersync?pmuservalue=F7758E58-A6FE-4EE5-A3E4-8A9A780B336D
Request Chain 102
  • https://p.rfihub.com/cm?pub=43153&in=1 HTTP 302
  • https://router.infolinks.com/dyn/zeta-usync?uid=1991787311400296336
Request Chain 117
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YY3hh_hBgT-uGKmO4CBSjQAABGoAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEC0kTo4DOTi5Y4M5VfsuE0M&google_cver=1
Request Chain 118
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YY3hh_hBgT-uGKmO4CBSjQAABGoAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YY3hh_hBgT-uGKmO4CBSjQAABGoAAAAB&dcc=t
Request Chain 119
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YY3hh-hBgT.uGKmO4CBSjQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDNsXh2tMPR6aZuAd9_tMaI&google_cver=1&gdpr=1&google_hm=2
Request Chain 125
  • https://um2.eqads.com/um/cs HTTP 302
  • https://um2.eqads.com/um/cs&eq_cc=1
Request Chain 145
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1636688264037&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1636688264037&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&c9=
Request Chain 189
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.oann.com%2F&domain=www.oann.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=LB9jC3xFVXFzd2MxVjNMaTZTWkh6b1BiRnBISS91cGZyTU9MZVQ1N1VIVDFtZDVicTRZeHY1SEYxNllaZXdua1d1dktuQkVtQUFucGdZbFIzYTJtOUZ1UU9LSDN4UXlCQ2xpQVZWaDl2by9nK0VCSDBaYUFyaDBPOFpveHpTeGVZVTVzeHdLTVF2bU1YajBUVUI5RkQ1OVpITm5OUFFsbktCcjZ1ZFF5ZW9IMDh2YTBNYmlvUExoWlNYZTB5ZWdOTWcwbjQzVysxOXhpSUVsL1hDbm5IZ3JIc3htUVhjUzFiTzNmVGhSU2R6a0NQZlJjPXw&cppv=2
Request Chain 252
  • https://pixfuture-inv-nyc.admixer.net/adxcm.aspx?gdpr=&gdpr_consent=&us_privacy=&redir=1&rurl=https%3A%2F%2Fprebidserver.pixfuture.com%3A8000%2Fsetuid%3Fbidder%3Dadmixeropenrtb%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24%24visitor_cookie%24%24 HTTP 302
  • https://prebidserver.pixfuture.com:8000/setuid?bidder=admixeropenrtb&gdpr=&gdpr_consent=&f=i&uid=1febdac1a0e64b97a0fb4a1976418a77
Request Chain 274
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=e67aa0fa-4369-11ec-8bfc-1ef5e1e50306 HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=e67ad1e9-4369-11ec-b9ca-18b2794d0206&orig=video&us_privacy=1---gdpr=1&
Request Chain 278
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=e67ad22c-4369-11ec-b9ca-18b2794d0206 HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=e67ad1e9-4369-11ec-b9ca-18b2794d0206&orig=video&us_privacy=1---gdpr=1&
Request Chain 298
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D HTTP 307
  • https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=dcd0568f-0725-4172-8200-f3ef41aa761a
Request Chain 302
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Request Chain 305
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=59aa3052-ff19-4751-90ca-53cfef66db91
Request Chain 306
  • https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=869d1979-d4d7-48b6-8296-b1c99ad5eb73
Request Chain 308
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID HTTP 307
  • https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=f84f02358cfc80548d3f33c7
Request Chain 309
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=7051991869510472897
Request Chain 310
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP 301
  • https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Request Chain 311
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP 301
  • https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Request Chain 337
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D679a98072152b165 HTTP 302
  • https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=679a98072152b165
Request Chain 338
  • https://sync.1rx.io/usersync2/eplanning HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-d09719eb-9e0b-4fa7-b0cf-b78a75f3cf54-003&rndcb=6389834084 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=adconductor&user_id=RX-d09719eb-9e0b-4fa7-b0cf-b78a75f3cf54-003&rndcb=6389834084 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=ca55ffaf-b038-4845-a074-417fa5b634be&google_hm=Y2E1NWZmYWYtYjAzOC00ODQ1LWEwNzQtNDE3ZmE1YjYzNGJl HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEFASSOEOef3uoXcbPsHPQQs&google_cver=1&ssp=adconductor&bsw_param=ca55ffaf-b038-4845-a074-417fa5b634be HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/ca55ffaf-b038-4845-a074-417fa5b634be?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-d09719eb-9e0b-4fa7-b0cf-b78a75f3cf54-003?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3DRX-d09719eb-9e0b-4fa7-b0cf-b78a75f3cf54-003%26dc%3D1079cc634ca638f8%26iss%3D1 HTTP 302
  • https://sync.e-planning.net/um?uid=RX-d09719eb-9e0b-4fa7-b0cf-b78a75f3cf54-003&dc=1079cc634ca638f8&iss=1
Request Chain 341
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D679a98072152b165%26uid%3D%24%7BUID%7D HTTP 302
  • https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=679a98072152b165&uid=59aa3052-ff19-4751-90ca-53cfef66db91
Request Chain 345
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D679a98072152b165 HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Request Chain 346
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D679a98072152b165%26uid%3D%24UID HTTP 302
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=679a98072152b165&uid=7051991869510472897
Request Chain 348
  • https://ups.analytics.yahoo.com/ups/58414/occ HTTP 302
  • https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-M2iu6oNE2uH9BCA7nc0lZZ320v3ogD.GRbxXZoA-~A
Request Chain 349
  • https://cs.admanmedia.com/sync/eplanning?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D227acb3d18564968%26fi%3D679a98072152b165%26uid%3D%7B%24UID%7D HTTP 302
  • https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=679a98072152b165&uid=8905320fd96316601b5036f2c7ff5ee29069c9b4
Request Chain 352
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 354
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17184-d
Request Chain 356
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189529&cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D323546%26extuid%3D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=YY3hh-hBgT.uGKmO4CBSjQAA%261130
Request Chain 362
  • https://creativecdn.com/cm-notify?pi=admatic HTTP 302
  • https://creativecdn.com/cm-notify?pi=admatic&tc=1 HTTP 302
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=9g0j12fACH6DwS0AE7Em&pi=admatic&tc=1
Request Chain 383
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D HTTP 307
  • https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=0726f4b9-e46b-4137-a1a7-ad37aab9b12d
Request Chain 392
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID HTTP 307
  • https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=f84f02358cfc80548d3f33c7
Request Chain 393
  • https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=59aa3052-ff19-4751-90ca-53cfef66db91
Request Chain 394
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=7051991869510472897
Request Chain 396
  • https://ad.360yield.com/server_match?gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=869d1979-d4d7-48b6-8296-b1c99ad5eb73
Request Chain 408
  • https://token.rubiconproject.com/token?pid=26594&gdpr=1&us_privacy=1--- HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KVVTXO0H-1B-H0V7&sigv=1&esig=2~636630f6d9679d95a3ff6e31b6d1554ed50f1ea7&gdpr=1&us_privacy=1---
Request Chain 409
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=1&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjMzMjA3ZDdkNjg4NWE1YTNiM2Q4M2Y4YmU0ZjE5MjA3ZWQ1NGJjOA&gdpr=1&us_privacy=1---
Request Chain 410
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&gdpr=1&us_privacy=1--- HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&gdpr=1&us_privacy=1---&_test=YY3hiwAAAbzr6wBG HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YY3hiwAAAbzr6wBG&gdpr=1&us_privacy=1---&_test=YY3hiwAAAbzr6wBG
Request Chain 411
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=1&us_privacy=1--- HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/hqg03KVIt8OYvtcA9AvRWMn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=1&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5559525931425139763
Request Chain 412
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=1&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESEFpi3sl_-23es0lSAUf7ykw&google_cver=1
Request Chain 413
  • https://token.rubiconproject.com/token?pid=25470&gdpr=1&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZWVFhPMEgtMUItSDBWNw==&gdpr=1&us_privacy=1---
Request Chain 416
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D679a98072152b165 HTTP 302
  • https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=679a98072152b165
Request Chain 417
  • https://sync.1rx.io/usersync2/eplanning HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-d09719eb-9e0b-4fa7-b0cf-b78a75f3cf54-003&rndcb=3566980764 HTTP 302
  • https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=adconductor&bds_param=ca55ffaf-b038-4845-a074-417fa5b634be HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=340&user_id=fe0ddc46-6c7a-4dd8-a657-5157ab353f6f&expires=10&ssp=adconductor&bsw_param=ca55ffaf-b038-4845-a074-417fa5b634be HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/ca55ffaf-b038-4845-a074-417fa5b634be?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-d09719eb-9e0b-4fa7-b0cf-b78a75f3cf54-003?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3DRX-d09719eb-9e0b-4fa7-b0cf-b78a75f3cf54-003%26dc%3D1079cc634ca638f8%26iss%3D1 HTTP 302
  • https://sync.e-planning.net/um?uid=RX-d09719eb-9e0b-4fa7-b0cf-b78a75f3cf54-003&dc=1079cc634ca638f8&iss=1
Request Chain 420
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D679a98072152b165%26uid%3D%24%7BUID%7D HTTP 302
  • https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=679a98072152b165&uid=59aa3052-ff19-4751-90ca-53cfef66db91
Request Chain 424
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D679a98072152b165 HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Request Chain 425
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D679a98072152b165%26uid%3D%24UID HTTP 302
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=679a98072152b165&uid=7051991869510472897
Request Chain 427
  • https://ups.analytics.yahoo.com/ups/58414/occ HTTP 302
  • https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-M2iu6oNE2uH9BCA7nc0lZZ320v3ogD.GRbxXZoA-~A
Request Chain 428
  • https://cs.admanmedia.com/sync/eplanning?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D227acb3d18564968%26fi%3D679a98072152b165%26uid%3D%7B%24UID%7D HTTP 302
  • https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=679a98072152b165&uid=8905320fd96316601b5036f2c7ff5ee29069c9b4
Request Chain 432
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=e626618d-e18b-4900-b346-8a6c848cdf60
Request Chain 434
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1034124019680978443
Request Chain 437
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJB1mb1oPALXrKxC97MUQ5w&google_cver=1
Request Chain 438
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D13da9cbf695e00d3 HTTP 302
  • https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=13da9cbf695e00d3
Request Chain 439
  • https://sync.1rx.io/usersync2/eplanning HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=110&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fcentro%2F2095%2F%7BuserId%7D%3Fzcc%3D0%26sspret%3D1&rndcb=5218368145 HTTP 302
  • https://sync.1rx.io/usersync3/centro/2095/no-consent?zcc=0&sspret=1&rndcb=5218368145 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-d09719eb-9e0b-4fa7-b0cf-b78a75f3cf54-003?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3DRX-d09719eb-9e0b-4fa7-b0cf-b78a75f3cf54-003%26dc%3D1079cc634ca638f8%26iss%3D1 HTTP 302
  • https://sync.e-planning.net/um?uid=RX-d09719eb-9e0b-4fa7-b0cf-b78a75f3cf54-003&dc=1079cc634ca638f8&iss=1
Request Chain 442
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D13da9cbf695e00d3%26uid%3D%24%7BUID%7D HTTP 302
  • https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=13da9cbf695e00d3&uid=59aa3052-ff19-4751-90ca-53cfef66db91
Request Chain 446
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D13da9cbf695e00d3 HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Request Chain 447
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D13da9cbf695e00d3%26uid%3D%24UID HTTP 302
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=13da9cbf695e00d3&uid=7051991869510472897
Request Chain 449
  • https://ups.analytics.yahoo.com/ups/58414/occ HTTP 302
  • https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-M2iu6oNE2uH9BCA7nc0lZZ320v3ogD.GRbxXZoA-~A
Request Chain 450
  • https://cs.admanmedia.com/sync/eplanning?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D227acb3d18564968%26fi%3D13da9cbf695e00d3%26uid%3D%7B%24UID%7D HTTP 302
  • https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=13da9cbf695e00d3&uid=8905320fd96316601b5036f2c7ff5ee29069c9b4
Request Chain 451
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 458
  • https://ih.adscale.de/uu?cbfn=receive&t=1636688266 HTTP 302
  • https://ih.adscale.de/uu?cbfn=receive&t=1636688266&nut&uu=b0dee3192cad4487afdc03251ae66aa7
Request Chain 467
  • https://creativecdn.com/cm-notify?pi=admatic HTTP 302
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=9g0j12fACH6DwS0AE7Em&pi=admatic
Request Chain 469
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 474
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2365734668697577057
Request Chain 476
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YY3hh_hBgT-uGKmO4CBSjQAABGoAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEC0kTo4DOTi5Y4M5VfsuE0M&google_cver=1
Request Chain 478
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=JTTjVY0qS5JtcVusoecQ11vHdko
Request Chain 481
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17184-d
Request Chain 483
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189529&cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D323546%26extuid%3D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=YY3hh-hBgT.uGKmO4CBSjQAA%261130
Request Chain 486
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=7a93850a-2288-44dc-46b8-44a249f537ec&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEMFKG54kWtDOuI1jusWWZYg&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=7a93850a-2288-44dc-46b8-44a249f537ec&zdid=1361
Request Chain 487
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D74fce569-a1fb-458a-4d4b-310e90dafe31%26reqId%3D7a93850a-2288-44dc-46b8-44a249f537ec%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D74fce569-a1fb-458a-4d4b-310e90dafe31%26reqId%3D7a93850a-2288-44dc-46b8-44a249f537ec%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=ec120d2c-953c-4462-a438-5fad45f00277&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=7a93850a-2288-44dc-46b8-44a249f537ec&zdid=1361
Request Chain 489
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D74fce569-a1fb-458a-4d4b-310e90dafe31%26reqId%3D7a93850a-2288-44dc-46b8-44a249f537ec%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=c6f7b90a-8be6-489e-aed8-3443d34fbebe&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=7a93850a-2288-44dc-46b8-44a249f537ec&zdid=1361
Request Chain 492
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D74fce569-a1fb-458a-4d4b-310e90dafe31%26reqId%3D7a93850a-2288-44dc-46b8-44a249f537ec%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=F7758E58-A6FE-4EE5-A3E4-8A9A780B336D&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=7a93850a-2288-44dc-46b8-44a249f537ec&zdid=1361
Request Chain 493
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=7a93850a-2288-44dc-46b8-44a249f537ec&zdid=1361 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=7a93850a-2288-44dc-46b8-44a249f537ec&zdid=1361&s_h=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=bde59542-35d0-4d0b-9379-d1802b89ac9e&zpartnerid=317&gdpr=1&gdpr_consent=
Request Chain 494
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=74fce569-a1fb-458a-4d4b-310e90dafe31&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D74fce569-a1fb-458a-4d4b-310e90dafe31%26reqId%3D7a93850a-2288-44dc-46b8-44a249f537ec%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=74fce569-a1fb-458a-4d4b-310e90dafe31&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D74fce569-a1fb-458a-4d4b-310e90dafe31%26reqId%3D7a93850a-2288-44dc-46b8-44a249f537ec%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=37127328274913860432154452890004927553&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=7a93850a-2288-44dc-46b8-44a249f537ec&zdid=1361
Request Chain 496
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D74fce569-a1fb-458a-4d4b-310e90dafe31%26reqId%3D7a93850a-2288-44dc-46b8-44a249f537ec%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7029522580518533270&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=7a93850a-2288-44dc-46b8-44a249f537ec&zdid=1361
Request Chain 497
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=74fce569-a1fb-458a-4d4b-310e90dafe31 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=74fce569-a1fb-458a-4d4b-310e90dafe31
Request Chain 498
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=74fce569-a1fb-458a-4d4b-310e90dafe31&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D74fce569-a1fb-458a-4d4b-310e90dafe31%26reqId%3D7a93850a-2288-44dc-46b8-44a249f537ec%26zdid%3D1361 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=74fce569-a1fb-458a-4d4b-310e90dafe31&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D74fce569-a1fb-458a-4d4b-310e90dafe31%26reqId%3D7a93850a-2288-44dc-46b8-44a249f537ec%26zdid%3D1361&bounce=1&random=3351245734 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=zhRhOAKg8qKfMbHn1FEzCO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=7a93850a-2288-44dc-46b8-44a249f537ec&zdid=1361
Request Chain 499
  • https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D[sas_uid]%26zpartnerid%3D592%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D74fce569-a1fb-458a-4d4b-310e90dafe31%26reqId%3D7a93850a-2288-44dc-46b8-44a249f537ec%26zdid%3D1361 HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https://mwzeom.zeotap.com/mw?cid=[sas_uid]&zpartnerid=592&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=7a93850a-2288-44dc-46b8-44a249f537ec&zdid=1361&cklb=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=1193297337061439951
Request Chain 500
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=74fce569-a1fb-458a-4d4b-310e90dafe31?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=7a93850a-2288-44dc-46b8-44a249f537ec&zdid=1361 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=74fce569-a1fb-458a-4d4b-310e90dafe31?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=7a93850a-2288-44dc-46b8-44a249f537ec&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=ae1ef9dbcc63b13a6494acd785836c22&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=7a93850a-2288-44dc-46b8-44a249f537ec&zdid=1361
Request Chain 501
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-ul53ELFE2orvH.TafnYScOx.jRyprbgI5w--~A&zpartnerid=570&env=mWeb
Request Chain 502
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=GBR&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=7a93850a-2288-44dc-46b8-44a249f537ec&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=Fie5FP7nbpvjSRlws2MxHFyCtAKRMIm3%2BS41iYitP1U%3D
Request Chain 506
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D74fce569-a1fb-458a-4d4b-310e90dafe31%26reqId%3D7a93850a-2288-44dc-46b8-44a249f537ec%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YY3hiwAAAbzr6wBG&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=7a93850a-2288-44dc-46b8-44a249f537ec&zdid=1361
Request Chain 507
  • https://engine.widespace.com/map/ext/api/trackingcallback/v1?accessToken=zeotap-user-sync&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=7a93850a-2288-44dc-46b8-44a249f537ec&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=395&ws_uid=ck.69ffbecc-47a9-47b3-a781-36976525f45f&zdid=1361
Request Chain 508
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=7a93850a-2288-44dc-46b8-44a249f537ec&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=7a93850a-2288-44dc-46b8-44a249f537ec&zdid=1361
Request Chain 509
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=74fce569-a1fb-458a-4d4b-310e90dafe31&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=7a93850a-2288-44dc-46b8-44a249f537ec&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=74fce569-a1fb-458a-4d4b-310e90dafe31&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=7a93850a-2288-44dc-46b8-44a249f537ec&zdid=1361&dcc=t
Request Chain 510
  • https://tags.bluekai.com/site/87734?id=74fce569-a1fb-458a-4d4b-310e90dafe31&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=7a93850a-2288-44dc-46b8-44a249f537ec&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Request Chain 511
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D74fce569-a1fb-458a-4d4b-310e90dafe31%26reqId%3D7a93850a-2288-44dc-46b8-44a249f537ec%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=7a93850a-2288-44dc-46b8-44a249f537ec&zdid=1361
Request Chain 518
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4178678748820002827
Request Chain 520
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7029522580518533270
Request Chain 521
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YY3hiwAAAbzr6wBG&gdpr=0&gdpr_consent=
Request Chain 522
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFUckRrN0RHOE1BQUQwRWZ5dW1Mdw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Request Chain 523
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Request Chain 526
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fappnexus%2F1508%2F%24UID%3Fzcc%3D0%26sspret%3D1&rndcb=3166776546 HTTP 302
  • https://sync.1rx.io/usersync3/appnexus/1508/7051991869510472897?zcc=0&sspret=1&rndcb=3166776546 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-d09719eb-9e0b-4fa7-b0cf-b78a75f3cf54-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-d09719eb-9e0b-4fa7-b0cf-b78a75f3cf54-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-d09719eb-9e0b-4fa7-b0cf-b78a75f3cf54-003
Request Chain 527
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=5EUJvoksFrJIRubrTtzNXzX5
Request Chain 528
  • https://core.iprom.net/cookiesync HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzcmdGw9ODY0MDA=&piggybackCookie=188361944838372
Request Chain 529
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 531
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=99df2d6b-f89a-491a-82d2-cd98d43c0b1a-tuct8876709&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 533
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=93WOWKb-TuWj5IqaeAszbQ%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 534
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=e626618d-e18b-4900-b346-8a6c848cdf60
Request Chain 535
  • https://pixel.onaudience.com/?partner=214&mapped=F7758E58-A6FE-4EE5-A3E4-8A9A780B336D HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=791808e36d706488
Request Chain 536
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGlm5kMxiRmVI3zl98Nic6c&google_cver=1
Request Chain 538
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:e626618d-e18b-4900-b346-8a6c848cdf60&gdpr=0&gdpr_consent=
Request Chain 539
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1034124019680978443
Request Chain 540
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=c6f7b90a-8be6-489e-aed8-3443d34fbebe
Request Chain 541
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7051991869510472897&gdpr=0&gdpr_consent=
Request Chain 543
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=F7758E58-A6FE-4EE5-A3E4-8A9A780B336D&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Iwmnct5E2uUnxSno.1ZVd.orTrKhw7Q-~A&gdpr=0&gdpr_consent=
Request Chain 545
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ws.rqtrk.eu/pull?redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=pubmatic&g=1&gdpr_pd=&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=193&user_id=&expires=1&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ca55ffaf-b038-4845-a074-417fa5b634be&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 547
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2365734668697577057&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 548
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Request Chain 549
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:4be53025-df31-49af-be1a-b56284350068&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 550
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7051991869510472897
Request Chain 553
  • https://sync.1rx.io/usersync2/eplanning HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fappnexus%2F2095%2F%24UID%3Fzcc%3D0%26sspret%3D1&rndcb=7237156327 HTTP 302
  • https://sync.1rx.io/usersync3/appnexus/2095/7051991869510472897?zcc=0&sspret=1&rndcb=7237156327 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-d09719eb-9e0b-4fa7-b0cf-b78a75f3cf54-003?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3DRX-d09719eb-9e0b-4fa7-b0cf-b78a75f3cf54-003%26dc%3D1079cc634ca638f8%26iss%3D1 HTTP 302
  • https://sync.e-planning.net/um?uid=RX-d09719eb-9e0b-4fa7-b0cf-b78a75f3cf54-003&dc=1079cc634ca638f8&iss=1
Request Chain 559
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D13da9cbf695e00d3 HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Request Chain 561
  • https://ups.analytics.yahoo.com/ups/58414/occ HTTP 302
  • https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-M2iu6oNE2uH9BCA7nc0lZZ320v3ogD.GRbxXZoA-~A
Request Chain 562
  • https://cs.admanmedia.com/sync/eplanning?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D227acb3d18564968%26fi%3D13da9cbf695e00d3%26uid%3D%7B%24UID%7D HTTP 302
  • https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=13da9cbf695e00d3&uid=8905320fd96316601b5036f2c7ff5ee29069c9b4
Request Chain 578
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Request Chain 579
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=7051991869510472897
Request Chain 580
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7051991869510472897
Request Chain 581
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-M2iu6oNE2uH9BCA7nc0lZZ320v3ogD.GRbxXZoA-~A
Request Chain 583
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=5ee363ec-65cc-449b-b60a-7f7f20c864da
Request Chain 589
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 596
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=e626618d-e18b-4900-b346-8a6c848cdf60&gdpr=1&gdpr_consent=
Request Chain 597
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1636774668&gdpr=1
Request Chain 598
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1639280268
Request Chain 607
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
  • https://um.simpli.fi/no_match_opted_out
Request Chain 610
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=LlpRG4f11MLnnS5&gdpr=1
Request Chain 611
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1636774668&gdpr=1
Request Chain 612
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1991787311400296336
Request Chain 614
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
Request Chain 624
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D74fce569-a1fb-458a-4d4b-310e90dafe31%26reqId%3Df5d307ae-8714-473a-7892-d16ea52d38bb%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=f5d307ae-8714-473a-7892-d16ea52d38bb&zdid=1361
Request Chain 625
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D74fce569-a1fb-458a-4d4b-310e90dafe31%26reqId%3D0682e9bb-0774-4bde-7509-63829b47b26d%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=0682e9bb-0774-4bde-7509-63829b47b26d&zdid=1361
Request Chain 630
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=7051991869510472897
Request Chain 631
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7051991869510472897
Request Chain 632
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-M2iu6oNE2uH9BCA7nc0lZZ320v3ogD.GRbxXZoA-~A
Request Chain 634
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=5ee363ec-65cc-449b-b60a-7f7f20c864da
Request Chain 638
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7051991869510472897
Request Chain 639
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=7051991869510472897
Request Chain 640
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-M2iu6oNE2uH9BCA7nc0lZZ320v3ogD.GRbxXZoA-~A
Request Chain 642
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=5ee363ec-65cc-449b-b60a-7f7f20c864da
Request Chain 646
  • https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 648
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6899746681820172104&uid=Q6899746681820172104&ref=%2Feucm%2Fp%2Fcc HTTP 302
  • https://px.owneriq.net/noop?ct=image%2Fgif
Request Chain 649
  • https://ums.acuityplatform.com/tum?umid=8 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=621636589522
Request Chain 650
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1636774668&gdpr=1
Request Chain 652
  • https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=485a810d-9b8f-4f0e-b9d0-5b5a9c7c902a&expiration=1668224268
Request Chain 661
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=fb11b811-7f6b-44fa-b783-950c97ba75f9
Request Chain 662
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-100b4fc9-99f8-4b85-97b9-d02dd4a6b1c1
Request Chain 666
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
  • https://um.simpli.fi/no_match_opted_out
Request Chain 673
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D74fce569-a1fb-458a-4d4b-310e90dafe31%26reqId%3Df77a3882-07f9-4bd2-5051-3f418d40b33f%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=f77a3882-07f9-4bd2-5051-3f418d40b33f&zdid=1361
Request Chain 680
  • https://cm.ctnsnet.com/int/cm?exc=19&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=85f7bf4f457c40a9be37d17b39dda0d9&expiration=1639280268
Request Chain 683
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
Request Chain 686
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
  • https://um.simpli.fi/no_match_opted_out
Request Chain 693
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1991787311400296336
Request Chain 694
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
  • https://um.simpli.fi/no_match_opted_out
Request Chain 695
  • https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 704
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D108%26tpuid%3D%5BMM_UUID%5D&uid=8390b67cef88dc4e4a7a570b499e2a5f9d262a7a3c2602831025030b45484789&tpid=108&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fa758d1bfa8fd4387b40e47b5fac0cc5e%2F1636688268533%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=e626618d-e18b-4900-b346-8a6c848cdf60&gdpr=0&gdpr_consent=
Request Chain 705
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D108%26tpuid%3D%5BMM_UUID%5D&uid=8390b67cef88dc4e4a7a570b499e2a5f9d262a7a3c2602831025030b45484789&tpid=108&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fa1dd7e88ad694af18f8d3a690545701a%2F1636688268543%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=e626618d-e18b-4900-b346-8a6c848cdf60&gdpr=0&gdpr_consent=
Request Chain 706
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
Request Chain 715
  • https://adscale-emea.adnxs.com/getuid?https%3A%2F%2Fih.adscale.de%2Fsium%2Fa1dd7e88ad694af18f8d3a690545701a%2F1636688268543%2F0%2Fimg%3Ftpid%3D75%26tpuid%3D%24UID&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/a1dd7e88ad694af18f8d3a690545701a/1636688268543/0/img?tpid=75&tpuid=7051991869510472897&gdpr=0
Request Chain 716
  • https://adscale-emea.adnxs.com/getuid?https%3A%2F%2Fih.adscale.de%2Fsium%2Fa758d1bfa8fd4387b40e47b5fac0cc5e%2F1636688268533%2F0%2Fimg%3Ftpid%3D75%26tpuid%3D%24UID&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/a758d1bfa8fd4387b40e47b5fac0cc5e/1636688268533/0/img?tpid=75&tpuid=7051991869510472897&gdpr=0
Request Chain 717
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=5cd3337f0618da2ddc6d13956f5a0aa792a31af85d3e1332af809a2f74bc76b6&tpid=63&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fa758d1bfa8fd4387b40e47b5fac0cc5e%2F1636688268533%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YY3hh-hBgT.uGKmO4CBSjQAA%261130
Request Chain 718
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=5cd3337f0618da2ddc6d13956f5a0aa792a31af85d3e1332af809a2f74bc76b6&tpid=63&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fa1dd7e88ad694af18f8d3a690545701a%2F1636688268543%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YY3hh-hBgT.uGKmO4CBSjQAA%261130
Request Chain 719
  • https://track.adform.net/serving/cookie/match/?party=9&uid=c009877ffd9dfdb2e79ad3036efb547fa7b5aae5d92eb2ebe65939fa2cc659ef&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fa758d1bfa8fd4387b40e47b5fac0cc5e%2F1636688268533%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/a758d1bfa8fd4387b40e47b5fac0cc5e/1636688268533/0/img?tpid=42&gdpr=0&tpuid=1034124019680978443
Request Chain 720
  • https://track.adform.net/serving/cookie/match/?party=9&uid=c009877ffd9dfdb2e79ad3036efb547fa7b5aae5d92eb2ebe65939fa2cc659ef&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fa1dd7e88ad694af18f8d3a690545701a%2F1636688268543%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/a1dd7e88ad694af18f8d3a690545701a/1636688268543/0/img?tpid=42&gdpr=0&tpuid=1034124019680978443
Request Chain 721
  • https://x.bidswitch.net/sync?ssp=admatic HTTP 302
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=admatic HTTP 302
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=admatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=250d99ff-4f19-41bf-9933-7171b6bc8197&ssp=admatic HTTP 302
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=ca55ffaf-b038-4845-a074-417fa5b634be&dsp_uuid=&dsp_id= HTTP 302
  • https://ads3.admatic.com.tr/user?bsw_uuid=ca55ffaf-b038-4845-a074-417fa5b634be&dsp_uuid=&dsp_id=
Request Chain 722
  • https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&uid=81e577fa7e209285e4c967352f0ed236f669e7aeb57326aada8220f5417eed0d&tpid=40&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fa758d1bfa8fd4387b40e47b5fac0cc5e%2F1636688268533%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=31d44fb5-0c7c-4188-943c-82c74cd5d61c&gdpr=0
Request Chain 723
  • https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&uid=81e577fa7e209285e4c967352f0ed236f669e7aeb57326aada8220f5417eed0d&tpid=40&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fa1dd7e88ad694af18f8d3a690545701a%2F1636688268543%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=59a0fd47-78f2-4211-9c1f-b57eb8662cd2&gdpr=0
Request Chain 724
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=2c486f051a2318194d9ff357fd410f27ee614edca22f6cf56c60515bb2149669&tpid=39&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fa758d1bfa8fd4387b40e47b5fac0cc5e%2F1636688268533%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=e626618d-e18b-4900-b346-8a6c848cdf60&gdpr=0&gdpr_consent=
Request Chain 725
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=2c486f051a2318194d9ff357fd410f27ee614edca22f6cf56c60515bb2149669&tpid=39&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fa1dd7e88ad694af18f8d3a690545701a%2F1636688268543%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=e626618d-e18b-4900-b346-8a6c848cdf60&gdpr=0&gdpr_consent=
Request Chain 726
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=46bb711739252dc3baf9960db855293727d4a028fba723ec09a7b6f3c0c02df3&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fa1dd7e88ad694af18f8d3a690545701a%2F1636688268543%2F0%2Fjs&gdpr=0 HTTP 302
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=46bb711739252dc3baf9960db855293727d4a028fba723ec09a7b6f3c0c02df3&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fa1dd7e88ad694af18f8d3a690545701a%2F1636688268543%2F0%2Fjs&gdpr=0&checkcookies=true HTTP 302
  • https://ih.adscale.de/sium/a1dd7e88ad694af18f8d3a690545701a/1636688268543/0/js?tpid=48&tpuid=04c4e7fa811ab4a9976792abbb0dc1e6
Request Chain 727
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=46bb711739252dc3baf9960db855293727d4a028fba723ec09a7b6f3c0c02df3&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fa758d1bfa8fd4387b40e47b5fac0cc5e%2F1636688268533%2F0%2Fjs&gdpr=0 HTTP 302
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=46bb711739252dc3baf9960db855293727d4a028fba723ec09a7b6f3c0c02df3&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fa758d1bfa8fd4387b40e47b5fac0cc5e%2F1636688268533%2F0%2Fjs&gdpr=0&checkcookies=true HTTP 302
  • https://ih.adscale.de/sium/a758d1bfa8fd4387b40e47b5fac0cc5e/1636688268533/0/js?tpid=48&tpuid=899f3c3b84c10e6d41f9e31b5561f7fd
Request Chain 730
  • https://x.bidswitch.net/sync?ssp=admatic HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=admatic&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=93&user_id=c6f7b90a-8be6-489e-aed8-3443d34fbebe&expires=30&ssp=admatic&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21} HTTP 302
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=ca55ffaf-b038-4845-a074-417fa5b634be&dsp_uuid=&dsp_id= HTTP 302
  • https://ads3.admatic.com.tr/user?bsw_uuid=ca55ffaf-b038-4845-a074-417fa5b634be&dsp_uuid=&dsp_id=
Request Chain 731
  • https://x.bidswitch.net/sync?ssp=admatic HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=admatic&bsw_custom_parameter=ca55ffaf-b038-4845-a074-417fa5b634be HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=admatic&bsw_custom_parameter=ca55ffaf-b038-4845-a074-417fa5b634be HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=ea42f397-30e5-42ff-b633-a265db3204f7&ssp=admatic&expires=30&user_group=5&bsw_param=ca55ffaf-b038-4845-a074-417fa5b634be HTTP 302
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=ca55ffaf-b038-4845-a074-417fa5b634be&dsp_uuid=&dsp_id= HTTP 302
  • https://ads3.admatic.com.tr/user?bsw_uuid=ca55ffaf-b038-4845-a074-417fa5b634be&dsp_uuid=&dsp_id=
Request Chain 741
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.oann.com%2F&domain=www.oann.com&bundle=Zi2TqV9CSFg1Znp5WnBYVGd3NkFRNlkxZmJBeU9kQnNhSmNLTXU5WEQyN3lZJTJCVEEyWW5yVnJtT1BmdEFadk1rWDFxMUMlMkJuRGFaNFFlZ21MaGRRRmRMWno3MklOeDF1TnEyVGdKeFJQbHZXSEJ3ZGclMkZVJTJGaUN1RXM1UXZHdmRpZjFRcWp2&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=42b2FXw0V2xDQ3hBODFLRm9uaWxRY1ovNUpuZHhtNjZadWdiOTBMRHRHMUVTOGdFem9NdXhDWFZKMlhwOFY0TldlUDdicC9oVnRmSDRCclk5MFNJM0Npcm1tc09UdnhLWHNBSjduRnRXaWJtYlhwa3JOOHdKZ3YrZmdSZmo1dnREdXFFbVh5Zk5Hc3RXaVIrb1ViNlVQUjBZY2xOczlKVkVkNndocVQxeFlENWN6aU4yZFFoaWRISmhnNThJSExIRDFVKzhCclczNDIwZCtVTXhXSy82RnFGT051U1RDOFdrSjdNTVhBbkZhamp1bXpRaFBkVjhQTXB4ekpBRkRFbDFISFh5Ym1YcnptSVJybWVhL2pXRlp3MndZSjVQclVJM0FaU283c2djTG9DYkVFZz18&cppv=2
Request Chain 774
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=278&slotname=Widget-300x250-2.5&adk=2566101958&adf=3791526571&pi=t.ma~as.Widget-300x250-2.5&w=374&url=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636688272708&bpp=20&bdt=47&idt=82&shv=r20211109&mjsv=m202111100101&ptt=5&saldr=sa&cookie=ID%3D7a2f33326af15082-22460f4655cb0048%3AT%3D1636688263%3AS%3DALNI_MYoDdZID8ASaftpf8b1oJO7x-F78w&correlator=6906897692740&frm=23&ife=1&pv=2&ga_vid=117753250.1636688263&ga_sid=1636688273&ga_hid=685161061&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=909476494&scr_x=0&scr_y=0&eid=31062937%2C31063703&oid=2&pvsid=3206672275891475&pem=733&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CEr%7C&abl=CS&pfx=0&fu=32772&bc=31&ifi=1&uci=1.x8rizwcyq9hh&fsb=1&dtd=99 HTTP 302
  • https://served-by.pixfuture.com/www/delivery/afr.php
Request Chain 782
  • https://x.bidswitch.net/sync?ssp=admatic HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dadmatic%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dadmatic%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D&crf=1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=f2660431-125a-513c-be99-7129df1490bb&ssp=admatic&expires=30&user_group=1 HTTP 302
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=ca55ffaf-b038-4845-a074-417fa5b634be&dsp_uuid=&dsp_id= HTTP 302
  • https://ads3.admatic.com.tr/user?bsw_uuid=ca55ffaf-b038-4845-a074-417fa5b634be&dsp_uuid=&dsp_id=
Request Chain 786
  • https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YY3hiwAAAbzr6wBG
Request Chain 787
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=ae1ef9dbcc63b13a6494acd785836c22&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D HTTP 302
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=37127328274913860432154452890004927553
Request Chain 790
  • https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=e626618d-e18b-4900-b346-8a6c848cdf60
Request Chain 792
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=2m5oK5SwQnJRja1OGUZekugfQ&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=2m5oK5SwQnJRja1OGUZekugfQ&gdpr=0&gdpr_consent=&google_gid=CAESEHs7MsDHG_tBhKtQzyONLvw&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 793
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=1034124019680978443 HTTP 302
  • https://ps.eyeota.net/match?bid=kh51m51&uid=2m5oK5SwQnJRja1OGUZekugfQ&gdpr=0&gdpr_consent=
Request Chain 801
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D HTTP 307
  • https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=c5b33dd8-fbfd-4a05-badc-d38f5c8aa507
Request Chain 809
  • https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.advertising.com/ups/55986/sync?uid=YY3hiwAAAbzr6wBG&_origin=0&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/55986/sync?uid=YY3hiwAAAbzr6wBG&_origin=0&gdpr=0&gdpr_consent=&apid=UPe54983f6-4369-11ec-a004-02c1570f7238
Request Chain 810
  • https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=59aa3052-ff19-4751-90ca-53cfef66db91
Request Chain 813
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UPe54983f6-4369-11ec-a004-02c1570f7238 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVBlNTQ5ODNmNi00MzY5LTExZWMtYTAwNC0wMmMxNTcwZjcyMzg%3D HTTP 302
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEEhp0aTeFaidO5ycLYomz2U&google_cver=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEEhp0aTeFaidO5ycLYomz2U&google_cver=1&apid=UPe54983f6-4369-11ec-a004-02c1570f7238
Request Chain 814
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID HTTP 307
  • https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=f84f02358cfc80548d3f33c7
Request Chain 815
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=c6f7b90a-8be6-489e-aed8-3443d34fbebe&_origin=1&gdpr=1&gdpr_consent=
Request Chain 816
  • https://id5-sync.com/s/441/9.gif?puid=e_bee7f5ba-0941-47a7-ac46-c27fb81a1b49&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMO86cEKNoRjXxNkuBVQQZ1PvX1TX4ZkkCXTVTOuw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/441/916/8/2.gif?puid=869d1979-d4d7-48b6-8296-b1c99ad5eb73&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO86cEKNoRjXxNkuBVQQZ1PvX1TX4ZkkCXTVTOuw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F7%2F3.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/441/124/7/3.gif?puid=869d1979-d4d7-48b6-8296-b1c99ad5eb73&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 307
  • https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/441/146/6/4.gif?puid=30b2f914-7298-45f5-ac23-8adb5ce5999c&gdpr=1&gdpr_consent= HTTP 302
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY HTTP 303
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEGFFKSS9WApe7yysncOdMRU&google_cver=1 HTTP 303
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEGFFKSS9WApe7yysncOdMRU&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=7051991869510472897&opid=apx&ops=&utidl=tech:goo:CAESEGFFKSS9WApe7yysncOdMRU&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
  • https://id5-sync.com/qp/18.gif?puid=vec%3A22425443906&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY HTTP 302
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/4/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/19/4/6.gif?puid=ae1ef9dbcc63b13a6494acd785836c22&gdpr=1&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=463291&dpuuid=ID5-ZHMO86cEKNoRjXxNkuBVQQZ1PvX1TX4ZkkCXTVTOuw&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F160%2F3%2F7.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/160/3/7.gif?puid=37127328274913860432154452890004927553&gdpr=1&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=494279&dpuuid=ID5-ZHMO86cEKNoRjXxNkuBVQQZ1PvX1TX4ZkkCXTVTOuw&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F340%2F2%2F8.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/340/2/8.gif?puid=37127328274913860432154452890004927553&gdpr=1&gdpr_consent=
Request Chain 817
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=7051991869510472897
Request Chain 819
  • https://ad.360yield.com/server_match?gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=869d1979-d4d7-48b6-8296-b1c99ad5eb73
Request Chain 821
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=vyI1oe8AzZYdMt9tvSQjpg==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 823
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=LlpRG4f11MLnnS5
Request Chain 824
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dopenx HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dopenx HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=30b2f914-7298-45f5-ac23-8adb5ce5999c&ssp=openx HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=ca55ffaf-b038-4845-a074-417fa5b634be
Request Chain 825
  • https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072399&val=7051991869510472897
Request Chain 826
  • https://match.prod.bidr.io/cookie-sync/ox HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AATrDk7DG8MAAD0EfyumLw&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpp%252Cox%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dox%26bee_sync_hop_count%3D1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpp%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=ox&bee_sync_hop_count=1
Request Chain 832
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D6c99d864c877fcf3 HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Request Chain 834
  • https://cs.admanmedia.com/sync/eplanning?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D227acb3d18564968%26fi%3D6c99d864c877fcf3%26uid%3D%7B%24UID%7D HTTP 302
  • https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=6c99d864c877fcf3&uid=8905320fd96316601b5036f2c7ff5ee29069c9b4
Request Chain 838
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17184-d
Request Chain 839
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189529&cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D323546%26extuid%3D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=YY3hh-hBgT.uGKmO4CBSjQAA%261130
Request Chain 841
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 844
  • https://creativecdn.com/cm-notify?pi=admatic HTTP 302
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=9g0j12fACH6DwS0AE7Em&pi=admatic
Request Chain 848
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID HTTP 303
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=1034124019680978443
Request Chain 856
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:LlpRG4f11MLnnS5&gdpr=0&gdpr_consent=
Request Chain 857
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:8AC5227B8F2D4D5C8108AA8B2418A4EF
Request Chain 858
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=JTTjVY0qS5JtcVusoecQ11vHdko
Request Chain 859
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=F7758E58-A6FE-4EE5-A3E4-8A9A780B336D&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=F7758E58-A6FE-4EE5-A3E4-8A9A780B336D&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=F7758E58-A6FE-4EE5-A3E4-8A9A780B336D&addseg=19,36,42
Request Chain 860
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=F7758E58-A6FE-4EE5-A3E4-8A9A780B336D&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=F7758E58-A6FE-4EE5-A3E4-8A9A780B336D&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 862
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=F7758E58-A6FE-4EE5-A3E4-8A9A780B336D HTTP 302
  • https://a.audrte.com/p
Request Chain 863
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=ebbc5d54-4369-11ec-a6af-31b47b025245&gdpr=0&gdpr_consent=
Request Chain 874
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D6c99d864c877fcf3 HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Request Chain 876
  • https://cs.admanmedia.com/sync/eplanning?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D227acb3d18564968%26fi%3D6c99d864c877fcf3%26uid%3D%7B%24UID%7D HTTP 302
  • https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=6c99d864c877fcf3&uid=8905320fd96316601b5036f2c7ff5ee29069c9b4
Request Chain 879
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 883
  • https://x.bidswitch.net/sync?ssp=admatic HTTP 302
  • https://green.erne.co/bidswitch/cm?bidswitch_ssp_id=admatic&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=270&expires=10&user_id=5EUJvoksFrJIRubrTtzNXzX5&ssp=admatic HTTP 302
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=ca55ffaf-b038-4845-a074-417fa5b634be&dsp_uuid=&dsp_id= HTTP 302
  • https://ads3.admatic.com.tr/user?bsw_uuid=ca55ffaf-b038-4845-a074-417fa5b634be&dsp_uuid=&dsp_id=
Request Chain 884
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
Request Chain 889
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1636774674&gdpr=1
Request Chain 891
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
  • https://um.simpli.fi/no_match_opted_out
Request Chain 895
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D74fce569-a1fb-458a-4d4b-310e90dafe31%26reqId%3Ddc0b4475-0325-438f-6b89-e5b64d00d781%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=dc0b4475-0325-438f-6b89-e5b64d00d781&zdid=1361
Request Chain 910
  • https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fdu%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fdu%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=e753df97-ec21-42f3-b3f1-6bd0dc96c361&idx= HTTP 302
  • https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fdu%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fdu%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=e753df97-ec21-42f3-b3f1-6bd0dc96c361&idx=&_rlid=e753df97-ec21-42f3-b3f1-6bd0dc96c361
Request Chain 913
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
  • https://um.simpli.fi/no_match_opted_out
Request Chain 914
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YY3hh_hBgT-uGKmO4CBSjQAABGoAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEC0kTo4DOTi5Y4M5VfsuE0M&google_cver=1
Request Chain 916
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
Request Chain 919
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1636774674&gdpr=1
Request Chain 927
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm HTTP 302
  • https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESECFigcWfjWembcdpgXwpG0s&google_cver=1
Request Chain 928
  • https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_dbm HTTP 302
  • https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEIlloGnXirCxliHvs6IKbCU&google_cver=1&adform_v=1
Request Chain 933
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D74fce569-a1fb-458a-4d4b-310e90dafe31%26reqId%3Da3124958-2975-4c19-7373-7c5ead9f5295%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=a3124958-2975-4c19-7373-7c5ead9f5295&zdid=1361
Request Chain 939
  • https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&uid=c0ef958aaf53f010dd27d9de5b877e2daa5f1ca6d6514ad21c287b0e195e4e90&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F23c1d4719e6544b7a5dc8ad4fb7f7f34%2F1636688274862%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/23c1d4719e6544b7a5dc8ad4fb7f7f34/1636688274862/0/img?uid=c0ef958aaf53f010dd27d9de5b877e2daa5f1ca6d6514ad21c287b0e195e4e90&tpid=38&gdpr=0&tpuid=CAESEL6nLPN4cn9QN1SvlFnMbus&google_cver=1
Request Chain 940
  • https://cm.g.doubleclick.net/pixel?google_nid=retargetly_ddp&google_hm=ZTc1M2RmOTctZWMyMS00MmYzLWIzZjEtNmJkMGRjOTZjMzYx&google_cm HTTP 302
  • https://app.retargetly.com/sync?pid=11&google_gid=CAESEL_8Dn8r8DPRxkJxr587BXc&google_cver=1
Request Chain 943
  • https://tags.bluekai.com/site/28347?limit=0&id=e753df97-ec21-42f3-b3f1-6bd0dc96c361&redir=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%24_BK_UUID%26pid%3D9 HTTP 302
  • https://app.retargetly.com/sync?sid=$_BK_UUID&pid=9
Request Chain 944
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=83i98y4&ttd_tpi=1 HTTP 302
  • https://api.retargetly.com/sync?pid=13&sid=c6f7b90a-8be6-489e-aed8-3443d34fbebe
Request Chain 947
  • https://secure.adnxs.com/getuid?https://app.retargetly.com/sync?sid=$UID&pid=2 HTTP 302
  • https://app.retargetly.com/sync?sid=7051991869510472897&pid=2
Request Chain 948
  • https://trc.taboola.com/sg/retargetly/1/cm HTTP 302
  • https://app.retargetly.com/sync?pid=39&sid=99df2d6b-f89a-491a-82d2-cd98d43c0b1a-tuct8876709
Request Chain 949
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3a%2f%2fapp.retargetly.com%2fsync%3fpid%3d14%26sid%3d%23PM_USER_ID HTTP 302
  • https://app.retargetly.com/sync?pid=14&sid=F7758E58-A6FE-4EE5-A3E4-8A9A780B336D
Request Chain 950
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%5Bsas_uid%5D%26pid%3D63 HTTP 302
  • https://app.retargetly.com/sync?sid=1193297337061439951&pid=63
Request Chain 951
  • https://sync.teads.tv/rt/sync?vid=e753df97-ec21-42f3-b3f1-6bd0dc96c361&gdpr=0&us_privacy=%221-N-%22 HTTP 302
  • https://app.retargetly.com/sync?pid=51&sid=e753df97-ec21-42f3-b3f1-6bd0dc96c361
Request Chain 955
  • https://dsp.adfarm1.adition.com/cookie/?ssp=17&uid=811c429160e750c2bda015c47413b283db52d03c7e31b6f1d1f71e57bd0e1d43&tpid=72&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F23c1d4719e6544b7a5dc8ad4fb7f7f34%2F1636688274862%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/23c1d4719e6544b7a5dc8ad4fb7f7f34/1636688274862/0/img?tpuid=7029522580518533270&tpid=72&gdpr=0
Request Chain 957
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adscale&ttd_tpi=1&uid=6f19a24d0a43c293082db18170f536059080940384a190d7f41ffd08458ba50c&tpid=60&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F23c1d4719e6544b7a5dc8ad4fb7f7f34%2F1636688274862%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/adscale-ih/tpui?tpid=60&tpuid=c6f7b90a-8be6-489e-aed8-3443d34fbebe
Request Chain 961
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fih.adscale.de%2Fsium%2F434521556285939984%2F1556285939984%2F0%2Fimg%3Ftpid%3D107%26tpuid%3D%24UID&uid=13e351be94e4a2de8218dc3d7e49a032384a9549d79cd4dac8f300ff0adbce05&tpid=107&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F23c1d4719e6544b7a5dc8ad4fb7f7f34%2F1636688274862%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fih.adscale.de%2Fsium%2F434521556285939984%2F1556285939984%2F0%2Fimg%3Ftpid%3D107%26tpuid%3D%24EMXUID HTTP 302
  • https://cs.emxdgt.com/umcheck?apnxid=7051991869510472897&redirect=https://ih.adscale.de/sium/434521556285939984/1556285939984/0/img?tpid=107&tpuid=$EMXUID HTTP 302
  • https://ih.adscale.de/sium/434521556285939984/1556285939984/0/img?tpid=107&uid=7051991869510472897brt309251636688275244087f1
Request Chain 964
  • https://green.erne.co/stroer/cm?uid=73834bb45fc01404072bb7833deeb857d56b4907a5f94e67aab7f799ed38c69c&tpid=84&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F23c1d4719e6544b7a5dc8ad4fb7f7f34%2F1636688274862%2F0%2Fimg&gdpr=0 HTTP 302
  • https://pixel.onaudience.com/?mapped=5EUJvoksFrJIRubrTtzNXzX5&partner=2&redirect=green.erne.co%2Fct%2Fcm%3Fred%3Dhttps%253A%252F%252Fih.adscale.de%252Fsium%252F23c1d4719e6544b7a5dc8ad4fb7f7f34%252F1636688274862%252F0%252Fimg%253Ftpid%253D84%2526tpuid%253D5EUJvoksFrJIRubrTtzNXzX5&gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/map/c=14544/tp=BIDB?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26redirect%3Dhttps%253A%252F%252Fgreen.erne.co%252Fct%252Fcm%253Fred%253Dhttps%25253A%25252F%25252Fih.adscale.de%25252Fsium%25252F23c1d4719e6544b7a5dc8ad4fb7f7f34%25252F1636688274862%25252F0%25252Fimg%25253Ftpid%25253D84%252526tpuid%25253D5EUJvoksFrJIRubrTtzNXzX5 HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=ae1ef9dbcc63b13a6494acd785836c22&redirect=https%3A%2F%2Fgreen.erne.co%2Fct%2Fcm%3Fred%3Dhttps%253A%252F%252Fih.adscale.de%252Fsium%252F23c1d4719e6544b7a5dc8ad4fb7f7f34%252F1636688274862%252F0%252Fimg%253Ftpid%253D84%2526tpuid%253D5EUJvoksFrJIRubrTtzNXzX5 HTTP 302
  • https://green.erne.co/ct/cm?red=https%3A%2F%2Fih.adscale.de%2Fsium%2F23c1d4719e6544b7a5dc8ad4fb7f7f34%2F1636688274862%2F0%2Fimg%3Ftpid%3D84%26tpuid%3D5EUJvoksFrJIRubrTtzNXzX5 HTTP 302
  • https://ih.adscale.de/sium/23c1d4719e6544b7a5dc8ad4fb7f7f34/1636688274862/0/img?tpid=84&tpuid=5EUJvoksFrJIRubrTtzNXzX5
Request Chain 966
  • https://x.bidswitch.net/sync?ssp=adscale&uid=6f4351f5e5121f9504efa1418487c198b52f573726061f953fca9f899cf87d87&tpid=57&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F23c1d4719e6544b7a5dc8ad4fb7f7f34%2F1636688274862%2F0%2Fimg&gdpr=0 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=adscale&ssp_user_id=ca55ffaf-b038-4845-a074-417fa5b634be HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=171315511&expires=5&ssp=adscale HTTP 302
  • https://ih.adscale.de/adscale-ih/sium?tpid=57&tpuid=ca55ffaf-b038-4845-a074-417fa5b634be&gdpr=&gdpr_consent=
Request Chain 967
  • https://brain.rvty.net/RTB/AdscaleMatch?uid=e91eebb93e605a1d7cc0ad63d3d92b7fb985d3ded6922247d3c9482ec6eae158&tpid=23&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F23c1d4719e6544b7a5dc8ad4fb7f7f34%2F1636688274862%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/23c1d4719e6544b7a5dc8ad4fb7f7f34/1636688274862/0/img?tpid=23&tpuid=8303cf73-534c-44dc-897f-977426f99bcd
Request Chain 968
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=2m5oK5SwQnJRja1OGUZekugfQ&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=2m5oK5SwQnJRja1OGUZekugfQ&gdpr=0&gdpr_consent=&google_gid=CAESEHs7MsDHG_tBhKtQzyONLvw&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 969
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=1034124019680978443 HTTP 302
  • https://ps.eyeota.net/match?bid=kh51m51&uid=2m5oK5SwQnJRja1OGUZekugfQ&gdpr=0&gdpr_consent=
Request Chain 972
  • https://x.bidswitch.net/sync?ssp=admatic HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dadmatic%26bsw_param%3Dca55ffaf-b038-4845-a074-417fa5b634be%26gdpr%3D%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=1febdac1a0e64b97a0fb4a1976418a77&ssp=admatic&bsw_param=ca55ffaf-b038-4845-a074-417fa5b634be&gdpr=&consent=&gdpr_pd=&expires=7 HTTP 302
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=ca55ffaf-b038-4845-a074-417fa5b634be&dsp_uuid=&dsp_id= HTTP 302
  • https://ads3.admatic.com.tr/user?bsw_uuid=ca55ffaf-b038-4845-a074-417fa5b634be&dsp_uuid=&dsp_id=
Request Chain 978
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc=281%2Frand=380886670%2Ftpid%3D%24UID%2Ftp%3DANXS HTTP 302
  • https://sync.crwdcntrl.net/map/c=281/rand=380886670/tpid=7051991869510472897/tp=ANXS
Request Chain 981
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/ae1ef9dbcc63b13a6494acd785836c22/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D HTTP 302
  • https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=2365734668697577057
Request Chain 982
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=ae1ef9dbcc63b13a6494acd785836c22&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=ec120d2c-953c-4462-a438-5fad45f00277

977 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/ 		54 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f1c:adc:8702:a95e:4e18:d5c4:5ec8 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.5 / PHP/7.4.5
Resource Hash
8ba5b2963298db951d653f1a2378652be4bfe1ff9e0285e82db2276851595275

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Fri, 12 Nov 2021 03:37:42 GMT
content-type
text/html; charset=UTF-8
server
Apache/2.4.46 () PHP/7.4.5
x-powered-by
PHP/7.4.5
link
<https://www.oann.com/wp-json/>; rel="https://api.w.org/" <https://www.oann.com/wp-json/wp/v2/posts/2578519>; rel="alternate"; type="application/json" <https://www.oann.com/?p=2578519>; rel=shortlink
last-modified
Fri, 12 Nov 2021 03:17:03 GMT
etag
"40fce15f8724975ea0fb41dcf17493a6"
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-origin
*
referrer-policy
no-referrer-when-downgrade
js
www.googletagmanager.com/gtag/ 		90 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-98105905-1
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5aff69d480d13dc5ad5001ac0e4bf82abaaf11e822ee3206272d7d8a5f62e4f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:43 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36117
x-xss-protection
0
last-modified
Fri, 12 Nov 2021 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 12 Nov 2021 03:37:43 GMT
style.min.css
dzm0ugdauank9.cloudfront.net/wp-includes/css/dist/block-library/ 		79 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dzm0ugdauank9.cloudfront.net/wp-includes/css/dist/block-library/style.min.css?ver=5.8.1
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:9800:9:da2a:f240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.5 /
Resource Hash
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 07:56:28 GMT
content-encoding
gzip
age
70875
x-cache
Hit from cloudfront
content-length
10523
access-control-allow-origin
*
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 21 Sep 2021 20:33:27 GMT
server
Apache/2.4.46 () PHP/7.4.5
etag
"13abe-5cc874f616338-gzip"
vary
Accept-Encoding
content-type
text/css
via
1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
x-amz-cf-id
tTzqjvBou7nT5Pdn_D8zLXxu_vImQOSDJVWJW93L4NemAbEB7Mp79g==
expires
Fri, 11 Nov 2022 07:56:28 GMT
wpa-style.css
dzm0ugdauank9.cloudfront.net/wp-content/plugins/wp-accessibility/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dzm0ugdauank9.cloudfront.net/wp-content/plugins/wp-accessibility/css/wpa-style.css?ver=5.8.1
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:9800:9:da2a:f240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.5 /
Resource Hash
12aaf2788b6138a9c74705c2d1c2936341d3e7df5a1f090361deb37e445d5eb9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 15:17:50 GMT
content-encoding
gzip
age
130793
x-cache
Hit from cloudfront
content-length
960
access-control-allow-origin
*
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 09 Nov 2021 18:02:21 GMT
server
Apache/2.4.46 () PHP/7.4.5
etag
"ba1-5d05ee931a790-gzip"
vary
Accept-Encoding
content-type
text/css
via
1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
x-amz-cf-id
EUVREvJU1SOuA_1ihcg-1fsdQQlgoT3mB5yufVAMMb_3CC9CTaN4pg==
expires
Thu, 10 Nov 2022 15:17:50 GMT
style.css
dzm0ugdauank9.cloudfront.net/wp-content/themes/mh_newsdesk/ 		36 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dzm0ugdauank9.cloudfront.net/wp-content/themes/mh_newsdesk/style.css?ver=1.0.2
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:9800:9:da2a:f240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.5 /
Resource Hash
b4dcbbe14a62e52bbb905f1f9573264faedf08d615c85c8471802b6a2a1ea7b7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 10:00:29 GMT
content-encoding
gzip
age
149834
x-cache
Hit from cloudfront
content-length
7876
access-control-allow-origin
*
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 08 Oct 2021 18:07:50 GMT
server
Apache/2.4.46 () PHP/7.4.5
etag
"8f2b-5cddb41dd7e40-gzip"
vary
Accept-Encoding
content-type
text/css
via
1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
x-amz-cf-id
WQ6HamQpKZu6uQnxh6qgNF7c1swqPc7k7p-3djxcqlkbHZ9gOEyNaA==
expires
Thu, 10 Nov 2022 10:00:29 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ 		23 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
632, 617, 617
age
1932924
cdn-cachedat
2021-06-08 21:08:57
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
9f7ab357f9488eab14ca15273c4cd1ea
cf-ray
6accb92c79466983-FRA
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
css
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=PT+Serif:300,400,400italic,600,700|Oswald:300,400,400italic,600,700
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d9c895d200224618020ba6c844060d7edf258372a85b9140b36aa4177b895590
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 12 Nov 2021 03:10:46 GMT
server
ESF
date
Fri, 12 Nov 2021 03:37:43 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 12 Nov 2021 03:37:43 GMT
frontend-gtag.min.js
dzm0ugdauank9.cloudfront.net/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dzm0ugdauank9.cloudfront.net/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend-gtag.min.js?ver=7.2.1
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:9800:9:da2a:f240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.5 /
Resource Hash
ed748eabea3237e3fa0cac6fb04d0b8e64f937cf5a717105ed3dc1f3c6e0e20d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 08:41:52 GMT
content-encoding
gzip
age
68151
x-cache
Hit from cloudfront
content-length
3221
access-control-allow-origin
*
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 04 Nov 2021 18:11:11 GMT
server
Apache/2.4.46 () PHP/7.4.5
etag
"2e45-5cffa73979d78-gzip"
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
x-amz-cf-id
xHAEy_kN_QZg0QnN3LFjQpY218ISci0gV3nhBoRCt2ANGYH7FVQwMg==
expires
Fri, 11 Nov 2022 08:41:52 GMT
jquery.min.js
dzm0ugdauank9.cloudfront.net/wp-includes/js/jquery/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dzm0ugdauank9.cloudfront.net/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:9800:9:da2a:f240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.5 /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 10:02:47 GMT
content-encoding
gzip
age
149696
x-cache
Hit from cloudfront
content-length
30908
access-control-allow-origin
*
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 21 Sep 2021 20:33:33 GMT
server
Apache/2.4.46 () PHP/7.4.5
etag
"15db1-5cc874fb92be0-gzip"
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
x-amz-cf-id
0vLUDa1nPIeGmAy_PeD46J_V4i0yNsbyz41NLxSq9USkc_zK_HsIqQ==
expires
Thu, 10 Nov 2022 10:02:46 GMT
jquery-migrate.min.js
dzm0ugdauank9.cloudfront.net/wp-includes/js/jquery/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dzm0ugdauank9.cloudfront.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:9800:9:da2a:f240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.5 /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 07:56:28 GMT
content-encoding
gzip
age
70875
x-cache
Hit from cloudfront
content-length
4169
access-control-allow-origin
*
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 29 Dec 2020 04:42:36 GMT
server
Apache/2.4.46 () PHP/7.4.5
etag
"2bd8-5b7930512b970-gzip"
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
x-amz-cf-id
8Dzks8W07OX2e2Al_2edtJGXpDcNxVwKBa0lZBlH6fN0Qp0oRXcDig==
expires
Fri, 11 Nov 2022 07:56:28 GMT
gtm4wp-form-move-tracker.js
dzm0ugdauank9.cloudfront.net/wp-content/plugins/duracelltomi-google-tag-manager/js/ 		2 KB
828 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dzm0ugdauank9.cloudfront.net/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js?ver=1.13.1
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:9800:9:da2a:f240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.5 /
Resource Hash
dfbdff6c9f2de2d75edb5ae49d26a9c0af81801b17de08739e32b738ef23058e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 10:02:46 GMT
content-encoding
gzip
age
149697
x-cache
Hit from cloudfront
content-length
340
access-control-allow-origin
*
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 20 May 2021 20:01:45 GMT
server
Apache/2.4.46 () PHP/7.4.5
etag
"600-5c2c869a28e70-gzip"
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
x-amz-cf-id
ARD1RussIABkP2cjX4B1TjHpT6q9djWqLSU8FpPOgs5MsDpwX_HbhA==
expires
Thu, 10 Nov 2022 10:02:46 GMT
scripts.js
dzm0ugdauank9.cloudfront.net/wp-content/themes/mh_newsdesk/js/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dzm0ugdauank9.cloudfront.net/wp-content/themes/mh_newsdesk/js/scripts.js?ver=5.8.1
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:9800:9:da2a:f240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.5 /
Resource Hash
2f325ae6eba35146be280cb1b42f68dda3d172bc2e0213ac9c35c4452dad1317

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 09:02:46 GMT
content-encoding
gzip
age
239697
x-cache
Hit from cloudfront
content-length
5811
access-control-allow-origin
*
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 11 Jun 2020 14:47:31 GMT
server
Apache/2.4.46 () PHP/7.4.5
etag
"3a3c-5a7d00a549200-gzip"
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
x-amz-cf-id
4oETQ6Ki5eN7Y7z4qkfuwfiD0LSD_gbVmtKjj98G9OQwka9YYcUZnw==
expires
Wed, 09 Nov 2022 09:02:46 GMT
qfycdXMQ-fQdxgz20.js
content.jwplatform.com/players/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://content.jwplatform.com/players/qfycdXMQ-fQdxgz20.js
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:fe00:1:a3fa:7cc0:93a1 , United States, ASN (),
Reverse DNS
Software
openresty /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:43 GMT
content-encoding
gzip
server
openresty
x-amz-cf-pop
FRA53-C1
x-cache
Error from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
content-length
240
via
1.1 a75b67932d84d80b40e12159613deb17.cloudfront.net (CloudFront)
x-amz-cf-id
3xH9QL0Nhyc397QPL5Umi6Y698LE3ID4NnnCGKV6u_i9MUXfa0cjug==
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fffe97b001b8fcdf22a1729219a8e6c95a7f2f8b6675253006a261a978ab3863
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Origin
https://www.oann.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
KxB2Zt3mS6pLbVuPUtGLkQ==
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
1685
x-fb-rlafr
0
x-fb-debug
IXr8zscl4c7LkydCfm6L9PoXY0m60Aoz5Wsb6FaR9L75YQCLAL5NB/DlTSZER+bDMQZ3ZoZP4uwF8dnv4dFreA==
x-fb-trip-id
917726464
x-fb-content-md5
e133ee1d51cd6cf0d63dc9ae197885a9
x-frame-options
DENY
date
Fri, 12 Nov 2021 03:37:43 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"63ee6cb3f74c9b5e16b7ba33275013d7"
timing-allow-origin
*
priority
u=3,i
expires
Fri, 12 Nov 2021 03:52:17 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
8f17e6ab66f753955a8f620351c7c63951a1a24171826a136c1f7de59487821d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1041 / 847 of 1000 / last-modified: 1636671951"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26942
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 12 Nov 2021 03:37:43 GMT
OANtoplogo.jpg
d2pggiv3o55wnc.cloudfront.net/oann/wp-content/uploads/2019/10/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2pggiv3o55wnc.cloudfront.net/oann/wp-content/uploads/2019/10/OANtoplogo.jpg
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-81.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8c6fd8717d86c8dfe9a40fdc7b86770c0581553efebc75894fa8cf9f2bc501d6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 05 Oct 2021 08:11:45 GMT
Via
1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Thu, 03 Oct 2019 22:57:13 GMT
Server
AmazonS3
Age
3266759
ETag
"6ded9aebb726b3af88e73cf871822bac"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Cache-Control
max-age=31536000
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
Content-Length
56130
X-Amz-Cf-Id
tham_ax8-ZU2A1oZdTk0vUPBzKJ7Po0aPk8vYCjvTR8YbMldE0SFnQ==
Expires
Fri, 02 Oct 2020 22:57:12 GMT
KlowdTV-top-banner-4.jpg
dzm0ugdauank9.cloudfront.net/wp-content/uploads/2021/10/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dzm0ugdauank9.cloudfront.net/wp-content/uploads/2021/10/KlowdTV-top-banner-4.jpg
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:9800:9:da2a:f240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.5 /
Resource Hash
70a91ff28e00f21ffce781dd7dcd46bf6f51f7f5dc41a1dbbd301651220bc86f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 07:56:28 GMT
via
1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
age
70875
x-cache
Hit from cloudfront
content-length
44208
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 13 Oct 2021 16:42:43 GMT
server
Apache/2.4.46 () PHP/7.4.5
etag
"acb0-5ce3ea6b5b630"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
x-amz-cf-id
r3mWMnu4Am4X_2sltBRQSPML1pNf6qW7pTple85yC-eL4e37wcqKIg==
expires
Fri, 11 Nov 2022 07:56:28 GMT
widgets.js
platform.twitter.com/ 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.25 Playa Vista, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67DF) /
Resource Hash
00a57617df99ac957720b7332f9d15449def3ebe11169d68f12c47a3cde5168d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:37:43 GMT
Content-Encoding
gzip
Last-Modified
Mon, 18 Oct 2021 18:33:56 GMT
Server
ECS (frb/67DF)
Age
1181
Etag
"a709ab1b2c0d5d5e7c19895f6e1dcbfd+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
29104
parler_white.png
hnwebcontent.s3-us-west-1.amazonaws.com/oann/wp-content/uploads/2020/11/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hnwebcontent.s3-us-west-1.amazonaws.com/oann/wp-content/uploads/2020/11/parler_white.png
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.112.161 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
cb34d27bca125b742bee85f479c0bb789630c9f12410df9f4913de21d474a256

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:37:44 GMT
Last-Modified
Thu, 03 Dec 2020 23:16:17 GMT
Server
AmazonS3
x-amz-request-id
QEMSR8TP21AV2NCH
ETag
"ac1957a97afa875c971a0bf906361564"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
1922
x-amz-id-2
Gf1NJtEjrq+xusLyRSQ2QPGJ6+cBuvdTuJgQnxD0lkSlaNf7CeCnwnsqmIq4cR/BhzxHYQbUVr4=
07-01-2021_FreeTalk45_LARGE.png
dzm0ugdauank9.cloudfront.net/wp-content/uploads/2021/07/ 		468 KB
469 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dzm0ugdauank9.cloudfront.net/wp-content/uploads/2021/07/07-01-2021_FreeTalk45_LARGE.png
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:9800:9:da2a:f240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.5 /
Resource Hash
279165340fde9c5e5ace9ac2edd77824664af98da8f6e0f55c6b4a7cdea822df

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 18:59:46 GMT
via
1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
age
117477
x-cache
Hit from cloudfront
content-length
479542
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 02 Jul 2021 16:34:27 GMT
server
Apache/2.4.46 () PHP/7.4.5
etag
"75136-5c62687724498"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
x-amz-cf-id
ozbJr5PfQbtDYUrJNwod2eKHHQLFE14Bv7hYYfyYa99erMnAhZPTAA==
expires
Thu, 10 Nov 2022 18:59:46 GMT
load-widget.js
cdn.pixfuture.com/cw/ 		35 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pixfuture.com/cw/load-widget.js
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29201e2275ecd3faf6436840999293d1c29403a6e6b1d7ad010553c0a91e5e68

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:43 GMT
cf-cache-status
HIT
last-modified
Tue, 09 Nov 2021 19:12:49 GMT
server
cloudflare
age
30218
etag
W/"618ac831-8b9d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cz%2FTI%2F1GClQm%2B8GySgP5KazrHpL%2F3YgC5Rynj2%2BFT%2B5cABmeeDGx%2B%2BWi07HMnPTnPtCjTTmk1qVUIlhRC4vv1wnqFqIoGsTCC0ZLElLZdfMCFs0I7rmQh25DVq94l4nAONM0hLYPRPbCD6JcwkNm"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
expires
Sat, 13 Nov 2021 19:13:09 GMT
cache-control
public, max-age=2678400, no-transform
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6accb92d8a3b0609-FRA
cf-bgj
minify
comment_count.js
dzm0ugdauank9.cloudfront.net/wp-content/plugins/disqus-comment-system/public/js/ 		889 B
929 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dzm0ugdauank9.cloudfront.net/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.22
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:9800:9:da2a:f240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.5 /
Resource Hash
cea0a05c5af6e21a409875328ed2e3dba79131b7c41f8ea07d0e0e02c7b7b59e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 18:54:58 GMT
content-encoding
gzip
age
117765
x-cache
Hit from cloudfront
content-length
440
access-control-allow-origin
*
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 28 May 2021 16:55:47 GMT
server
Apache/2.4.46 () PHP/7.4.5
etag
"379-5c366bf51f060-gzip"
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
x-amz-cf-id
LTzxkQigL_a_n9kp9oHyCGtE9wuEDsWlCjhuRnMZsNF7p4IIpbz_Sw==
expires
Thu, 10 Nov 2022 18:54:58 GMT
comment_embed.js
dzm0ugdauank9.cloudfront.net/wp-content/plugins/disqus-comment-system/public/js/ 		1 KB
1008 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dzm0ugdauank9.cloudfront.net/wp-content/plugins/disqus-comment-system/public/js/comment_embed.js?ver=3.0.22
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:9800:9:da2a:f240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.5 /
Resource Hash
556172885a172763c715eace05597d5575ee4d4f2df6b61d723f4666b0a730a9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 10:05:10 GMT
content-encoding
gzip
age
149553
x-cache
Hit from cloudfront
content-length
519
access-control-allow-origin
*
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 28 May 2021 16:55:47 GMT
server
Apache/2.4.46 () PHP/7.4.5
etag
"4d0-5c366bf51adf8-gzip"
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
x-amz-cf-id
KUmH5ph6qQTA_AHII6JH1DU5p9Ggu3rEcrVeEJ2D8mdVQKXzsRWFlQ==
expires
Thu, 10 Nov 2022 10:05:10 GMT
longdesc.button.js
dzm0ugdauank9.cloudfront.net/wp-content/plugins/wp-accessibility/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dzm0ugdauank9.cloudfront.net/wp-content/plugins/wp-accessibility/js/longdesc.button.js?ver=1.0
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:9800:9:da2a:f240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.5 /
Resource Hash
7d7f79852df44c08a9884dc38e91e18bcff7592516a815af7d8bd4041412be68

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 10:05:35 GMT
content-encoding
gzip
age
149528
x-cache
Hit from cloudfront
content-length
873
access-control-allow-origin
*
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 09 Nov 2021 18:02:21 GMT
server
Apache/2.4.46 () PHP/7.4.5
etag
"ae0-5d05ee9332a48-gzip"
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
x-amz-cf-id
LyLn4F_67Ch7CQtxGn5UZf0JTpayc8P78pogi-nPfdNJd9EQr8ZORw==
expires
Thu, 10 Nov 2022 10:05:35 GMT
current-menu-item.js
dzm0ugdauank9.cloudfront.net/wp-content/plugins/wp-accessibility/js/ 		138 B
608 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dzm0ugdauank9.cloudfront.net/wp-content/plugins/wp-accessibility/js/current-menu-item.js?ver=1.0
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:9800:9:da2a:f240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.5 /
Resource Hash
b97e05411def19f898ee5b52a8241d47780894133d4176dbafd074fbc9f90af6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 08:42:35 GMT
content-encoding
gzip
age
68107
x-cache
Hit from cloudfront
content-length
121
access-control-allow-origin
*
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 09 Nov 2021 18:02:21 GMT
server
Apache/2.4.46 () PHP/7.4.5
etag
"8a-5d05ee933af18-gzip"
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
x-amz-cf-id
B_XL9Tp-5TVtuEPBpEYWo_mQKtb8TAGlIS0ekc7RhBYLnMm9cvzg9A==
expires
Fri, 11 Nov 2022 08:42:35 GMT
comment-reply.min.js
dzm0ugdauank9.cloudfront.net/wp-includes/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dzm0ugdauank9.cloudfront.net/wp-includes/js/comment-reply.min.js?ver=5.8.1
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:9800:9:da2a:f240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.5 /
Resource Hash
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 18:55:00 GMT
content-encoding
gzip
age
117763
x-cache
Hit from cloudfront
content-length
1346
access-control-allow-origin
*
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 28 Jun 2021 15:24:06 GMT
server
Apache/2.4.46 () PHP/7.4.5
etag
"ba8-5c5d5147ef1f8-gzip"
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
x-amz-cf-id
9Y0glmx1Zf-cEJhagNyGwVCPXQ74hwakBZsUgq2Mhf5iKXOF8pa9mw==
expires
Thu, 10 Nov 2022 18:55:00 GMT
wp-accessibility.js
dzm0ugdauank9.cloudfront.net/wp-content/plugins/wp-accessibility/js/ 		915 B
865 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dzm0ugdauank9.cloudfront.net/wp-content/plugins/wp-accessibility/js/wp-accessibility.js?ver=1.0
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:9800:9:da2a:f240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.5 /
Resource Hash
dab4e8e5049584bfe935b784b24f987bb12df253a775384fd355cf733b2d53d0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 19:02:21 GMT
content-encoding
gzip
age
117322
x-cache
Hit from cloudfront
content-length
377
access-control-allow-origin
*
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 09 Nov 2021 18:02:21 GMT
server
Apache/2.4.46 () PHP/7.4.5
etag
"393-5d05ee9347650-gzip"
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
x-amz-cf-id
4FKa52JgoYVj5oqU5rvqc-R_XmK6R_ezuXjBooB2HZVL2qyA0QyBbQ==
expires
Thu, 10 Nov 2022 19:02:21 GMT
wp-embed.min.js
dzm0ugdauank9.cloudfront.net/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dzm0ugdauank9.cloudfront.net/wp-includes/js/wp-embed.min.js?ver=5.8.1
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:9800:9:da2a:f240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.5 /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 10:02:46 GMT
content-encoding
gzip
age
149697
x-cache
Hit from cloudfront
content-length
765
access-control-allow-origin
*
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 09 Feb 2021 00:29:08 GMT
server
Apache/2.4.46 () PHP/7.4.5
etag
"592-5badc5fefe8f8-gzip"
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
x-amz-cf-id
J0de6jHh0owNJBbJToIwEJSYIANN_DYBI_WvAux4kcqsR-XGw-blkg==
expires
Thu, 10 Nov 2022 10:02:46 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.8.1
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa081436fdbf78060847f4dbd6cc95f88a435c2f995e03aedf16cae94bb48762

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:43 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
3197
etag
W/"d24a6d0ec1286eeadae131b33275a983"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
6accb92d6fd94e3e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Mon, 15 Nov 2021 03:37:43 GMT
cookie-consent.js
www.privacypolicies.com/public/cookie-consent/3.1.0/ 		160 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.privacypolicies.com/public/cookie-consent/3.1.0/cookie-consent.js?ver=5.8.1
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a100f564ded3c93fd598b36241490797749f34b6106b8d6d5a03e0ac0138599
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2283
x-priority
5/n
x-z
3246
last-modified
Fri, 12 Nov 2021 01:49:35 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
x-frame-options
sameorigin
etag
W/"7c360cbf344e92c7325b35638c0544d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2BZL%2B4whA0xjeJRIvNzb8EoM3Qf1qFMMOb70ClWhNQM5SigJVCbwBB6wqP2guNLxR4V9IUC7xr5iDEbEaD2zDLQYWSH%2FAadr5MCqC0%2BmP6dsu0Ke%2BU8i5A%2FFsAR1Zl6AeFICXdco51We8r25NIssFwnobzLY"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, immutable, max-age=3600
cf-ray
6accb92d6af55b9e-FRA
expires
Fri, 12 Nov 2021 03:49:35 GMT
adsync.js
oann-push.s3-us-west-2.amazonaws.com/ 		622 B
991 B 		Script
General
Check archive.org
Download Go to
Full URL
https://oann-push.s3-us-west-2.amazonaws.com/adsync.js?ver=5.8.1
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.197.161 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
30ad7518daae9ffbd368abe59ea5ee79784e4ef502c36d0db941d4d2a246d5bc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:37:44 GMT
Last-Modified
Tue, 09 Mar 2021 01:45:42 GMT
Server
AmazonS3
x-amz-request-id
QEMTGREG82RBA6FN
ETag
"3f588733175c8e01d163f4eeac186863"
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
622
x-amz-id-2
6MudJ2PqVW3j3MwML/Dd5y2s2UH28/1tmgQUEPU0bXRDfSr/hOEWLU2dHCj3U51EouZX0iexyJM=
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-98105905-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5797
date
Fri, 12 Nov 2021 02:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 12 Nov 2021 04:01:06 GMT
gtm.js
www.googletagmanager.com/ 		77 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NBMK8NJ
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
14d8652ed0f92c5935b9bab14a9544401ebe915c88707c932771c8d8f810a47a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:43 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30791
x-xss-protection
0
last-modified
Fri, 12 Nov 2021 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 12 Nov 2021 03:37:43 GMT
pollembed.js
scripts.poll-maker.com/3012/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.poll-maker.com/3012/pollembed.js
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:5da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
1aa48a9de85d1a16d46de251581f3e393675dc13ee98af91e43dd1dee0ef3cf5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:43 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
89289
x-powered-by
ASP.NET
last-modified
Tue, 26 Oct 2021 21:36:19 GMT
server
cloudflare
etag
W/"ef73c283b1cad71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rvgP7gKaG1Eqd9kFah7DPHE%2BVcFtVojVfrL2hUzP%2F7QAVgAGdb6srALCIGLTy6f6R8VYJ9dU012tTAUDnUNypTKQYBWoRSXnPOID%2FxKIKv%2BULWW4roxiMLyXdZGLyGfW59nLUKehTVa4Fn3yOiU6pDswIMo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=691200
cf-ray
6accb92da8b84de2-FRA
cf-bgj
minify
background-takeover-plain.jpg
d2pggiv3o55wnc.cloudfront.net/oann/wp-content/uploads/2018/12/ 		215 KB
216 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2pggiv3o55wnc.cloudfront.net/oann/wp-content/uploads/2018/12/background-takeover-plain.jpg
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-81.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d837a8bd2d9d0030c7dc50304ecc5f7c83ca5d0992cf58eecd61079d35f83dba

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 31 Aug 2021 06:20:25 GMT
Via
1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Tue, 04 Dec 2018 16:21:00 GMT
Server
AmazonS3
Age
6297439
ETag
"2dc2b57c085e8e5b146b6aa613340775"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Cache-Control
max-age=31536000
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
Content-Length
220138
X-Amz-Cf-Id
wTBYjmOfNR1c0C6qMcB_-k4Ojm-bZ_SjndPPwLHKXG5jgNtIs8SOMQ==
Expires
Wed, 04 Dec 2019 16:20:59 GMT
TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v40/ 		31 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v40/TK3iWkUHHAIjg752GT8G.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif:300,400,400italic,600,700|Oswald:300,400,400italic,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d287da709652059aee8af366398fb5597fa3bf2e9cbe53b7c8ffe3da44f19ff8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.oann.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 02:22:57 GMT
x-content-type-options
nosniff
age
90886
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31624
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:16:38 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 11 Nov 2022 02:22:57 GMT
EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.gstatic.com/s/ptserif/v12/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptserif/v12/EJRVQgYoZZY2vCFuvAFWzr8.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif:300,400,400italic,600,700|Oswald:300,400,400italic,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef391572f9fbb7bab7fef6ce2c4fc92ad68a8c148889a79cb9f9b1452d851fab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.oann.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 05 Nov 2021 04:07:41 GMT
x-content-type-options
nosniff
age
603002
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32960
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:06:03 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 05 Nov 2022 04:07:41 GMT
EJRSQgYoZZY2vCFuvAnt66qSVys.woff2
fonts.gstatic.com/s/ptserif/v12/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptserif/v12/EJRSQgYoZZY2vCFuvAnt66qSVys.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif:300,400,400italic,600,700|Oswald:300,400,400italic,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e548abcd8734bfcf8b4ebbbca1af98f9e8ae1e0ff884c0971f29498a4fc108f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.oann.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 09:57:27 GMT
x-content-type-options
nosniff
age
150016
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29400
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:05:20 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 10 Nov 2022 09:57:27 GMT
asdaf-656x437.jpg
dzm0ugdauank9.cloudfront.net/wp-content/uploads/2021/11/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dzm0ugdauank9.cloudfront.net/wp-content/uploads/2021/11/asdaf-656x437.jpg
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:9800:9:da2a:f240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.5 /
Resource Hash
137c0416ec641d0d523a0bd4c8d68d03c3de580545ca756a25255a6532bc5155

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:14:31 GMT
via
1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
age
1392
x-cache
Hit from cloudfront
content-length
28861
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 12 Nov 2021 03:03:48 GMT
server
Apache/2.4.46 () PHP/7.4.5
etag
"70bd-5d08eb5491b90"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
x-amz-cf-id
KEpcFDtEdJvIZWFiJUGUTeQY7qtjeGT1a6tpXa0B4ZSoZ2RjVdnzVw==
expires
Sat, 12 Nov 2022 03:14:31 GMT
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/ 		55 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
Origin
https://www.oann.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:43 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
632, 617, 617
age
17532769
cdn-cachedat
2021-04-23 07:12:17
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
56780
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
font/woff2
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
dcae05e82b6e3d3a164b0cca6111904b
accept-ranges
bytes
cf-ray
6accb92dc9e3dfa9-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
sdfdsd.jpg
dzm0ugdauank9.cloudfront.net/wp-content/uploads/2021/11/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dzm0ugdauank9.cloudfront.net/wp-content/uploads/2021/11/sdfdsd.jpg
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:9800:9:da2a:f240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.5 /
Resource Hash
a569fe02ec65c50d14570786b117a41adc594c4a924e0b4e43728ec44d57e87b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 02:07:08 GMT
via
1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
age
5435
x-cache
Hit from cloudfront
content-length
28861
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 12 Nov 2021 02:04:47 GMT
server
Apache/2.4.46 () PHP/7.4.5
etag
"70bd-5d08de22ebfd0"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
x-amz-cf-id
ax3yH-QFKAAJvk6BAp0e3NmGYlQ4nDGeYvXo0fKbnZS3vxFWiY41uQ==
expires
Sat, 12 Nov 2022 02:07:08 GMT
dghf-120x67.jpg
dzm0ugdauank9.cloudfront.net/wp-content/uploads/2021/11/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dzm0ugdauank9.cloudfront.net/wp-content/uploads/2021/11/dghf-120x67.jpg
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:9800:9:da2a:f240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.5 /
Resource Hash
b81b1b23f846c683e794ab0aaef7ddec499721e3f8941ab37e6587794d1309bb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 01:27:18 GMT
via
1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
age
7825
x-cache
Hit from cloudfront
content-length
4353
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 12 Nov 2021 01:23:55 GMT
server
Apache/2.4.46 () PHP/7.4.5
etag
"1101-5d08d500feb60"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
x-amz-cf-id
HuhPAiX-SIYEvWeJ4ezvwIeuP5RPgdkw7W41ghzqGLRQFkzaN8LVDA==
expires
Sat, 12 Nov 2022 01:27:18 GMT
kdjlkds-120x67.jpg
dzm0ugdauank9.cloudfront.net/wp-content/uploads/2021/11/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dzm0ugdauank9.cloudfront.net/wp-content/uploads/2021/11/kdjlkds-120x67.jpg
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:9800:9:da2a:f240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.5 /
Resource Hash
dc44d654c412b485a7400ada34d96858a48749b2adb29c4aefc86db1d2bacc92

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 01:05:05 GMT
via
1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
age
9158
x-cache
Hit from cloudfront
content-length
3859
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 12 Nov 2021 00:57:23 GMT
server
Apache/2.4.46 () PHP/7.4.5
etag
"f13-5d08cf125f220"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
x-amz-cf-id
uT2rNa0MSnmS0zM-O83hl34t5wxbGAACQ8AQw1P95dWQCZUbF6O6BQ==
expires
Sat, 12 Nov 2022 01:05:05 GMT
ADMINS-120x67.jpg
dzm0ugdauank9.cloudfront.net/wp-content/uploads/2021/11/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dzm0ugdauank9.cloudfront.net/wp-content/uploads/2021/11/ADMINS-120x67.jpg
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:9800:9:da2a:f240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.5 /
Resource Hash
2962366af5f14c37bae31a5b4a50c018178b239b00d48bff335e28d4142637f6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 02:37:19 GMT
via
1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
age
3624
x-cache
Hit from cloudfront
content-length
3356
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 12 Nov 2021 02:28:46 GMT
server
Apache/2.4.46 () PHP/7.4.5
etag
"d1c-5d08e37f3cfa0"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
x-amz-cf-id
o0OQ0m8N4iemeuUFEnQV6jdGJLMm2MVWkhyll3CPVHtK00PpNNWNow==
expires
Sat, 12 Nov 2022 02:37:19 GMT
count.js
oann.disqus.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oann.disqus.com/count.js
Requested by
Host: dzm0ugdauank9.cloudfront.net
URL: https://dzm0ugdauank9.cloudfront.net/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.22
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:37:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
275
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
871
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 09 Nov 2021 19:37:00 GMT
Server
nginx
ETag
"618acddc-367"
Strict-Transport-Security
max-age=300; includeSubdomains
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=300
X-Amz-Cf-Pop
DFW3-C1
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id
akoJyCmTDxkZvAhuHSww7jBAK3yr9-HSQacCZOyyktHgr40uQThiow==
embed.js
oann.disqus.com/ 		74 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oann.disqus.com/embed.js
Requested by
Host: dzm0ugdauank9.cloudfront.net
URL: https://dzm0ugdauank9.cloudfront.net/wp-content/plugins/disqus-comment-system/public/js/comment_embed.js?ver=3.0.22
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
5831cf65691e9641ba88d67fecf90d415d799b5b8b8f5fcc8627bde2bdea0f87
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:37:43 GMT
Content-Encoding
gzip
Server
openresty
Age
0
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Cache-Control
private, max-age=60
X-Service
router
Strict-Transport-Security
max-age=300; includeSubdomains
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
24627
Cross-Origin-Resource-Policy
cross-origin
sdk.js
connect.facebook.net/en_US/ 		285 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=492da97606e72e8a7cc17e2ea0f672c3
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
50220e17cab884e8434ddebac500b7f0954f16911908d2eb70608b8994ec10ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Origin
https://www.oann.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
d6ziv97NpAozuklkPaoA1A==
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
82875
x-fb-rlafr
0
x-fb-debug
adRQGjsvr3u0b9EwSH4600CUWx8/xkKFEsDMzW0vO7eHPM1kduBnlw1RbC03TZ81U4+i5VPp3GoMk3aFaE+AUA==
x-fb-trip-id
917726464
x-fb-content-md5
509e64224c89ade4bab1238ce871fa3f
x-frame-options
DENY
date
Fri, 12 Nov 2021 03:37:43 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"ad2f4342213bf702d9bb7a482a994edb"
timing-allow-origin
*
expires
Sat, 12 Nov 2022 00:39:23 GMT
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		284 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151509
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.8.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0be76c911338a04a147d23494fe0bba1e96cb78a4c6efce737b072466c8a346

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:43 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
3509
etag
W/"f5b476c39d3850a1e9c745df927a7adc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
6accb92de83c4e3e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Mon, 15 Nov 2021 03:37:43 GMT
pubads_impl_2021110901.js
securepubads.g.doubleclick.net/gpt/ 		344 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
290cb5d09439fb608eeeb01483d09a76d15f0056e3ff581a1a3d645f5ce9fb21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118212
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 09:34:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 12 Nov 2021 03:37:43 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		133 B
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.oann.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
1c16d359799173133e18a819d52cc11f512cf022753f70835260515ef8142a1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Nov 2021 03:37:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
102
x-xss-protection
0
expires
Fri, 12 Nov 2021 03:37:43 GMT
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 02:49:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2917
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 12 Nov 2021 03:49:06 GMT
pxf_4195x73.min.css
cdn.pixfuture.com/content_widget/ 		1 KB
907 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.pixfuture.com/content_widget/pxf_4195x73.min.css?pxft_v=4027889815304525
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/cw/load-widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b42eeab1e47440d5c643843a8da40cb28c8ba0bb3e930b5d99281a8dea5772f4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:43 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 08 Nov 2021 19:37:19 GMT
server
cloudflare
etag
W/"61897c6f-4b1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BagUc6aw4keWKTpSWC%2FbFQef0eZ8OwoTKjsrsI%2FJ2w05UNQW%2FydygfT74WDX7tMVXIqry5XcXukZEiBr0AeIuZkPD8KeB52w2cvpfJhQPZxH2P90asKs1pHzQpRzEWRJoWqM7lynpOcWGV9Nw5fq"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2678400, no-transform
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6accb92e6b110609-FRA
expires
Sun, 14 Nov 2021 03:37:43 GMT
oneamericanewsnetwork.js
cdn1.lockerdomecdn.com/embeds/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.lockerdomecdn.com/embeds/oneamericanewsnetwork.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBMK8NJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:9200:b:6268:b880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bae0b6cbc6f070c5e7422511065ecb1afe95c4bb3bdda660101d1a031f8b53e1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 03:55:14 GMT
via
1.1 6faa38f38a1fee24a829fec7c748876d.cloudfront.net (CloudFront)
last-modified
Tue, 03 Aug 2021 18:08:23 GMT
server
AmazonS3
age
85350
etag
"217a6f61f92769a8ad90bdab4c5fc311"
x-cache
Hit from cloudfront
x-amz-version-id
YKOZ_CbDLzvh9brOewYKJgL.OuvZpLLw
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-type
application/javascript
content-length
7977
x-amz-cf-id
_JmAy17wCc6qsr_pgISS7hazvQiR8x0PZfSERX1m1yf6g6xYx8hrdA==
infolinks_main.js
resources.infolinks.com/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/infolinks_main.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBMK8NJ
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b54f7550fb5c53daaf188123be7a73c666dbcff4f38f8b67af2b659106c3117d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

cf-ray
6accb92eb91f5b5c-FRA
date
Fri, 12 Nov 2021 03:37:43 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 09:32:10 GMT
server
cloudflare
age
7517
etag
W/"d74-5d0800450dc75"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
content-encoding
gzip
expires
Fri, 12 Nov 2021 02:32:26 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBMK8NJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e4b08b4c83b80b97cad34596332e5222d097e42f9056d6d6e850ccc4816aa38b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51382
x-xss-protection
0
server
cafe
etag
2747890138197355193
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 12 Nov 2021 03:37:43 GMT
collect
www.google-analytics.com/j/ 		2 B
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=879539519&t=pageview&_s=1&dl=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&ul=en-us&de=UTF-8&dt=Federal%20court%20orders%20Biden%E2%80%99s%20DOJ%20to%20stop%20extracting%20data%20from%20phones%20of%20Project%20Veritas%20founder%20James%20O%E2%80%99Keefe%20%7C%20One%20America%20News%20Network&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAUIhAAAAAC~&jid=166264039&gjid=1340611653&cid=117753250.1636688263&tid=UA-98105905-1&_gid=739424706.1636688263&_r=1&gtm=2ouba1&did=dNDMyYj&gdid=dNDMyYj&z=494438153
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.oann.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
web
onesignal.com/api/v1/sync/3dafbfb4-c98b-47f2-b7c2-0bf087623d4e/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/3dafbfb4-c98b-47f2-b7c2-0bf087623d4e/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151509
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e794c04b637d0ab7344e0f70a3c85656bdaf55c59ec00a9ec8c046cfff2f70d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
241
cf-polished
origSize=3421
status
200 OK
x-envoy-upstream-service-time
28
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
5fdce5f0-a792-40a1-b630-9de4704a5946
x-runtime
0.026928
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"d107f6d5548d1adc5c897f1903698b79"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
6accb92ef8f64e3e-FRA
access-control-allow-headers
SDK-Version
expires
Fri, 12 Nov 2021 04:37:43 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
440 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-98105905-1&cid=117753250.1636688263&jid=166264039&gjid=1340611653&_gid=739424706.1636688263&_u=aGBAAUIgAAAAAC~&z=488574390
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 12 Nov 2021 03:37:43 GMT
content-type
text/plain
access-control-allow-origin
https://www.oann.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.oann.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Nov 2021 03:37:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.oann.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Nov 2021 03:37:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		56 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1643653831836636&correlator=3704093600517581&output=ldjh&impl=fifs&eid=31060838%2C31063214&vrg=2021110901&ptt=17&sc=1&sfv=1-0-38&ecs=20211112&iu_parts=21742901137%2COAN%2CSidebar_1%2CSidebar_2%2CSidebar_3&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4&prev_iu_szs=300x250%2C300x250%2C300x250%7C300x600&cookie_enabled=1&bc=31&abxe=1&lmt=1636687023&dt=1636688263151&dlt=1636688262668&idt=455&frm=20&biw=1600&bih=1200&oid=2&adxs=-9%2C-9%2C1016&adys=-9%2C-9%2C1068&adks=2798086097%2C915572114%2C2439424719&ucis=1%7C2%7C3&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1%7C0x-1%7C373x0&msz=0x-1%7C0x-1%7C373x0&ga_vid=117753250.1636688263&ga_sid=1636688263&ga_hid=879539519&ga_fc=true&fws=2%2C2%2C4&ohw=0%2C0%2C373&btvi=-1%7C-1%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
f16325589ca7976fc981f1ddf10121f470164bf6c326694632c5288e8a608a78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:43 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11756
x-xss-protection
0
google-lineitem-id
5684949964,5683939159,5684028633
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138349074352,138348502562,138349077196
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.oann.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
d75550029ba183372abcd49096ced8df.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F4F7 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d75550029ba183372abcd49096ced8df.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 12 Nov 2021 03:37:43 GMT
expires
Sat, 12 Nov 2022 03:37:43 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
css2
fonts.googleapis.com/ 		2 KB
639 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@400
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/content_widget/pxf_4195x73.min.css?pxft_v=4027889815304525
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4236ada867af85bf8aed5839abd0d5caf64eb90f4e160c8b5f5981a7fa1a538e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.pixfuture.com/content_widget/pxf_4195x73.min.css?pxft_v=4027889815304525
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 12 Nov 2021 03:37:43 GMT
server
ESF
date
Fri, 12 Nov 2021 03:37:43 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 12 Nov 2021 03:37:43 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-98105905-1&cid=117753250.1636688263&jid=166264039&_u=aGBAAUIgAAAAAC~&z=995535059
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-98105905-1&cid=117753250.1636688263&jid=166264039&_u=aGBAAUIgAAAAAC~&z=995535059
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sjs.js
cdn1.lockerdomecdn.com/embeds/ 		17 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.lockerdomecdn.com/embeds/sjs.js
Requested by
Host: cdn1.lockerdomecdn.com
URL: https://cdn1.lockerdomecdn.com/embeds/oneamericanewsnetwork.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:9200:b:6268:b880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4e2ff4dda6510591e0123ec9153d0dd7f35a566566df7095694625e6c654e527

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
.wYtctBP_XBnIa5iny.dScquLAjeZQyF
via
1.1 6faa38f38a1fee24a829fec7c748876d.cloudfront.net (CloudFront)
last-modified
Mon, 24 May 2021 16:45:53 GMT
server
AmazonS3
age
8960
etag
"4b1238444af4e820876b6750a0d87dbf"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Fri, 12 Nov 2021 01:11:39 GMT
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-length
17533
x-amz-cf-id
uIHQi2WvWh8Qqxzi4u_iz95IHHrpSoyTN0ifWHOOrSg1HcKSmfXULA==
ajs.js
cdn2.lockerdomecdn.com/_js/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn2.lockerdomecdn.com/_js/ajs.js
Requested by
Host: cdn1.lockerdomecdn.com
URL: https://cdn1.lockerdomecdn.com/embeds/oneamericanewsnetwork.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:5200:a:cbb7:a940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
989a1ca3de18cdb86b7ab664351121e8a469c04c1a76e806510f2efab660c28b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 14:12:22 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 21:12:02 GMT
age
48321
etag
W/"152c-17d068b24ef"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 a5a8e743f28968822c126102a78bb7c7.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
x-amz-cf-id
xF3DGoLMkE0ouktFWBBYgHTaxMtvMecNTRqNp_AvaFFO8kjpjvMHtQ==
ice.js
resources.infolinks.com/js/1764.004-3.025.ab.1766.011-3.025/ 		462 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/1764.004-3.025.ab.1766.011-3.025/ice.js
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ec557ed8555d3cb93e4466a2637e8bbc8a20efe8aa5aa102544cc168102d7fc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

cf-ray
6accb92f598a5b5c-FRA
date
Fri, 12 Nov 2021 03:37:43 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Wed, 10 Nov 2021 08:35:24 GMT
server
cloudflare
age
9833
etag
W/"73765-5d06b1b73e8c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
content-encoding
gzip
expires
Sun, 12 Dec 2021 00:53:50 GMT
lounge.45ce3ab7627dd20241bfd7e5b01d3737.css
c.disquscdn.com/next/embed/styles/ 		0
26 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/styles/lounge.45ce3ab7627dd20241bfd7e5b01d3737.css
Requested by
Host: oann.disqus.com
URL: https://oann.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:2200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 02 Nov 2021 19:05:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
808355
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
26057
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Tue, 02 Nov 2021 18:16:01 GMT
server
nginx
etag
"61818061-65c9"
content-type
text/css; charset=utf-8
via
1.1 09211df9a08903bbbc04e39ab4e6f301.cloudfront.net (CloudFront)
expires
Wed, 02 Nov 2022 19:05:08 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
DUS51-P1
timing-allow-origin
*
x-amz-cf-id
U4yExwg03xyvUEL216Cu5TH_0MdOmn4ZUDbzX_shAfvkgOqpfke1yA==
x-cache-hits
0
common.bundle.2f2f40d40785c9541a90e9086c8770a3.js
c.disquscdn.com/next/embed/ 		0
93 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/common.bundle.2f2f40d40785c9541a90e9086c8770a3.js
Requested by
Host: oann.disqus.com
URL: https://oann.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:2200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 14:45:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1515133
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
94779
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Fri, 22 Oct 2021 00:26:02 GMT
server
nginx
etag
"6172051a-1723b"
content-type
application/javascript; charset=utf-8
via
1.1 09211df9a08903bbbc04e39ab4e6f301.cloudfront.net (CloudFront)
expires
Tue, 25 Oct 2022 14:45:30 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
DUS51-P1
timing-allow-origin
*
x-amz-cf-id
KyjYtB8ITa0L4MtUakUEH8Y_o8Kcqi1yjKm0AZ4rdMKD5TJbttEbug==
x-cache-hits
0
lounge.bundle.00efd9d3730bb84ed1ca64779ee82e9a.js
c.disquscdn.com/next/embed/ 		0
119 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/lounge.bundle.00efd9d3730bb84ed1ca64779ee82e9a.js
Requested by
Host: oann.disqus.com
URL: https://oann.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:2200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 18:34:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
205400
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
120902
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Tue, 09 Nov 2021 18:08:36 GMT
server
nginx
etag
"618ab924-1d846"
content-type
application/javascript; charset=utf-8
via
1.1 09211df9a08903bbbc04e39ab4e6f301.cloudfront.net (CloudFront)
expires
Wed, 09 Nov 2022 18:34:23 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
DUS51-P1
timing-allow-origin
*
x-amz-cf-id
3HBbG4bBc0R9q-Br_QI9UTvCC2IpzOX0RzqBmp1InNsgvsURoZ7ZhQ==
x-cache-hits
0
config.js
disqus.com/next/ 		0
14 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://disqus.com/next/config.js
Requested by
Host: oann.disqus.com
URL: https://oann.disqus.com/embed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.128.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:37:43 GMT
X-Content-Type-Options
nosniff
Content-Type
application/javascript; charset=UTF-8
Server
nginx
Age
25
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin
*
Cache-Control
public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
13683
X-XSS-Protection
1; mode=block
recommendations.js
oann.disqus.com/ 		63 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oann.disqus.com/recommendations.js
Requested by
Host: oann.disqus.com
URL: https://oann.disqus.com/embed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
326d45f48fbcd78c8f93975cbd92fb5b67b062ee4662bc0d9fa5826327aed2f5
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:37:43 GMT
Content-Encoding
gzip
Server
openresty
Age
0
Vary
Accept-Encoding, Accept, Accept-Encoding, X-Forwarded-Proto, X-Disqus-Shortname, X-Disqus-Device, X-Disqus-Experiment, X-Disqus-Is-Private, X-Disqus-Development-Base
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Cache-Control
stale-while-revalidate=60, public, stale-if-error=86400, max-age=60
X-Service
router_gunicorn
Strict-Transport-Security
max-age=300; includeSubdomains
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
20891
Cross-Origin-Resource-Policy
cross-origin
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211109/r20190131/ Frame 0FC5 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211109/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 11 Nov 2021 08:20:20 GMT
expires
Thu, 25 Nov 2021 08:20:20 GMT
content-type
text/html; charset=UTF-8
etag
16478831307880631077
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4883
x-xss-protection
0
age
69443
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
13804039184004198
lockerdome.com/lad/ Frame F4E4 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lockerdome.com/lad/13804039184004198?pubid=ld-13804039184004198&pubo=https%3A%2F%2Fwww.oann.com&rid=&width=374
Requested by
Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.142.154.104.bc.googleusercontent.com
Software
/
Resource Hash
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/

Response headers

P3P
CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
Cache-Control
no-cache, max-age=0, must-revalidate, no-store
Content-Type
text/html; charset=utf-8
Content-Length
1376
Date
Fri, 12 Nov 2021 03:37:44 GMT
13247072555993446
lockerdome.com/lad/ Frame 7126 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lockerdome.com/lad/13247072555993446?pubid=ld-13247072555993446&pubo=https%3A%2F%2Fwww.oann.com&rid=&width=777
Requested by
Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.142.154.104.bc.googleusercontent.com
Software
/
Resource Hash
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/

Response headers

P3P
CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
Cache-Control
no-cache, max-age=0, must-revalidate, no-store
Content-Type
text/html; charset=utf-8
Content-Length
1376
Date
Fri, 12 Nov 2021 03:37:44 GMT
13247071683578214
lockerdome.com/lad/ Frame F33F 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lockerdome.com/lad/13247071683578214?pubid=ld-13247071683578214&pubo=https%3A%2F%2Fwww.oann.com&rid=&width=777
Requested by
Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.142.154.104.bc.googleusercontent.com
Software
/
Resource Hash
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/

Response headers

P3P
CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
Cache-Control
no-cache, max-age=0, must-revalidate, no-store
Content-Type
text/html; charset=utf-8
Content-Length
1376
Date
Fri, 12 Nov 2021 03:37:44 GMT
manage
router.infolinks.com/usync/ Frame B85E 		9 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/usync/manage?pid=3311725&wsid=0&pdom=www.oann.com&purl=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1764.004-3.025.ab.1766.011-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3806b2818724156cfafd1ac4f55f7af017ec8e067e64378c20b0cba71877b65

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/

Response headers

date
Fri, 12 Nov 2021 03:37:43 GMT
content-type
text/html;charset=UTF-8
cache-control
no-store
p3p
CP="NON DSP NID OUR COR"
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6accb9304a545b5c-FRA
content-encoding
gzip
lcmanage
router.infolinks.com/usync/ 		0
37 B 		Script
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/usync/lcmanage?pid=3311725&wsid=0&pdom=www.oann.com&purl=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1764.004-3.025.ab.1766.011-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:43 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cache-control
no-store
cf-ray
6accb9304a565b5c-FRA
content-length
0
gsd
router.infolinks.com/ 		0
34 B 		Script
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/gsd?evt=afterGSD&pid=3311725&wsid=0&pdom=www.oann.com&purl=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&jsv=1764.004-3.025.ab.1766.011-3.025&_cb=16366882633250
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1764.004-3.025.ab.1766.011-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:43 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6accb9305a585b5c-FRA
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
/
disqus.com/embed/comments/ Frame 2DCF 		7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://disqus.com/embed/comments/?base=default&f=oann&t_i=2578519%20https%3A%2F%2Fwww.oann.com%2F%3Fp%3D2578519&t_u=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&t_e=Federal%20court%20orders%20Biden%E2%80%99s%20DOJ%20to%20stop%20extracting%20data%20from%20phones%20of%20Project%20Veritas%20founder%20James%20O%E2%80%99Keefe&t_d=Federal%20court%20orders%20Biden%E2%80%99s%20DOJ%20to%20stop%20extracting%20data%20from%20phones%20of%20Project%20Veritas%20founder%20James%20O%E2%80%99Keefe&t_t=Federal%20court%20orders%20Biden%E2%80%99s%20DOJ%20to%20stop%20extracting%20data%20from%20phones%20of%20Project%20Veritas%20founder%20James%20O%E2%80%99Keefe&s_o=default
Requested by
Host: oann.disqus.com
URL: https://oann.disqus.com/embed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.128.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e5e71f609207e1f387db728ac3a8ee88a53cd4e2dc33573c0fbf8541fa5e00ba
Security Headers
Name Value
Content-Security-Policy script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/

Response headers

Connection
keep-alive
Content-Length
2955
Server
nginx
Content-Security-Policy
script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Link
<https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control
stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Timing-Allow-Origin
*
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Content-Type
text/html; charset=utf-8
Last-Modified
Fri, 12 Nov 2021 03:16:57 GMT
ETag
W/"lounge:view:8875651269.cf649c61a05746e5346f844d9398ad39.2"
Referrer-Policy
no-referrer-when-downgrade
Content-Encoding
gzip
Date
Fri, 12 Nov 2021 03:37:43 GMT
Age
0
Vary
Accept-Encoding
Cross-Origin-Resource-Policy
cross-origin
Strict-Transport-Security
max-age=300; includeSubdomains
/
tempest.services.disqus.com/ads-iframe/taboola/ 		28 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tempest.services.disqus.com/ads-iframe/taboola/?position=bottom&shortname=oann&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%231f1e1e&colorScheme=light&sourceUrl=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&typeface=serif&canonicalUrl=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&disqus_version=current
Requested by
Host: oann.disqus.com
URL: https://oann.disqus.com/embed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
58cf8489a2f6023e23bd078d2097b544947563d09741fc8e3d877dc7bd03b870

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:37:43 GMT
Content-Encoding
gzip
Server
openresty
Age
0
Vary
Accept-Encoding,
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=300
X-Service
router_gunicorn
Connection
keep-alive
Content-Length
9388
Cross-Origin-Resource-Policy
cross-origin
event.gif
referrer.disqus.com/juggler/ 		43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://referrer.disqus.com/juggler/event.gif?imp=65ug7plqaf8nl&experiment=network_default&variant=fallthrough&service=dynamic&area=bottom&product=embed&forum=oann&zone=thread&version=54ad8400991b5238623186955f09564c&page_url=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&page_referrer=&object_type=provider&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&section=default&verb=call&adjective=1&forum_id=4468287
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:37:43 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Content-Type
image/gif
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
recommendations.10022a97346f1c6e3798931bbd8e4bb5.css
c.disquscdn.com/next/recommendations/styles/ 		0
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/recommendations/styles/recommendations.10022a97346f1c6e3798931bbd8e4bb5.css
Requested by
Host: oann.disqus.com
URL: https://oann.disqus.com/recommendations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:2200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 21:23:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2096058
x-cache
Hit from cloudfront
content-length
2978
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Mon, 18 Oct 2021 21:05:37 GMT
server
nginx
etag
"616de1a1-ba2"
content-type
text/css; charset=utf-8
via
1.1 09211df9a08903bbbc04e39ab4e6f301.cloudfront.net (CloudFront)
expires
Tue, 18 Oct 2022 21:23:25 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
DUS51-P1
timing-allow-origin
*
x-amz-cf-id
86PH7ywOII6ewPJ0jbwhLHFuV3QGfZUuU0ylU9MuS8Y8akRKpnZ95Q==
x-cache-hits
0
common.bundle.6c6defcc206edabe5048d82459ee0a0e.js
c.disquscdn.com/next/recommendations/ 		0
87 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/recommendations/common.bundle.6c6defcc206edabe5048d82459ee0a0e.js
Requested by
Host: oann.disqus.com
URL: https://oann.disqus.com/recommendations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:2200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 21:23:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2096058
x-cache
Hit from cloudfront
content-length
88862
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Mon, 18 Oct 2021 21:05:37 GMT
server
nginx
etag
"616de1a1-15b1e"
content-type
application/javascript; charset=utf-8
via
1.1 09211df9a08903bbbc04e39ab4e6f301.cloudfront.net (CloudFront)
expires
Tue, 18 Oct 2022 21:23:25 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
DUS51-P1
timing-allow-origin
*
x-amz-cf-id
6xnA-x8j1TpsG6UA8nQLP-ZsJLUyRgl6AtQrKBYmI5P1cQLibwkSMg==
x-cache-hits
0
recommendations.bundle.926bc472e4859a48daa346b4ba2ab4f4.js
c.disquscdn.com/next/recommendations/ 		0
20 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/recommendations/recommendations.bundle.926bc472e4859a48daa346b4ba2ab4f4.js
Requested by
Host: oann.disqus.com
URL: https://oann.disqus.com/recommendations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:2200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 11 Oct 2021 20:25:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2704320
x-cache
Hit from cloudfront
content-length
20244
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Mon, 11 Oct 2021 20:15:56 GMT
server
nginx
etag
"61649b7c-4f14"
content-type
application/javascript; charset=utf-8
via
1.1 09211df9a08903bbbc04e39ab4e6f301.cloudfront.net (CloudFront)
expires
Tue, 11 Oct 2022 20:25:43 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
DUS51-P1
timing-allow-origin
*
x-amz-cf-id
d9rFfEWg9FoffORuukrIX6TVcrpJQb5fuWdoFK4jLREo4HOskWU1ZA==
x-cache-hits
0
/
de.tynt.com/deb/ Frame 07F5
Redirect Chain
  • https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
  • https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
75 B
289 B 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3311725&wsid=0&pdom=www.oann.com&purl=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.186 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip186.208-100-17.static.steadfastdns.net
Software
/
Resource Hash
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/

Response headers

cache-control
max-age=86400
expires
Sat, 13 Nov 2021 03:37:44 GMT
referrer-policy
unsafe-url
content-type
text/html
content-length
75
date
Fri, 12 Nov 2021 03:37:43 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

Redirect headers

location
https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
expires
Sat, 26 Jul 1997 05:00:00 GMT
referrer-policy
unsafe-url
content-length
0
date
Fri, 12 Nov 2021 03:37:43 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
usermatch
ssum-sec.casalemedia.com/ Frame 8394
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3311725&wsid=0&pdom=www.oann.com&purl=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3d79329e6529c7ac5dd55fdbc5221cc4433c2378c5dc1a22dd2d3733df13db05

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
230|241|45|39|206|111|51|40
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1632
Expires
Fri, 12 Nov 2021 03:37:43 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:43 GMT
Connection
keep-alive

Redirect headers

Server
Apache
Content-Length
311
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Fri, 12 Nov 2021 03:37:43 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:43 GMT
Connection
keep-alive
/
onetag-sys.com/usync/ Frame 5BF8 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3311725&wsid=0&pdom=www.oann.com&purl=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
pbm-usync
router.infolinks.com/dyn/ Frame B85E
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infoli...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infoli...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Rjc3NThFNTgtQTZGRS00RUU1LUEzRTQtOEE5QTc4MEIzMzZE&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3DF7758E58-A6FE-4EE5-A3E4-8A9A780B336D
  • https://router.infolinks.com/dyn/pbm-usync?uid=F7758E58-A6FE-4EE5-A3E4-8A9A780B336D
0
169 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/pbm-usync?uid=F7758E58-A6FE-4EE5-A3E4-8A9A780B336D
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3311725&wsid=0&pdom=www.oann.com&purl=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:44 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
text/html;charset=UTF-8
cache-control
no-store, no-cache, private
cf-ray
6accb934bdd05b5c-FRA
content-length
0
expires
Thu, 12 Nov 2020 03:37:44 GMT

Redirect headers

location
https://router.infolinks.com/dyn/pbm-usync?uid=F7758E58-A6FE-4EE5-A3E4-8A9A780B336D
date
Fri, 12 Nov 2021 03:37:44 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
apn-usync
router.infolinks.com/dyn/ Frame B85E
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID
  • https://router.infolinks.com/dyn/apn-usync?user_id=7051991869510472897
35 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/apn-usync?user_id=7051991869510472897
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3311725&wsid=0&pdom=www.oann.com&purl=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:44 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
6accb9324bed5b5c-FRA
content-length
35
expires
Thu, 12 Nov 2020 03:37:44 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:43 GMT
X-Proxy-Origin
91.199.118.74; 91.199.118.74; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
2374a956-ffb5-46bc-9325-6761f3cce461
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://router.infolinks.com/dyn/apn-usync?user_id=7051991869510472897
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ox-usync
router.infolinks.com/dyn/ Frame B85E
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=9b5994f2-035d-46de-8c12-bc0e9a4e66c2&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fox-usync%3Fuid%3D
  • https://u.openx.net/w/1.0/cm?cc=1&id=9b5994f2-035d-46de-8c12-bc0e9a4e66c2&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fox-usync%3Fuid%3D
  • https://router.infolinks.com/dyn/ox-usync?uid=4be39d0c-5552-4334-ba89-a428969abc89
35 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/ox-usync?uid=4be39d0c-5552-4334-ba89-a428969abc89
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3311725&wsid=0&pdom=www.oann.com&purl=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:44 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
6accb9324bea5b5c-FRA
content-length
35
expires
Thu, 12 Nov 2020 03:37:44 GMT

Redirect headers

date
Fri, 12 Nov 2021 03:37:43 GMT
content-encoding
gzip
server
OXGW/16.218.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://router.infolinks.com/dyn/ox-usync?uid=4be39d0c-5552-4334-ba89-a428969abc89
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
VR-usync
router.infolinks.com/dyn/ Frame B85E
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58422/occ
  • https://ups.analytics.yahoo.com/ups/58422/occ?verify=true
  • https://router.infolinks.com/dyn/VR-usync?uid=y-M2iu6oNE2uH9BCA7nc0lZZ320v3ogD.GRbxXZoA-~A
35 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/VR-usync?uid=y-M2iu6oNE2uH9BCA7nc0lZZ320v3ogD.GRbxXZoA-~A
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3311725&wsid=0&pdom=www.oann.com&purl=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:44 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
6accb9320ba85b5c-FRA
content-length
35
expires
Thu, 12 Nov 2020 03:37:44 GMT

Redirect headers

location
https://router.infolinks.com/dyn/VR-usync?uid=y-M2iu6oNE2uH9BCA7nc0lZZ320v3ogD.GRbxXZoA-~A
date
Fri, 12 Nov 2021 03:37:43 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
r1-usync
router.infolinks.com/dyn/ Frame B85E
Redirect Chain
  • https://sync.1rx.io/usersync2/infolinks
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7293018513
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7293018513
  • https://sync.1rx.io/usersync/tradedesk/c6f7b90a-8be6-489e-aed8-3443d34fbebe
  • https://sync.targeting.unrulymedia.com/csync/RX-d09719eb-9e0b-4fa7-b0cf-b78a75f3cf54-003?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fr1-usync%3Fuid%3DRX-d09719eb-9e0b-4fa7-b0cf-b78a75f3cf54-003
  • https://router.infolinks.com/dyn/r1-usync?uid=RX-d09719eb-9e0b-4fa7-b0cf-b78a75f3cf54-003
35 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/r1-usync?uid=RX-d09719eb-9e0b-4fa7-b0cf-b78a75f3cf54-003
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3311725&wsid=0&pdom=www.oann.com&purl=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:44 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
6accb934bdce5b5c-FRA
content-length
35
expires
Thu, 12 Nov 2020 03:37:44 GMT

Redirect headers

location
https://router.infolinks.com/dyn/r1-usync?uid=RX-d09719eb-9e0b-4fa7-b0cf-b78a75f3cf54-003
date
Fri, 12 Nov 2021 03:37:44 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXd09719eb9e0b4fa7b0cfb78a75f3cf54003
content-type
text/html
zmn-usync
router.infolinks.com/dyn/ Frame B85E
Redirect Chain
  • https://b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__
  • https://router.infolinks.com/dyn/zmn-usync?uid=
35 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/zmn-usync?uid=
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3311725&wsid=0&pdom=www.oann.com&purl=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:44 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
6accb9343d6d5b5c-FRA
content-length
35
expires
Thu, 12 Nov 2020 03:37:44 GMT

Redirect headers

Location
https://router.infolinks.com/dyn/zmn-usync?uid=
Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:44 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
70
Content-Type
text/html; charset=utf-8
us
sync.go.sonobi.com/ Frame B85E 		0
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsonobi-usync%3Fuid%3D%5BUID%5D
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3311725&wsid=0&pdom=www.oann.com&purl=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:43 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
ca.png
s.cpx.to/ Frame B85E
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.cpx.to/ca.png?ref=https%253A%252F%252Fwww.oann.com%252Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-oke...
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttps%25253A%25252F%25252Fwww.oann.com%25252Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-p...
  • https://s.cpx.to/ca.png?ref=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&pid=12306&adnxs_uid=705199186...
95 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/ca.png?ref=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&pid=12306&adnxs_uid=7051991869510472897
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3311725&wsid=0&pdom=www.oann.com&purl=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F
Protocol
HTTP/1.1
Server
54.77.45.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-45-99.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache, no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Fri, 12 Nov 2021 03:37:44 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0, no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Fri, 12 Nov 2021 03:37:44 UTC

Redirect headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:44 GMT
X-Proxy-Origin
91.199.118.74; 91.199.118.74; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
74565434-0b4b-4ca0-bea5-ba6f15deba72
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://s.cpx.to/ca.png?ref=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&pid=12306&adnxs_uid=7051991869510472897
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
dsp.adkernel.com/ Frame B85E 		42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp.adkernel.com/sync?exchange=202&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fearn-usync%3Fuid%3D%7BUID%7D
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3311725&wsid=0&pdom=www.oann.com&purl=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:44 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
outh-usync
router.infolinks.com/dyn/ Frame B85E
Redirect Chain
  • https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPe54983f6-4369-11ec-a004-02c1570f7238
  • https://router.infolinks.com/dyn/outh-usync?uid=y-KhzSmu1E2uH3tu0eyeeWQGgQucq1QaOI~A~UPe54983f6-4369-11ec-a004-02c1570f7238
35 B
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/outh-usync?uid=y-KhzSmu1E2uH3tu0eyeeWQGgQucq1QaOI~A~UPe54983f6-4369-11ec-a004-02c1570f7238
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3311725&wsid=0&pdom=www.oann.com&purl=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:44 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
6accb9328c155b5c-FRA
content-length
35
expires
Thu, 12 Nov 2020 03:37:44 GMT

Redirect headers

location
https://router.infolinks.com/dyn/outh-usync?uid=y-KhzSmu1E2uH3tu0eyeeWQGgQucq1QaOI~A~UPe54983f6-4369-11ec-a004-02c1570f7238
date
Fri, 12 Nov 2021 03:37:44 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usersync
match.bnmla.com/ Frame B85E 		0
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.bnmla.com/usersync?sspid=1000361&redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fenbd-usync%3Fuid%3D%5BUUID%5D
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3311725&wsid=0&pdom=www.oann.com&purl=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.27.122.101 Chestertown, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:37:44 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
sovrn-usync
router.infolinks.com/dyn/ Frame B85E
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID&sovrn_retry=true
  • https://router.infolinks.com/dyn/sovrn-usync?uid=f84f02358cfc80548d3f33c7
35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/sovrn-usync?uid=f84f02358cfc80548d3f33c7
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3311725&wsid=0&pdom=www.oann.com&purl=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:44 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
6accb9345d8b5b5c-FRA
content-length
35
expires
Thu, 12 Nov 2020 03:37:44 GMT

Redirect headers

Date
Fri, 12 Nov 2021 03:37:44 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://router.infolinks.com/dyn/sovrn-usync?uid=f84f02358cfc80548d3f33c7
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
usersync
router.infolinks.com/dyn/ Frame B85E
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolink...
  • https://image4.pubmatic.com/AdServer/SPug?p=60809&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fusersync%3Fpmuservalue%3DF7758E58-A6FE-4EE5-A3E4-8A9A780B336D
  • https://router.infolinks.com/dyn/usersync?pmuservalue=F7758E58-A6FE-4EE5-A3E4-8A9A780B336D
0
158 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/usersync?pmuservalue=F7758E58-A6FE-4EE5-A3E4-8A9A780B336D
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3311725&wsid=0&pdom=www.oann.com&purl=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:44 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
cache-control
no-store
cf-ray
6accb9341d565b5c-FRA
content-length
0

Redirect headers

location
https://router.infolinks.com/dyn/usersync?pmuservalue=F7758E58-A6FE-4EE5-A3E4-8A9A780B336D
date
Fri, 12 Nov 2021 03:37:43 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
iq-usync
router.infolinks.com/dyn/ Frame B85E 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/iq-usync
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3311725&wsid=0&pdom=www.oann.com&purl=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/usync/manage?pid=3311725&wsid=0&pdom=www.oann.com&purl=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:44 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cache-control
no-store
cf-ray
6accb932ec5a5b5c-FRA
content-length
0
zeta-usync
router.infolinks.com/dyn/ Frame B85E
Redirect Chain
  • https://p.rfihub.com/cm?pub=43153&in=1
  • https://router.infolinks.com/dyn/zeta-usync?uid=1991787311400296336
35 B
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/zeta-usync?uid=1991787311400296336
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3311725&wsid=0&pdom=www.oann.com&purl=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:45 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
6accb93889815b5c-FRA
content-length
35
expires
Thu, 12 Nov 2020 03:37:45 GMT

Redirect headers

Location
https://router.infolinks.com/dyn/zeta-usync?uid=1991787311400296336
Date
Fri, 12 Nov 2021 03:37:44 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
ssc-cms.33across.com/ps/ Frame B85E 		0
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssc-cms.33across.com/ps/?ri=0010b00002CpYhEAAV&ru=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2F33a-usync%3Fuid%3D33XUSERID33X
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3311725&wsid=0&pdom=www.oann.com&purl=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.177 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip177.208-100-17.static.steadfastdns.net
Software
33XP002 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-33x-status
2000208
date
Fri, 12 Nov 2021 03:37:44 GMT
server
33XP002
lounge.load.54ad8400991b5238623186955f09564c.js
c.disquscdn.com/next/embed/ Frame 2DCF 		958 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/lounge.load.54ad8400991b5238623186955f09564c.js
Requested by
Host: disqus.com
URL: https://disqus.com/embed/comments/?base=default&f=oann&t_i=2578519%20https%3A%2F%2Fwww.oann.com%2F%3Fp%3D2578519&t_u=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&t_e=Federal%20court%20orders%20Biden%E2%80%99s%20DOJ%20to%20stop%20extracting%20data%20from%20phones%20of%20Project%20Veritas%20founder%20James%20O%E2%80%99Keefe&t_d=Federal%20court%20orders%20Biden%E2%80%99s%20DOJ%20to%20stop%20extracting%20data%20from%20phones%20of%20Project%20Veritas%20founder%20James%20O%E2%80%99Keefe&t_t=Federal%20court%20orders%20Biden%E2%80%99s%20DOJ%20to%20stop%20extracting%20data%20from%20phones%20of%20Project%20Veritas%20founder%20James%20O%E2%80%99Keefe&s_o=default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:2200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
0196cfc8f556d47bd607f54161d7333ae82128ef857e827e31c512306f9903ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=oann&t_i=2578519%20https%3A%2F%2Fwww.oann.com%2F%3Fp%3D2578519&t_u=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&t_e=Federal%20court%20orders%20Biden%E2%80%99s%20DOJ%20to%20stop%20extracting%20data%20from%20phones%20of%20Project%20Veritas%20founder%20James%20O%E2%80%99Keefe&t_d=Federal%20court%20orders%20Biden%E2%80%99s%20DOJ%20to%20stop%20extracting%20data%20from%20phones%20of%20Project%20Veritas%20founder%20James%20O%E2%80%99Keefe&t_t=Federal%20court%20orders%20Biden%E2%80%99s%20DOJ%20to%20stop%20extracting%20data%20from%20phones%20of%20Project%20Veritas%20founder%20James%20O%E2%80%99Keefe&s_o=default
Origin
https://disqus.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 18:34:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
205400
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
497
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Tue, 09 Nov 2021 18:08:36 GMT
server
nginx
etag
"618ab924-1f1"
content-type
application/javascript; charset=utf-8
via
1.1 cd8cc1ff175a63c59feeb56bb3687767.cloudfront.net (CloudFront)
expires
Wed, 09 Nov 2022 18:34:23 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
DUS51-P1
timing-allow-origin
*
x-amz-cf-id
ETN5Dyob4OoXQ7y2RCd9Nq1E3ccqK71WcqqRSb9m7FORQL0rjCmaUQ==
x-cache-hits
0
cw_style.css
cdn.pixfuture.com/cw/ 		25 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.pixfuture.com/cw/cw_style.css
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/cw/load-widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
367b336953d10eea5173c10869a8a0b913a5f473d6a172741d46955afbe9b516

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:43 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
32540
cf-polished
origSize=25502
cf-bgj
minify
last-modified
Tue, 09 Nov 2021 18:34:13 GMT
server
cloudflare
etag
W/"618abf25-639e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RNbj3F1siGE1E%2FEIp3QNQDK%2BDG9NYs0yC%2FxlmhAMYgwTPKl0Yi1zmNCepNxiTkf6BgCKUVAM3wXHUV8iQYMMypl3YWvCgBy78sRf%2BHKn1OrjFdSL%2B5l%2BnL4DYWAA2KtdgAfU9L8qn3v8sQiUZ%2BEZ"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2678400, no-transform
cf-ray
6accb9316d810609-FRA
expires
Sat, 13 Nov 2021 18:34:41 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 3239 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsukY8RXlZ8O1lkullNR9e_xj_CXZ5vklpWmop_tNhdc7HlC1VFmfk8QCUjgKJhGsS1gb3r7woplSCxGT-cvd7PE2BP8keyJjGwjjR2yWBL2t5OTEeKwT8OVaYdH7-8qZazUcudCw4xm6XOI3Ceto0JEtGD9A7rP8fjPTxSbD6vzhGFytylOonuj4WmCS4Vm8mTFSgVg1loOeX_0pmMDOC-F-dYaX29GAEfFs1GwY9bvR90q2h29t1QYSj88ciKcJGyikAWH6ipKKaYdfYRGUICRseuPX7vzOFGjx09kQf6FernoJrR-mnZHNF9rk_A&sai=AMfl-YT5bPz0suOTa4Qn6bfPa2C6EGd9fmOSdB8MDHz_tVlnhgXpUHzE5pUrn41ew01B_b9J7BmT4omCIeQYVl6EmkoQtTDKouAGASS18b2ekWJuNUZnjHuKmofCFnDitMU&sig=Cg0ArKJSzOlMy_fi6XyZEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Nov 2021 03:37:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 12 Nov 2021 03:37:44 GMT
headerbid.js
served-by.pixfuture.com/www/delivery/ Frame 3239 		973 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/delivery/headerbid.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
d490f2efc64637640a21c5282a89dd22344e58974641bc7bbbfa4c7e4dc8648e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:44 GMT
last-modified
Tue, 02 Mar 2021 20:36:48 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"603ea1e0-3cd"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=172800, public, no-transform
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
973
expires
Sun, 14 Nov 2021 03:37:44 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3239 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37119
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636547677202025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 12 Nov 2021 03:37:44 GMT
/
disqus.com/recommendations/ Frame 8070 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://disqus.com/recommendations/?base=default&f=oann&t_i=2578519%20https%3A%2F%2Fwww.oann.com%2F%3Fp%3D2578519&t_u=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&t_e=Federal%20court%20orders%20Biden%E2%80%99s%20DOJ%20to%20stop%20extracting%20data%20from%20phones%20of%20Project%20Veritas%20founder%20James%20O%E2%80%99Keefe&t_d=Federal%20court%20orders%20Biden%E2%80%99s%20DOJ%20to%20stop%20extracting%20data%20from%20phones%20of%20Project%20Veritas%20founder%20James%20O%E2%80%99Keefe&t_t=Federal%20court%20orders%20Biden%E2%80%99s%20DOJ%20to%20stop%20extracting%20data%20from%20phones%20of%20Project%20Veritas%20founder%20James%20O%E2%80%99Keefe
Requested by
Host: oann.disqus.com
URL: https://oann.disqus.com/recommendations.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.128.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
55ec41b5c759372819d3a13fa2683b3d1372d871e445f19952c86a26e6b2ba4a
Security Headers
Name Value
Content-Security-Policy script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/

Response headers

Connection
keep-alive
Content-Length
2425
Server
nginx
Content-Type
text/html; charset=utf-8
Content-Security-Policy
script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Last-Modified
Wed, 10 Nov 2021 18:16:35 GMT
Link
<https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control
stale-while-revalidate=30, no-cache, must-revalidate, stale-if-error=3600, public
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Timing-Allow-Origin
*
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Content-Encoding
gzip
Date
Fri, 12 Nov 2021 03:37:44 GMT
Age
0
Vary
Accept-Encoding
Cross-Origin-Resource-Policy
cross-origin
Strict-Transport-Security
max-age=300; includeSubdomains
loader.js
cdn.taboola.com/libtrc/disqus-network/ Frame 132F 		643 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/disqus-network/loader.js
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8f1e92edea86889c5da671420464709cd9c01be51e8625864c6d1daf11fb3f1a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
9EXP4lQTIMaOcrkOHg4.oOGNPSTenb2j
content-encoding
gzip
etag
"6e44c6debd4f884b8b819971115e33d7"
age
44
x-cache
HIT
content-length
147346
x-amz-id-2
4tfkPbatQymkMh+dFZt6WZHwkz1gwEfnHrW5ERk84DJ/7tMcP4gt4ZTraVs+m/7GAkOnjTzVmgw=
x-served-by
cache-fra19166-FRA
last-modified
Wed, 10 Nov 2021 14:35:23 GMT
server
AmazonS3
x-timer
S1636688264.058055,VS0,VE0
date
Fri, 12 Nov 2021 03:37:44 GMT
vary
Accept-Encoding
x-amz-request-id
GYRFBAZAB58GVTZH
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
71
x-cache-hits
2
gcws.php
served-by.pixfuture.com/www/delivery/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/delivery/gcws.php?affid=4195&wid=73&ref=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/cw/load-widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
69e615dc963e9890b35ca128ee5f0ff61730b0de2922ec6ff59924fa706f358d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:44 GMT
content-encoding
gzip
server
nginx/1.10.3 (Ubuntu)
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=172800, public, no-transform
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Sun, 14 Nov 2021 03:37:44 GMT
common.bundle.2f2f40d40785c9541a90e9086c8770a3.js
c.disquscdn.com/next/embed/ Frame 2DCF 		282 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/common.bundle.2f2f40d40785c9541a90e9086c8770a3.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.load.54ad8400991b5238623186955f09564c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:2200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
4d958aa0fe56b2c9ef407522721c72a3f0ac4f0ae063a2e2d05c134b7a79fa85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=oann&t_i=2578519%20https%3A%2F%2Fwww.oann.com%2F%3Fp%3D2578519&t_u=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&t_e=Federal%20court%20orders%20Biden%E2%80%99s%20DOJ%20to%20stop%20extracting%20data%20from%20phones%20of%20Project%20Veritas%20founder%20James%20O%E2%80%99Keefe&t_d=Federal%20court%20orders%20Biden%E2%80%99s%20DOJ%20to%20stop%20extracting%20data%20from%20phones%20of%20Project%20Veritas%20founder%20James%20O%E2%80%99Keefe&t_t=Federal%20court%20orders%20Biden%E2%80%99s%20DOJ%20to%20stop%20extracting%20data%20from%20phones%20of%20Project%20Veritas%20founder%20James%20O%E2%80%99Keefe&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 14:45:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1515134
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
94779
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Fri, 22 Oct 2021 00:26:02 GMT
server
nginx
etag
"6172051a-1723b"
content-type
application/javascript; charset=utf-8
via
1.1 09211df9a08903bbbc04e39ab4e6f301.cloudfront.net (CloudFront)
expires
Tue, 25 Oct 2022 14:45:30 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
DUS51-P1
timing-allow-origin
*
x-amz-cf-id
k_LdmeG6lc7W5lXY7qS0r0DIOJFNrJyzsbIm54CFc-up30Y2U2RcjQ==
x-cache-hits
0
c9bc6c7d7c2051898c0290380dfc5978.jpeg
cdn.pixfuture.com/content_widget/logos/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.pixfuture.com/content_widget/logos/c9bc6c7d7c2051898c0290380dfc5978.jpeg??pxft_v=15881264295688636
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/content_widget/pxf_4195x73.min.css?pxft_v=4027889815304525
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b06f6eded11ff8b7479fc181ceecb377f3513b886274c301b0e92a731311667

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.pixfuture.com/content_widget/pxf_4195x73.min.css?pxft_v=4027889815304525
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
115072
cf-bgj
h2pri
content-length
15694
last-modified
Fri, 05 Nov 2021 16:52:39 GMT
server
cloudflare
etag
"61856157-3d4e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vSbm56aLMaNJ0x%2B7wSt9vX9SGgWUS9GiTalRuVlu6PMrTrifiHLRffgjSHw7QYHp%2FJDGxp57I6HFdg7Cs2SeE4bIVcUshZPV5DZnY%2Ft5hN%2FUi5o7O1pB6TaicLN6LUTjyxETWzoaiFtpY5GKoqEW"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2678400, no-transform
accept-ranges
bytes
cf-ray
6accb9324e340609-FRA
expires
Fri, 12 Nov 2021 19:37:21 GMT
UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuLyfAZ9hiA.woff2
fonts.gstatic.com/s/inter/v7/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v7/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuLyfAZ9hiA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2069ee225073a115f31dcfbfc8e645967697bcf1d9b8f56d56b0aed8943d9f93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.oann.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 18:49:48 GMT
x-content-type-options
nosniff
age
118076
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16652
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 17:58:59 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 10 Nov 2022 18:49:48 GMT
14262018928489574
lockerdome.com/lad/ Frame 3B69 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lockerdome.com/lad/14262018928489574?pubid=ld-14262018928489574&pubo=https%3A%2F%2Fwww.oann.com&rid=&width=1560
Requested by
Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.142.154.104.bc.googleusercontent.com
Software
/
Resource Hash
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/

Response headers

P3P
CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
Cache-Control
no-cache, max-age=0, must-revalidate, no-store
Content-Type
text/html; charset=utf-8
Content-Length
1376
Date
Fri, 12 Nov 2021 03:37:44 GMT
widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html
platform.twitter.com/widgets/ Frame C3C3 		319 KB
103 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Fwww.oann.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.25 Playa Vista, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6711) /
Resource Hash
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
187307
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Fri, 12 Nov 2021 03:37:44 GMT
Etag
"8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified
Mon, 18 Oct 2021 18:32:00 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6711)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105433
usermatchredir
ssum-sec.casalemedia.com/ Frame 8394
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YY3hh_hBgT-uGKmO4CBSjQAABGoAAAAB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEC0kTo4DOTi5Y4M5VfsuE0M&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEC0kTo4DOTi5Y4M5VfsuE0M&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
HTTP/1.1
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:44 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Fri, 12 Nov 2021 03:37:44 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:44 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEC0kTo4DOTi5Y4M5VfsuE0M&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 8394
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YY3hh_hBgT-uGKmO4CBSjQAABGoAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YY3hh_hBgT-uGKmO4CBSjQAABGoAAAAB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YY3hh_hBgT-uGKmO4CBSjQAABGoAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:44 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
5260556DAJHP8H15CDER
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:44 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
WV091DPVAFJEN3EF9X40
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YY3hh_hBgT-uGKmO4CBSjQAABGoAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 8394
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YY3hh-hBgT.uGKmO4CBSjQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDNsXh2tMPR6aZuAd9_tMaI&google_cver=1&gdpr=1&google_hm=2
43 B
1000 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDNsXh2tMPR6aZuAd9_tMaI&google_cver=1&gdpr=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
HTTP/1.1
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:44 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 12 Nov 2021 03:37:44 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:44 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDNsXh2tMPR6aZuAd9_tMaI&google_cver=1&gdpr=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
341
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 8394 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:44 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
ups.analytics.yahoo.com/ups/55940/ Frame 8394 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YY3hh_hBgT-uGKmO4CBSjQAABGoAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:44 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
match
c1.adform.net/serving/cookie/ Frame 8394 		0
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:44 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
sync
x.bidswitch.net/ Frame 8394 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=index&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.90.196 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-90-196.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:37:44 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
ix-usync
router.infolinks.com/dyn/ Frame 8394 		35 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/ix-usync?uid=YY3hh-hBgT.uGKmO4CBSjQAA%261130
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:44 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
6accb9336cba5b5c-FRA
content-length
35
expires
Thu, 12 Nov 2020 03:37:44 GMT
cs&eq_cc=1
um2.eqads.com/um/ Frame 6103
Redirect Chain
  • https://um2.eqads.com/um/cs
  • https://um2.eqads.com/um/cs&eq_cc=1
186 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://um2.eqads.com/um/cs&eq_cc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.249.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-174-249-39.compute-1.amazonaws.com
Software
/
Resource Hash
e7901b9815a7d439aff721b6e19824fef964eda8d4fac16d2fd675e5d9763992

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/

Response headers

date
Fri, 12 Nov 2021 03:37:44 GMT
content-type
text/html; charset=utf-8
content-length
186
cache-control
no-cache, must-revalidate
expires
Sat, 6 May 1995 12:00:00 GMT
last-modified
Fri, 12 Nov 2021 03:37:44 GMT
pragma
no-cache

Redirect headers

date
Fri, 12 Nov 2021 03:37:44 GMT
content-type
text/html; charset=utf-8
content-length
41
location
/um/cs&eq_cc=1
truncated
/ Frame 3239 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c4f47f9a48f357e3dd9cb87e83ad0034056a120e99c5846664bf93a012a4dbf8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
impl.20211110-1-RELEASE.js
cdn.taboola.com/libtrc/ Frame 132F 		600 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20211110-1-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
c1953f92894756642d3835b2417dea2ca6d28ee2c1b0a7107046e563f8eb6c03

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
xm92VpRlouX_0owrfpVq6L_HQcDwq9hy
content-encoding
br
etag
"721c4c5ab7934a71b7571784f754b2f1"
age
6082
x-cache
HIT
content-length
125284
x-amz-id-2
Y3oFok3tIDcH9pJJpr1Oq4dMUPRvARQKArRFHGAlrJ7Oa8RpOzdjUOPXv58G71iXmjssQ3ic6wU=
x-served-by
cache-fra19166-FRA
last-modified
Wed, 10 Nov 2021 09:56:22 GMT
server
AmazonS3-br
x-timer
S1636688264.357898,VS0,VE0
date
Fri, 12 Nov 2021 03:37:44 GMT
vary
Accept-Encoding
x-amz-request-id
0K06M4D7X0P1XR3X
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
92
x-cache-hits
2515
beacon.js
sb.scorecardresearch.com/ Frame 132F 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-17.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 03:38:09 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
86376
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 142ded88048f806cc40a5a225130cc8a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
IYh7i9g1iWVO6CpBVoCFcwlZ7bwM1hBevohJGBmTNcMVNajZxK6clg==
lounge.45ce3ab7627dd20241bfd7e5b01d3737.css
c.disquscdn.com/next/embed/styles/ Frame 2DCF 		165 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/styles/lounge.45ce3ab7627dd20241bfd7e5b01d3737.css
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.2f2f40d40785c9541a90e9086c8770a3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:2200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
60c6565dc4af986490c60907f5c62642b3435afee9b6ee2af562becfe62f32aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=oann&t_i=2578519%20https%3A%2F%2Fwww.oann.com%2F%3Fp%3D2578519&t_u=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&t_e=Federal%20court%20orders%20Biden%E2%80%99s%20DOJ%20to%20stop%20extracting%20data%20from%20phones%20of%20Project%20Veritas%20founder%20James%20O%E2%80%99Keefe&t_d=Federal%20court%20orders%20Biden%E2%80%99s%20DOJ%20to%20stop%20extracting%20data%20from%20phones%20of%20Project%20Veritas%20founder%20James%20O%E2%80%99Keefe&t_t=Federal%20court%20orders%20Biden%E2%80%99s%20DOJ%20to%20stop%20extracting%20data%20from%20phones%20of%20Project%20Veritas%20founder%20James%20O%E2%80%99Keefe&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 02 Nov 2021 19:05:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
808356
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
26057
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Tue, 02 Nov 2021 18:16:01 GMT
server
nginx
etag
"61818061-65c9"
content-type
text/css; charset=utf-8
via
1.1 09211df9a08903bbbc04e39ab4e6f301.cloudfront.net (CloudFront)
expires
Wed, 02 Nov 2022 19:05:08 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
DUS51-P1
timing-allow-origin
*
x-amz-cf-id
RNTUvAEYxTvxlG1zLJuXZjy4VGXWgAV9a1y6tdmHxKqMyoJ_IJVT2Q==
x-cache-hits
0
1584a464a8a148391b5fb6bbdbbd673f.jpg
cdn.pixfuture.com/content_widget/ 		604 KB
605 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.pixfuture.com/content_widget/1584a464a8a148391b5fb6bbdbbd673f.jpg
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cac00f312350cd2b09ce67f834aa731eb8efffb4b9ab8f0d26842e677ab94e22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4947
cf-bgj
h2pri
content-length
618118
last-modified
Fri, 12 Nov 2021 02:12:00 GMT
server
cloudflare
etag
"618dcd70-96e86"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QUcAizxjnGS75jnNY16Vf2Kd8hHzF7ItOoaqtLpTxPDhjAV5vhnv3f2HHEIF7Wm4rp%2FMqtuTvarLcIivHbOFgnVSD991Bvl5HbeP5FlHOsn57gCQpkUpfVobc6Jdwg5IMv1dTvIO2kFRLc39BOdG"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2678400, no-transform
accept-ranges
bytes
cf-ray
6accb93488410609-FRA
expires
Sun, 14 Nov 2021 02:12:02 GMT
recommendations.load.42dfcc5041eed24b84f85a10a88fa215.js
c.disquscdn.com/next/recommendations/ Frame 8070 		923 B
1018 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/recommendations/recommendations.load.42dfcc5041eed24b84f85a10a88fa215.js
Requested by
Host: disqus.com
URL: https://disqus.com/recommendations/?base=default&f=oann&t_i=2578519%20https%3A%2F%2Fwww.oann.com%2F%3Fp%3D2578519&t_u=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&t_e=Federal%20court%20orders%20Biden%E2%80%99s%20DOJ%20to%20stop%20extracting%20data%20from%20phones%20of%20Project%20Veritas%20founder%20James%20O%E2%80%99Keefe&t_d=Federal%20court%20orders%20Biden%E2%80%99s%20DOJ%20to%20stop%20extracting%20data%20from%20phones%20of%20Project%20Veritas%20founder%20James%20O%E2%80%99Keefe&t_t=Federal%20court%20orders%20Biden%E2%80%99s%20DOJ%20to%20stop%20extracting%20data%20from%20phones%20of%20Project%20Veritas%20founder%20James%20O%E2%80%99Keefe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:2200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f2bfdbf7d2df8d37016a17d53674d2799bb77996a763bf2bee8b1f604dd31a9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/
Origin
https://disqus.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 21:23:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2096058
x-cache
Hit from cloudfront
content-length
446
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Mon, 18 Oct 2021 21:05:37 GMT
server
nginx
etag
"616de1a1-1be"
content-type
application/javascript; charset=utf-8
via
1.1 cd8cc1ff175a63c59feeb56bb3687767.cloudfront.net (CloudFront)
expires
Tue, 18 Oct 2022 21:23:25 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
DUS51-P1
timing-allow-origin
*
x-amz-cf-id
bNVd7OIJzzLjWQLatM4qook1F0KqkO8TReZTxy60irs3dbaBs3K5PA==
x-cache-hits
0
dc.js
stats.g.doubleclick.net/ Frame F33F 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: lockerdome.com
URL: https://lockerdome.com/lad/13247071683578214?pubid=ld-13247071683578214&pubo=https%3A%2F%2Fwww.oann.com&rid=&width=777
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lockerdome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
1424
date
Fri, 12 Nov 2021 03:14:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17093
expires
Fri, 12 Nov 2021 05:14:00 GMT
dc.js
stats.g.doubleclick.net/ Frame F4E4 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: lockerdome.com
URL: https://lockerdome.com/lad/13804039184004198?pubid=ld-13804039184004198&pubo=https%3A%2F%2Fwww.oann.com&rid=&width=374
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lockerdome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
1424
date
Fri, 12 Nov 2021 03:14:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17093
expires
Fri, 12 Nov 2021 05:14:00 GMT
dc.js
stats.g.doubleclick.net/ Frame 7126 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: lockerdome.com
URL: https://lockerdome.com/lad/13247072555993446?pubid=ld-13247072555993446&pubo=https%3A%2F%2Fwww.oann.com&rid=&width=777
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lockerdome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
1424
date
Fri, 12 Nov 2021 03:14:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17093
expires
Fri, 12 Nov 2021 05:14:00 GMT
hb_v2.js
cdn.pixfuture.com/ Frame 3239 		33 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pixfuture.com/hb_v2.js
Requested by
Host: served-by.pixfuture.com
URL: https://served-by.pixfuture.com/www/delivery/headerbid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45df10c585e01c07a3602ed16c1c6842d2572d6b15bceff9cb1f58256d330e31

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:44 GMT
cf-cache-status
HIT
last-modified
Tue, 28 Sep 2021 15:09:43 GMT
server
cloudflare
age
39998
etag
W/"61533037-84f5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FaVBOC0d9iZZPg1qLc1SlnJnF%2F53gwPG1n%2FvHPqrMTINAxKoP1yHi%2BpwG3j6VB5bSpE1O17wPndKA1dVSiPyrsEi3XGhjksXjnEliByWELFwkFFObjF3ZNX4qBr9wXB7W15uI%2B6N9leseNv6NPEb"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
expires
Sat, 13 Nov 2021 16:31:05 GMT
cache-control
public, max-age=2678400, no-transform
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6accb934884b0609-FRA
cf-bgj
minify
lounge.bundle.00efd9d3730bb84ed1ca64779ee82e9a.js
c.disquscdn.com/next/embed/ Frame 2DCF 		469 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/lounge.bundle.00efd9d3730bb84ed1ca64779ee82e9a.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.2f2f40d40785c9541a90e9086c8770a3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:2200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
4f540b83152e248e6e91fa4a5531491abb7617488015a8f3fd558b0ab123da72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=oann&t_i=2578519%20https%3A%2F%2Fwww.oann.com%2F%3Fp%3D2578519&t_u=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&t_e=Federal%20court%20orders%20Biden%E2%80%99s%20DOJ%20to%20stop%20extracting%20data%20from%20phones%20of%20Project%20Veritas%20founder%20James%20O%E2%80%99Keefe&t_d=Federal%20court%20orders%20Biden%E2%80%99s%20DOJ%20to%20stop%20extracting%20data%20from%20phones%20of%20Project%20Veritas%20founder%20James%20O%E2%80%99Keefe&t_t=Federal%20court%20orders%20Biden%E2%80%99s%20DOJ%20to%20stop%20extracting%20data%20from%20phones%20of%20Project%20Veritas%20founder%20James%20O%E2%80%99Keefe&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 18:34:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
205401
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
120902
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Tue, 09 Nov 2021 18:08:36 GMT
server
nginx
etag
"618ab924-1d846"
content-type
application/javascript; charset=utf-8
via
1.1 09211df9a08903bbbc04e39ab4e6f301.cloudfront.net (CloudFront)
expires
Wed, 09 Nov 2022 18:34:23 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
DUS51-P1
timing-allow-origin
*
x-amz-cf-id
2U_QBGof9KBUZIGXezGEPhZ9qvBEvW4myBLfE8HOVGujOOyew74PUw==
x-cache-hits
0
config.js
disqus.com/next/ Frame 2DCF 		13 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://disqus.com/next/config.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.2f2f40d40785c9541a90e9086c8770a3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.128.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6572640d21e523ae2e62df79b201ef4956696631333f0edf0a042e9dee698b2e
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=oann&t_i=2578519%20https%3A%2F%2Fwww.oann.com%2F%3Fp%3D2578519&t_u=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&t_e=Federal%20court%20orders%20Biden%E2%80%99s%20DOJ%20to%20stop%20extracting%20data%20from%20phones%20of%20Project%20Veritas%20founder%20James%20O%E2%80%99Keefe&t_d=Federal%20court%20orders%20Biden%E2%80%99s%20DOJ%20to%20stop%20extracting%20data%20from%20phones%20of%20Project%20Veritas%20founder%20James%20O%E2%80%99Keefe&t_t=Federal%20court%20orders%20Biden%E2%80%99s%20DOJ%20to%20stop%20extracting%20data%20from%20phones%20of%20Project%20Veritas%20founder%20James%20O%E2%80%99Keefe&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:37:44 GMT
X-Content-Type-Options
nosniff
Content-Type
application/javascript; charset=UTF-8
Server
nginx
Age
26
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin
*
Cache-Control
public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
13683
X-XSS-Protection
1; mode=block
dc.js
stats.g.doubleclick.net/ Frame 3B69 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: lockerdome.com
URL: https://lockerdome.com/lad/14262018928489574?pubid=ld-14262018928489574&pubo=https%3A%2F%2Fwww.oann.com&rid=&width=1560
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lockerdome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
1424
date
Fri, 12 Nov 2021 03:14:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17093
expires
Fri, 12 Nov 2021 05:14:00 GMT
10d628990bdd9bbf7423f34d24ecc4c9.jpg
cdn.pixfuture.com/content_widget/ 		226 KB
226 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.pixfuture.com/content_widget/10d628990bdd9bbf7423f34d24ecc4c9.jpg
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9de0c624dcd4b5b32b884bf6351dd4adb8bce35cca074e05e2fb7a016598fc31

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4946
cf-bgj
h2pri
content-length
231062
last-modified
Fri, 12 Nov 2021 02:12:09 GMT
server
cloudflare
etag
"618dcd79-38696"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zJDIrdA2XQbc%2FFx2vHQqDlYJYALDq4unGVVMF1zT4XwDZ8Bd4j3j48LQ1GBnGQCGEPHQt3UxsGD2qMlMosmDSc05RXWss6kGodBIdIGTjas3QGSJ7TST%2F%2BkVKvWNaPw9xEXp08SemBt65hkxMcf%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2678400, no-transform
accept-ranges
bytes
cf-ray
6accb934a8650609-FRA
expires
Sun, 14 Nov 2021 02:12:12 GMT
7cf9267f62dd59322e067096a891593f.jpg
cdn.pixfuture.com/content_widget/ 		321 KB
321 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.pixfuture.com/content_widget/7cf9267f62dd59322e067096a891593f.jpg
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e23fb9560e31703b4f578b59d8b95bbaa090e04ed41e03a88809558e433ee00

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4946
cf-bgj
h2pri
content-length
328273
last-modified
Fri, 12 Nov 2021 02:12:17 GMT
server
cloudflare
etag
"618dcd81-50251"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yAsoAseadvUpkgY0PG6aFi%2BkcSkJPvLPXCvDqvdhIjo3o9pwl5igPFYvRccdV4MKnjHlBsYYoAB0WVBQ7dnLIflQG5Ud2Cym3WL%2FEAawFKmuyEsK8eRj7b7msg8%2BYPWeWSGWVbamZbb3wfyTTLiN"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2678400, no-transform
accept-ranges
bytes
cf-ray
6accb934b8660609-FRA
expires
Sun, 14 Nov 2021 02:12:19 GMT
471ad9ad7e6bd0768ee83943c994ca95.jpg
cdn.pixfuture.com/content_widget/ 		328 KB
329 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.pixfuture.com/content_widget/471ad9ad7e6bd0768ee83943c994ca95.jpg
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8cfde7308130f69a80a90b1348c7f7c77b3dfdedca2317f5ac41312fdb0527c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4946
cf-bgj
h2pri
content-length
336316
last-modified
Fri, 12 Nov 2021 02:12:25 GMT
server
cloudflare
etag
"618dcd89-521bc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IA8xMgC3GPXT2i2IY3ub%2F9iXyI9BA%2Fgan6gHWDJ%2FTblJRBHSw8l08Oy5PjP9B%2FwbTwDhbE4z35RKlSE%2BsLbYlLgwkT2Ad1Dt67OulVAr6eans8kh0hXjcDQWQZqVpmAXkQMDNtODP6TfiZ1kDFyf"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2678400, no-transform
accept-ranges
bytes
cf-ray
6accb934b8670609-FRA
expires
Sun, 14 Nov 2021 02:12:27 GMT
b9063f5eebe1e4e399cde46c657b2cff.jpg
cdn.pixfuture.com/content_widget/ 		414 KB
415 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.pixfuture.com/content_widget/b9063f5eebe1e4e399cde46c657b2cff.jpg
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b80503769f93f6a16ff30faad333d7f84dba9d9f710aeccd6bf9730b3090a656

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4946
cf-bgj
h2pri
content-length
423862
last-modified
Fri, 12 Nov 2021 02:12:33 GMT
server
cloudflare
etag
"618dcd91-677b6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UGfqI6GzjcfJ2k6hFbs4ztXbWtfaBjs4ErN15FYazX4E1l9iQTcJt2o9oHrP0mIQH5r%2FKJmjG8a1cermSH69VU9DMfS87Sbd9G6LsIrucC68r6%2BAjueZKy9RwhKBEBQiig8chEmloCOGNe71o13t"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2678400, no-transform
accept-ranges
bytes
cf-ray
6accb934b8680609-FRA
expires
Sun, 14 Nov 2021 02:12:35 GMT
35cb8fed85cd28120e43b50bc376a2c3.jpg
cdn.pixfuture.com/content_widget/ 		222 KB
222 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.pixfuture.com/content_widget/35cb8fed85cd28120e43b50bc376a2c3.jpg
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7d9c1d4f1f0febaccc2e98ae2589d9e92939768a8e5b7bf54cf594d44e756c6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4946
cf-bgj
h2pri
content-length
226916
last-modified
Fri, 12 Nov 2021 02:12:42 GMT
server
cloudflare
etag
"618dcd9a-37664"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=32bvPu7m1R7ormurPkF4P4LSTWzoPA6fu%2BldU3OcrWQ%2FW1hkfQHTeoCbaRPBGunBP8Mulj%2F%2BVBrBkt6t0E9YQH3ZFz8Qvp3s95Q%2BtMo3Nn67e9ndLsAIvST1EQLytXfAtR5yENLdESlPdBnVIffG"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2678400, no-transform
accept-ranges
bytes
cf-ray
6accb934b8690609-FRA
expires
Sun, 14 Nov 2021 02:12:47 GMT
94a4b8efe98d30df8a635bbda97d5ede.jpg
cdn.pixfuture.com/content_widget/ 		445 KB
446 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.pixfuture.com/content_widget/94a4b8efe98d30df8a635bbda97d5ede.jpg
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f7c01ee2020bb9618cd98b1647ef05d7178606b6676411baa8d3effc0c564fe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4946
cf-bgj
h2pri
content-length
455743
last-modified
Fri, 12 Nov 2021 02:12:51 GMT
server
cloudflare
etag
"618dcda3-6f43f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bpTH2LAZkoW5cVlGgbWXWZ9LQCJa6X2rWiiQ%2BaEbQJARpJi89sGt7Lp8JIknW7q525pBWD%2F6L2AfA216X9mWihXAqRebJwDyTb9B5ELNx%2Fz2CykhLca9ngnGNQbxYarcIbblC8pFRJfVpoMelZuY"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2678400, no-transform
accept-ranges
bytes
cf-ray
6accb934b86a0609-FRA
expires
Sun, 14 Nov 2021 02:12:53 GMT
b2
sb.scorecardresearch.com/ Frame 132F
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1636688264037&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-fr...
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1636688264037&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-f...
64 B
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1636688264037&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&c9=
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Server
13.32.121.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-17.fra60.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:44 GMT
via
1.1 142ded88048f806cc40a5a225130cc8a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
E-EteKAmfLAu6TtO2vWY4TmyfqFP6kAmBnwiX6ESmuxtSnt7g37n0w==

Redirect headers

date
Fri, 12 Nov 2021 03:37:44 GMT
via
1.1 142ded88048f806cc40a5a225130cc8a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1636688264037&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&c9=
content-length
276
x-amz-cf-id
qY7mwRdUi04VTDgeQpQ4q302lxFZOaL1rSwoYiKrQZxupDYPLlxIhw==
json
trc.taboola.com/disqus-widget-oann/trc/3/ Frame 132F 		35 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/disqus-widget-oann/trc/3/json?tim=03%3A37%3A44.208&lti=deflated&data=%7B%22id%22%3A19%2C%22ii%22%3A%22%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1636554918446%2C%22vi%22%3A1636688264206%2C%22cv%22%3A%2220211110-1-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F%22%2C%22e%22%3A%22https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A777%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A17%2C%22dw%22%3A777%2C%22dh%22%3A27%2C%22nsid%22%3A%22disqus-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A18%2C%22uim%22%3A%22thumbnails-b%3Apub%3Ddisqus-network%3Aabp%3D0%22%2C%22uip%22%3A%22%7B%5C%22domain%5C%22%3A%20%5C%22https%3A%2F%2Fwww.oann.com%5C%22%2C%20%5C%22experiment%5C%22%3A%20%5C%22network_default%5C%22%2C%20%5C%22position%5C%22%3A%20%5C%22bottom%5C%22%2C%20%5C%22shortname%5C%22%3A%20%5C%22oann%5C%22%2C%20%5C%22variant%5C%22%3A%20%5C%22fallthrough%5C%22%7D%22%2C%22orig_uip%22%3A%22%7B%5C%22domain%5C%22%3A%20%5C%22https%3A%2F%2Fwww.oann.com%5C%22%2C%20%5C%22experiment%5C%22%3A%20%5C%22network_default%5C%22%2C%20%5C%22position%5C%22%3A%20%5C%22bottom%5C%22%2C%20%5C%22shortname%5C%22%3A%20%5C%22oann%5C%22%2C%20%5C%22variant%5C%22%3A%20%5C%22fallthrough%5C%22%7D%22%2C%22cd%22%3A27%2C%22mw%22%3A0%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211110-1-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0aef66ae8beacbd1a45728d49fbb1ffd00e3a32df01b917e88ec3774f492203e

Request headers

Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
73
date
Fri, 12 Nov 2021 03:37:44 GMT
content-encoding
gzip
server
nginx
x-timer
S1636688265.621707,VS0,VE73
x-served-by
cache-fra19166-FRA
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.oann.com
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
settings
syndication.twitter.com/ Frame C3C3 		232 B
448 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=6cdd71d210df1c09d32d5179b0a61410ce4fe9c9
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Fwww.oann.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.72 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-response-time
105
date
Fri, 12 Nov 2021 03:37:44 GMT
content-encoding
gzip
last-modified
Fri, 12 Nov 2021 03:37:44 GMT
server
tsa_o
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
fdba8230757dc1ad4d70aaabb8a5a1377237a3bf93f0bd55217fc7cd7ad2b466
content-length
166
common.bundle.6c6defcc206edabe5048d82459ee0a0e.js
c.disquscdn.com/next/recommendations/ Frame 8070 		262 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/recommendations/common.bundle.6c6defcc206edabe5048d82459ee0a0e.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/recommendations.load.42dfcc5041eed24b84f85a10a88fa215.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:2200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5fae79754e7af92e6afadc3060797e3d35188221e60d63d0625f66cf921e7ebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 21:23:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2096059
x-cache
Hit from cloudfront
content-length
88862
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Mon, 18 Oct 2021 21:05:37 GMT
server
nginx
etag
"616de1a1-15b1e"
content-type
application/javascript; charset=utf-8
via
1.1 09211df9a08903bbbc04e39ab4e6f301.cloudfront.net (CloudFront)
expires
Tue, 18 Oct 2022 21:23:25 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
DUS51-P1
timing-allow-origin
*
x-amz-cf-id
C5mzjBXJVxJ54aRfLvnTBRva3WoaX6YVQRDgSA02sl6M5Th8SIxYcw==
x-cache-hits
0
details
disqus.com/api/3.0/forums/ Frame 2DCF 		3 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://disqus.com/api/3.0/forums/details?forum=oann&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.2f2f40d40785c9541a90e9086c8770a3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.128.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
39c4e9e3a5714108a69e934ef49c8530fdc630018fb4eb109a45ea8b6f8dae8e
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://disqus.com/embed/comments/?base=default&f=oann&t_i=2578519%20https%3A%2F%2Fwww.oann.com%2F%3Fp%3D2578519&t_u=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&t_e=Federal%20court%20orders%20Biden%E2%80%99s%20DOJ%20to%20stop%20extracting%20data%20from%20phones%20of%20Project%20Veritas%20founder%20James%20O%E2%80%99Keefe&t_d=Federal%20court%20orders%20Biden%E2%80%99s%20DOJ%20to%20stop%20extracting%20data%20from%20phones%20of%20Project%20Veritas%20founder%20James%20O%E2%80%99Keefe&t_t=Federal%20court%20orders%20Biden%E2%80%99s%20DOJ%20to%20stop%20extracting%20data%20from%20phones%20of%20Project%20Veritas%20founder%20James%20O%E2%80%99Keefe&s_o=default
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:37:44 GMT
X-Content-Type-Options
nosniff
Server
nginx
Age
0
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Type
application/json
Vary
Origin, Cookie
Content-Length
3191
X-XSS-Protection
1; mode=block
pbix.js
cdn.pixfuture.com/ Frame 3239 		423 KB
424 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pixfuture.com/pbix.js
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
536386f4e5a08dcde004ad0d24c4ea816a2054ba53f5da25ebb12fa4493f693f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
39998
cf-polished
origSize=433266
cf-bgj
minify
last-modified
Mon, 23 Aug 2021 13:19:22 GMT
server
cloudflare
etag
W/"6123a05a-69c72"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0y4ZIpHGeufOJ%2Fdo1%2FJ4s%2BnNmIjpTlKbGVny9OfHuQdzim88LJO5UXNZxAJCalJaSoj8UIuYv6Ty7vU%2By7AZ4gv3SohlOCiJSs7oandZsSsIGJWa19GVdJ4xiO3heVD1maD%2B6Fu6Dw%2FV7mk3nftf"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2678400, no-transform
cf-ray
6accb93689f60609-FRA
expires
Sat, 13 Nov 2021 16:31:05 GMT
r.js
aa.agkn.com/adscores/ Frame 3239 		0
185 B 		Script
General
Check archive.org
Download Go to
Full URL
https://aa.agkn.com/adscores/r.js?sid=9112309848
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.154.132 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-154-132.eu-central-1.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:44 GMT
server
AAWebServer
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
cache-control
no-cache, no-store, must-revalidate
content-type
application/javascript
content-length
0
expires
0
hb_v2.php
served-by.pixfuture.com/www/delivery/ Frame 3239 		3 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/delivery/hb_v2.php?dat=25449x300x250x4195x_ADSLOT3&keywords=&refUrl=&refresh=false&innerWidth=1600
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
281f947111a733c6009b4fc8381e7d94ff15f0bb6a5f26ef5ebed934543ffae4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:44 GMT
server
nginx/1.10.3 (Ubuntu)
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=172800, public, no-transform
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Sun, 14 Nov 2021 03:37:44 GMT
tfa-eid.20211110-1-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame 132F 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/tfa-eid.20211110-1-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cfdc6f4b2e861359d96877f83a28684ba1033e8c87e432ef4334334fa20aac3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
.k5bZU8RhKmZJm3HCVN23WkCbhWy_eFB
content-encoding
gzip
etag
"5545554b2172ae74e32c513b04e0d4c0"
age
57
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
5060
x-amz-id-2
AMvsA6GOIbCWPE7e6GFc1ETtUiqwSsnI+4hkAgIYyIqnbFRxAAh0Y3hQrmpDEBIVtBfLXDXdZJk=
x-served-by
cache-fra19166-FRA
last-modified
Thu, 11 Nov 2021 16:06:37 GMT
server
AmazonS3
x-timer
S1636688265.737682,VS0,VE0
date
Fri, 12 Nov 2021 03:37:44 GMT
vary
Accept-Encoding
x-amz-request-id
0NNEW5FTT7HB9CQ5
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
92
x-cache-hits
54
sha256.20211110-1-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame 132F 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/sha256.20211110-1-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bbb30c5c06dabed2796745f02af57ee71a6dcd45f89448107e24ceecc993313a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
qZTsipRDhjW.i4KmsNZ8LwD_z3pkqZPo
content-encoding
gzip
etag
"7b6fecbc6605169994e9b02bf5918b64"
age
18
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2589
x-amz-id-2
WTJzVktL+mlft1Sbi5n8CdxDp7/rH8C/BNvni31ibr+ewU8OBklFSc2/8AOo+JMB2HqHqBGSsFY=
x-served-by
cache-fra19166-FRA
last-modified
Thu, 11 Nov 2021 16:07:00 GMT
server
AmazonS3
x-timer
S1636688265.737756,VS0,VE0
date
Fri, 12 Nov 2021 03:37:44 GMT
vary
Accept-Encoding
x-amz-request-id
PRH44Y0GWXYZG6MJ
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
92
x-cache-hits
20
tb
15.taboola.com/ Frame 132F 		32 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://15.taboola.com/tb?oid=15&pubnm=disqus-widget-oann&unitType=226&tbloc=&pageType=text&pstn=%7B%22domain%22%3A%20%22https%3A%2F%2Fwww.oann.com%22%2C%20%22experiment%22%3A%20%22network_default%22%2C%20%22position%22%3A%20%22bottom%22%2C%20%22shortname%22%3A%20%22oann%22%2C%20%22variant%22%3A%20%22fallthrough%22%7D&uuip=&cisrf=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&cirf=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&encoded=1&uid=a284015e-a03f-4bac-8837-21742109eac8-tuct8876708&variant=-100|1786174170&callback=TRC.videoTagCallbacks.videoCallback1&cb=1636688264362&tagid=&cntry=DE&platform=1&sesid=c24e64ef802d06edd16962458c17fb4e&itemid=/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe&viewid=1636688264206&geolat=&geoing=&deviceifa=&appid=&sd=v2_c24e64ef802d06edd16962458c17fb4e_a284015e-a03f-4bac-8837-21742109eac8-tuct8876708_1636688264_1636688264_CIi3jgYQi_FAGI7445HRLyABKAEwODib4wlAgooQSJ3d3ANQpewQWABgAGjtxY_Nk8uW5EJwAA&ri=9ff79bb1ab518fff96d3cda5c60fada5&appname=&cdb=&gdprApplies=true&rid=&sii=-621404849796129001&oee=true&tpubid=1063051&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=BY&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1003147&prcnt=&layer=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211110-1-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9a51d368f4b4535ae579968fd1310dc13ca006b5e0aaf43be65114030cce1a9e

Request headers

Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 12 Nov 2021 03:37:44 GMT
content-encoding
gzip
access-control-allow-origin
https://www.oann.com
machineid
1418
x-cache
MISS
xvid-debug
mrmr - :
x-served-by
cache-fra19166-FRA
pragma
no-cache
server
nginx
x-timer
S1636688265.766770,VS0,VE17
vary
Accept-Encoding
content-type
text/html;charset=ISO-8859-1
via
1.1 varnish
expires
Sat, 26 Jul 1997 05:00:00 GMT
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
link
<https://am-wf.taboola.com>; rel=preconnect
x-cache-hits
0
userx.20211110-1-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame 132F 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20211110-1-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
10f87e4a89b00cc660c5c2a5c6f5fe66dfd1acff76b974157a14153279561645

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
81OMRycerNb31yEMeZLLmVu6tQFPovI1
content-encoding
gzip
etag
"72b41b692e2d824c0015d21f922e46c8"
age
32
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5339
x-amz-id-2
m5HTdcG36AxiuMIu9jM6gi1wqBdgG2wRHMa5jVdgsiAuU9OdwPDy/5DSZPr15cWEvcStWWpC6gM=
x-served-by
cache-fra19166-FRA
last-modified
Thu, 11 Nov 2021 16:06:26 GMT
server
AmazonS3
x-timer
S1636688265.766586,VS0,VE0
date
Fri, 12 Nov 2021 03:37:44 GMT
vary
Accept-Encoding
x-amz-request-id
5JVVENMPK8VBG1S1
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
92
x-cache-hits
6
crum
dsum-sec.casalemedia.com/ Frame 6103 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=0c139b8f-e206-4a41-8b45-759e91db200a&expiration=1644637064
Requested by
Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://um2.eqads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:44 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 12 Nov 2021 03:37:44 GMT
e013d7c7-6097-4689-af94-c794268630eb_1000x600.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/images/ Frame 132F 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/images/e013d7c7-6097-4689-af94-c794268630eb_1000x600.jpeg
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
970dd3acc590a51d3e6a25f7fd7fed8f23a19fb0c9a6e7f47d82e02e1bca14c6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 12 Nov 2021 03:37:44 GMT
via
1.1 varnish, 1.1 varnish
age
150090
edge-cache-tag
388019853265685661743378449646978477633,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
395
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/images/e013d7c7-6097-4689-af94-c794268630eb_1000x600.jpeg
content-length
8554
x-request-id
8b689723fcb74d2109743fd86f694614
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified
Wed, 10 Nov 2021 09:36:47 GMT
server
nginx
x-timer
S1636688265.783099,VS0,VE0
etag
"241dec7db124c75a4656a1eeb3523301"
x-served-by
cache-bwi5056-BWI, cache-dca12926-DCA, cache-fra19166-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
d1d63ed7f5f933de2d710453d9a272ff.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 132F 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d1d63ed7f5f933de2d710453d9a272ff.png
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ec3d70e648d63289d1283547779064750d191f158d3c04d28d724a339573eb55

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 12 Nov 2021 03:37:44 GMT
via
1.1 varnish, 1.1 varnish
age
4300617
edge-cache-tag
331011032900433315103558136325647667910,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
98
expiration
expiry-date="Mon, 18 Oct 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d1d63ed7f5f933de2d710453d9a272ff.png
content-length
12674
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Fri, 17 Sep 2021 08:48:40 GMT
server
nginx
x-timer
S1636688265.783020,VS0,VE1
etag
"9bf9253ce54418dc1dc247182330d13b"
x-served-by
cache-wdc5569-WDC, cache-dca17730-DCA, cache-fra19166-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
7512fe6c86f076f28d0fb8c21b3c2203.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 132F 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7512fe6c86f076f28d0fb8c21b3c2203.png
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ecd1f316ff37fc94ab8056f09acba90296150766dbfeacf42179937a5654ebbe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 12 Nov 2021 03:37:44 GMT
via
1.1 varnish, 1.1 varnish
age
3076764
edge-cache-tag
516223263261527036422859970146487131552,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
80
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7512fe6c86f076f28d0fb8c21b3c2203.png
content-length
20774
x-request-id
7f4b617749b7ab5ffed3a10eb4f55d98
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Thu, 07 Oct 2021 10:43:49 GMT
server
nginx
x-timer
S1636688265.783351,VS0,VE0
etag
"d38ee8df68a593c11d1f4543b2fae7bb"
x-served-by
cache-wdc5571-WDC, cache-dca17753-DCA, cache-fra19166-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 7025
31554148f3876ed07da30347ff114f3d.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 132F 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/31554148f3876ed07da30347ff114f3d.jpg
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0ed1c3286a6ba3c0a33bc718523533985e5251a0be066b9662c4cecea592995b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 12 Nov 2021 03:37:44 GMT
via
1.1 varnish, 1.1 varnish
age
1854517
edge-cache-tag
366139508817972036194806022288568100961,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
x-envoy-upstream-service-time
60
expiration
expiry-date="Sun, 14 Nov 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/31554148f3876ed07da30347ff114f3d.jpg
content-length
13606
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Thu, 14 Oct 2021 15:05:07 GMT
server
nginx
x-timer
S1636688265.783551,VS0,VE1
etag
"f9e09b10ed8bd314eeb76025494d2f16"
x-served-by
cache-wdc5579-WDC, cache-dca12929-DCA, cache-fra19166-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
2df7f782b1dfe1f0e3c9651ba4324b25.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 132F 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2df7f782b1dfe1f0e3c9651ba4324b25.jpg
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9a596350b901576cea15bc919726dd4a8bf883c34de0e87c82726f869bc52f47

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 12 Nov 2021 03:37:44 GMT
via
1.1 varnish
age
3747501
edge-cache-tag
484462679557814109286748890360421740276,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
96
x-envoy-upstream-service-time
214
expiration
expiry-date="Fri, 01 Oct 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2df7f782b1dfe1f0e3c9651ba4324b25.jpg
content-length
6718
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified
Tue, 31 Aug 2021 09:17:44 GMT
server
nginx
x-timer
S1636688265.783799,VS0,VE0
etag
"a6bdd20a5ebf6b11dccae42a6505cb5b"
x-served-by
cache-wdc5548-WDC, cache-fra19166-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 2
b38a6c54b37b6245c2741183d40e6b3b.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 132F 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b38a6c54b37b6245c2741183d40e6b3b.png
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
162523b35a7ab39f1e12b85b48dc5dc53d51b867c4ac7490a6e1851f72f59b61

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 12 Nov 2021 03:37:44 GMT
via
1.1 varnish, 1.1 varnish
age
1224966
edge-cache-tag
548326101841219537467387756674379334140,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
54
expiration
expiry-date="Fri, 05 Nov 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b38a6c54b37b6245c2741183d40e6b3b.png
content-length
8544
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Tue, 05 Oct 2021 14:38:58 GMT
server
nginx
x-timer
S1636688265.784347,VS0,VE1
etag
"9dd11341fb4cc30e8aa7b2e985c0a87a"
x-served-by
cache-wdc5557-WDC, cache-dca17725-DCA, cache-fra19166-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
c18f7191af44f0d1b7b2fb8add0d9094.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 132F 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c18f7191af44f0d1b7b2fb8add0d9094.jpg
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4b4c01757303b6567b8c984b5667c981225ea2d78b186759d3a70fce56fda6a8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 12 Nov 2021 03:37:44 GMT
via
1.1 varnish, 1.1 varnish
age
1350213
edge-cache-tag
613307842317614204465584172163163049098,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
84
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c18f7191af44f0d1b7b2fb8add0d9094.jpg
content-length
9950
x-request-id
af23dfb3522d19f718d08d57607a4ec9
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified
Sun, 10 Oct 2021 21:22:55 GMT
server
nginx
x-timer
S1636688265.793476,VS0,VE0
etag
"9e0e0e11cb36be3c6c13c04cbe7dfd8e"
x-served-by
cache-wdc5582-WDC, cache-dca17737-DCA, cache-fra19166-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 5
272b240b721a578d6563283883f8dedc.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 132F 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/272b240b721a578d6563283883f8dedc.jpg
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
78539656ca15b12695cce6f6f08950ce1062fa79d34dd584cdb06e204835c98f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 12 Nov 2021 03:37:44 GMT
via
1.1 varnish, 1.1 varnish
age
229703
edge-cache-tag
367583411591340618196530698344963422499,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-envoy-upstream-service-time
580
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/272b240b721a578d6563283883f8dedc.jpg
content-length
3756
x-request-id
793121ff2f1c5670873139d8ca058f93
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Tue, 02 Nov 2021 14:54:39 GMT
server
nginx
x-timer
S1636688265.793549,VS0,VE0
etag
"5e51fbfdc29c5976fb6027282f8cc0ec"
x-served-by
cache-wdc5549-WDC, cache-dca17757-DCA, cache-fra19166-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
tbp
15.taboola.com/ Frame 132F 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://15.taboola.com/tbp?oid=15&pubid=166277&tagid=948107&pstn=[pstn]&cb=[cb]&callback=TRC.pVideoCallbacks.videoCallback1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211110-1-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
bdbbe5e9f87c0197dac7dccdb9272f91fbc97f81ed24bdfe21ef0071708d1941

Request headers

Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 12 Nov 2021 03:37:44 GMT
content-encoding
gzip
access-control-allow-origin
https://www.oann.com
machineid
1418
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra19166-FRA
pragma
no-cache
server
nginx
x-timer
S1636688265.785167,VS0,VE26
vary
Accept-Encoding
content-type
text/html;charset=ISO-8859-1
via
1.1 varnish
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
34ae3d8438b9f0684092dd84dd25fdb9.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 132F 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/34ae3d8438b9f0684092dd84dd25fdb9.jpeg
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
926920b5793853b247a3f9af35fb90b852a2d96b13998d9f548e61e320f891fd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 12 Nov 2021 03:37:44 GMT
via
1.1 varnish, 1.1 varnish
age
3169250
edge-cache-tag
501898018763052567145069362010418137997,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
x-envoy-upstream-service-time
98
expiration
expiry-date="Sun, 24 Oct 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/34ae3d8438b9f0684092dd84dd25fdb9.jpeg
content-length
30188
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified
Thu, 23 Sep 2021 07:38:03 GMT
server
nginx
x-timer
S1636688265.793817,VS0,VE0
etag
"61abc1a7e9d1bb6497bfbc0a26f8b9e5"
x-served-by
cache-wdc5573-WDC, cache-dca12929-DCA, cache-fra19166-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
289b962a3c0249e6c9c2b82b51ed694b.jpg
images.taboola.com/taboola/image/fetch/h_234,w_280,c_fill,g_xy_center,x_1111,y_554/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 132F 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/h_234,w_280,c_fill,g_xy_center,x_1111,y_554/http%3A//cdn.taboola.com/libtrc/static/thumbnails/289b962a3c0249e6c9c2b82b51ed694b.jpg
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4fdfc2bd71909fabfa4c79a8a6a38cc8b84c701490a598bafe53c4009746e9ce

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 12 Nov 2021 03:37:44 GMT
via
1.1 varnish, 1.1 varnish
age
3598162
edge-cache-tag
514190551595935143718827872641545762763,468725963521692602874378784851680012784,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-envoy-upstream-service-time
38
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/h_234,w_280,c_fill,g_xy_center,x_1111,y_554/http%3A//cdn.taboola.com/libtrc/static/thumbnails/289b962a3c0249e6c9c2b82b51ed694b.jpg
content-length
8400
x-request-id
902bb912857b1ecc08d76ae93ab98ad8
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Fri, 01 Oct 2021 12:08:06 GMT
server
nginx
x-timer
S1636688265.793864,VS0,VE1
etag
"ae742c4c20ad143ae74effd51e123665"
x-served-by
cache-wdc5543-WDC, cache-dca17731-DCA, cache-fra19166-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
ecda2c63093408efdece2de5aec98de0.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 132F 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ecda2c63093408efdece2de5aec98de0.jpg
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4037ad36db89a971610367dabb16099abf41eb1d29146c2e350e346279426923

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 12 Nov 2021 03:37:44 GMT
via
1.1 varnish, 1.1 varnish
age
727181
edge-cache-tag
347812986972813126809161140340844210292,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
475
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ecda2c63093408efdece2de5aec98de0.jpg
content-length
6150
x-request-id
e507f484e560ada3fd0fa249462ccf95
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
last-modified
Thu, 28 Oct 2021 12:23:47 GMT
server
nginx
x-timer
S1636688265.793914,VS0,VE0
etag
"a98ca0bd91145fb4f13120414470d548"
x-served-by
cache-wdc5526-WDC, cache-dca12926-DCA, cache-fra19166-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 6
2a98ecfb174a90dc90e0d12bf5b751c0.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 132F 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2a98ecfb174a90dc90e0d12bf5b751c0.jpg
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8c279d80304face4fdc120ac0dae45285ed8732be51bdeabf3338779f12e0a59

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 12 Nov 2021 03:37:44 GMT
via
1.1 varnish, 1.1 varnish
age
3763495
edge-cache-tag
551211590532241058447420833132280006197,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
x-envoy-upstream-service-time
35
expiration
expiry-date="Sun, 03 Oct 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2a98ecfb174a90dc90e0d12bf5b751c0.jpg
content-length
10518
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Thu, 02 Sep 2021 04:52:13 GMT
server
nginx
x-timer
S1636688265.795346,VS0,VE1
etag
"0812dd9cf9567f6070676e82ded8577a"
x-served-by
cache-wdc5572-WDC, cache-dca17756-DCA, cache-fra19166-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
ead771919ad4d7507c3c43ef56d0c0d5.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 132F 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ead771919ad4d7507c3c43ef56d0c0d5.jpg
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6e82757514589c6f362b3644143fcede1594f85e1afbf3451800478002138e97

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 12 Nov 2021 03:37:44 GMT
via
1.1 varnish, 1.1 varnish
age
122923
edge-cache-tag
412548471493062595842645205571749517473,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
331
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ead771919ad4d7507c3c43ef56d0c0d5.jpg
content-length
9274
x-request-id
9a85a42ac5fc7d2cfd6321b5f1bcc8aa
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
last-modified
Mon, 01 Nov 2021 11:33:09 GMT
server
nginx
x-timer
S1636688265.804286,VS0,VE1
etag
"4d8c536deb0841e162f30aca5b95ff7b"
x-served-by
cache-bwi5039-BWI, cache-dca17780-DCA, cache-fra19166-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
04e4d3c238da5d1aa5404c56a4af7253.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 132F 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/04e4d3c238da5d1aa5404c56a4af7253.jpeg
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d7c5c35f7746ceb139d99b6117625878ecbeeedffcdbb51022ae7072c87619b0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 12 Nov 2021 03:37:44 GMT
via
1.1 varnish, 1.1 varnish
age
4229660
edge-cache-tag
338824688308577468232893320004380511371,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
31
expiration
expiry-date="Tue, 12 Oct 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/04e4d3c238da5d1aa5404c56a4af7253.jpeg
content-length
5800
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Sat, 11 Sep 2021 09:49:51 GMT
server
nginx
x-timer
S1636688265.804349,VS0,VE1
etag
"917f959ebf99e3cafe0d7abe5b9f82dc"
x-served-by
cache-wdc5557-WDC, cache-dca17783-DCA, cache-fra19166-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
8edb390c49a08569d13f645857e12e2d.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 132F 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8edb390c49a08569d13f645857e12e2d.png
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c9d8377d09d9654db42ea9df09415c65c5737cbedd4d7b3d985aa05e7243e126

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 12 Nov 2021 03:37:44 GMT
via
1.1 varnish, 1.1 varnish
age
335545
edge-cache-tag
557827908015251601765602148113079326189,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
390
x-cache
MISS, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8edb390c49a08569d13f645857e12e2d.png
content-length
8052
x-request-id
a31c8bd598d207efebbd315589fada63
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Fri, 05 Nov 2021 14:47:48 GMT
server
nginx
x-timer
S1636688265.804527,VS0,VE1
etag
"9dd5da09b783ec208267a721fb730737"
x-served-by
cache-wdc5546-WDC, cache-dca12925-DCA, cache-fra19166-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1
1f9e29710eb775552cf32d21ff8ec73a.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 132F 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1f9e29710eb775552cf32d21ff8ec73a.jpeg
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
16891285b266a3bff718eb9a69c310494b54fc1c0a09634be8eb1644d9d7620e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 12 Nov 2021 03:37:44 GMT
via
1.1 varnish, 1.1 varnish
age
2486081
edge-cache-tag
528708700009823532085126604379828476207,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
774
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1f9e29710eb775552cf32d21ff8ec73a.jpeg
content-length
6830
x-request-id
349d183cb006d83a5111bde5210a47da
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Wed, 13 Oct 2021 11:48:14 GMT
server
nginx
x-timer
S1636688265.804573,VS0,VE1
etag
"5a5134ff15cdbb11315be0ace4d9a9e3"
x-served-by
cache-wdc5558-WDC, cache-dca17743-DCA, cache-fra19166-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
tbp
15.taboola.com/ Frame 132F 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://15.taboola.com/tbp?oid=15&pubid=166277&tagid=948107&pstn=[pstn]&cb=[cb]&callback=TRC.pVideoCallbacks.videoCallback2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211110-1-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
54128f43fe22cfade00cfdfc5f1edb418ff90e52d482bd33f6299b3af907f42d

Request headers

Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 12 Nov 2021 03:37:44 GMT
content-encoding
gzip
access-control-allow-origin
https://www.oann.com
machineid
1430
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra19166-FRA
pragma
no-cache
server
nginx
x-timer
S1636688265.792195,VS0,VE22
vary
Accept-Encoding
content-type
text/html;charset=ISO-8859-1
via
1.1 varnish
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
5e43de85e66e491de5f9be50927ee166.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 132F 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5e43de85e66e491de5f9be50927ee166.png
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
432a267b5e20a714faba62a8bb5d8dc1418720c3bb3f30cbcc4de99e4da3d30c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 12 Nov 2021 03:37:44 GMT
via
1.1 varnish, 1.1 varnish
age
646164
edge-cache-tag
455891600362132420660955424826514940961,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
850
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5e43de85e66e491de5f9be50927ee166.png
content-length
20840
x-request-id
91ab94d2d50f24c339759f901852f075
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Thu, 04 Nov 2021 14:10:17 GMT
server
nginx
x-timer
S1636688265.804620,VS0,VE1
etag
"7c875edd65cd4c12885189d0adcd894e"
x-served-by
cache-wdc5566-WDC, cache-dca17766-DCA, cache-fra19166-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
1144140789__Ngkc1Ckq.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/ Frame 132F 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1144140789__Ngkc1Ckq.jpg
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
79b780ca7eda8c4620e1ff9152c08980cf1ae11a214984ffe0e678e9e697e684

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 12 Nov 2021 03:37:44 GMT
via
1.1 varnish, 1.1 varnish
age
1541297
edge-cache-tag
307838282797165809386944034859647990542,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-envoy-upstream-service-time
571
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1144140789__Ngkc1Ckq.jpg
content-length
6456
x-request-id
68e14dc22696d879d3b35f3f58deda01
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified
Sun, 24 Oct 2021 09:28:54 GMT
server
nginx
x-timer
S1636688265.804710,VS0,VE0
etag
"884a7c00a783bde252c9cdd6f328b568"
x-served-by
cache-wdc5541-WDC, cache-dca17767-DCA, cache-fra19166-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 5
UnitWidgetItemDesktop.min.js
vidstat.taboola.com/lite-unit/3.5.2/ Frame 132F 		97 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/3.5.2/UnitWidgetItemDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211110-1-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
890aefc340c1b2efe49d71cad4618a6c13ac793d2ce7e4d51d301c96393836c4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:44 GMT
via
1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront), 1.1 varnish
age
1103691
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
28307
x-served-by
cache-fra19166-FRA
last-modified
Sat, 30 Oct 2021 09:02:06 GMT
server
AmazonS3
x-timer
S1636688265.818678,VS0,VE0
etag
"e5d90598697be1a7577dea026b23fc11"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
GmPAPfww_d7lWrNQ-0n9n1R7wrSVq9QdtVkWP9Gc3VaGQK9ddxyE5A==
x-cache-hits
114874
recommendations.10022a97346f1c6e3798931bbd8e4bb5.css
c.disquscdn.com/next/recommendations/styles/ Frame 8070 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/recommendations/styles/recommendations.10022a97346f1c6e3798931bbd8e4bb5.css
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.6c6defcc206edabe5048d82459ee0a0e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:2200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
3eee15d11eb29b6f2258cabfeeca39b3b900a7cae96fc7919b27789f3470b9f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 21:23:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2096059
x-cache
Hit from cloudfront
content-length
2978
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Mon, 18 Oct 2021 21:05:37 GMT
server
nginx
etag
"616de1a1-ba2"
content-type
text/css; charset=utf-8
via
1.1 09211df9a08903bbbc04e39ab4e6f301.cloudfront.net (CloudFront)
expires
Tue, 18 Oct 2022 21:23:25 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
DUS51-P1
timing-allow-origin
*
x-amz-cf-id
E6RrL4QtAaYfIBcIAEc3fiY0eNZie3LV6DN9SyR6JLmVhX4K-vvTxA==
x-cache-hits
0
css2
fonts.googleapis.com/ Frame 2DCF 		8 KB
835 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Nunito:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2203ba5dbc62526475f18514711d21ee4dd08d411feb7fcdfc2f20184c8ff2e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=oann&t_i=2578519%20https%3A%2F%2Fwww.oann.com%2F%3Fp%3D2578519&t_u=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&t_e=Federal%20court%20orders%20Biden%E2%80%99s%20DOJ%20to%20stop%20extracting%20data%20from%20phones%20of%20Project%20Veritas%20founder%20James%20O%E2%80%99Keefe&t_d=Federal%20court%20orders%20Biden%E2%80%99s%20DOJ%20to%20stop%20extracting%20data%20from%20phones%20of%20Project%20Veritas%20founder%20James%20O%E2%80%99Keefe&t_t=Federal%20court%20orders%20Biden%E2%80%99s%20DOJ%20to%20stop%20extracting%20data%20from%20phones%20of%20Project%20Veritas%20founder%20James%20O%E2%80%99Keefe&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 12 Nov 2021 03:37:44 GMT
server
ESF
date
Fri, 12 Nov 2021 03:37:44 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 12 Nov 2021 03:37:44 GMT
loadReactions
disqus.com/api/3.0/threadReactions/ Frame 2DCF 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://disqus.com/api/3.0/threadReactions/loadReactions?thread=8875651269&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.2f2f40d40785c9541a90e9086c8770a3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.128.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
51cc0d749aebcaec5b799a00addf02b6850608c3bf5a5146ed58b6debcb5ecd1
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://disqus.com/embed/comments/?base=default&f=oann&t_i=2578519%20https%3A%2F%2Fwww.oann.com%2F%3Fp%3D2578519&t_u=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&t_e=Federal%20court%20orders%20Biden%E2%80%99s%20DOJ%20to%20stop%20extracting%20data%20from%20phones%20of%20Project%20Veritas%20founder%20James%20O%E2%80%99Keefe&t_d=Federal%20court%20orders%20Biden%E2%80%99s%20DOJ%20to%20stop%20extracting%20data%20from%20phones%20of%20Project%20Veritas%20founder%20James%20O%E2%80%99Keefe&t_t=Federal%20court%20orders%20Biden%E2%80%99s%20DOJ%20to%20stop%20extracting%20data%20from%20phones%20of%20Project%20Veritas%20founder%20James%20O%E2%80%99Keefe&s_o=default
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:37:45 GMT
X-Content-Type-Options
nosniff
Server
nginx
Age
63
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Cache-Control
stale-while-revalidate=30, max-age=60
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Type
application/json
Vary
Origin, Cookie
Content-Length
1339
X-XSS-Protection
1; mode=block
avatar92.jpg
c.disquscdn.com/uploads/forums/446/8287/ Frame 2DCF 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/uploads/forums/446/8287/avatar92.jpg?1470335425
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:2200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1e765599e57a6f2aa2cbc16cd2a53d620e4be033ddf93f0ba3ce5adbf037dd20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=oann&t_i=2578519%20https%3A%2F%2Fwww.oann.com%2F%3Fp%3D2578519&t_u=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&t_e=Federal%20court%20orders%20Biden%E2%80%99s%20DOJ%20to%20stop%20extracting%20data%20from%20phones%20of%20Project%20Veritas%20founder%20James%20O%E2%80%99Keefe&t_d=Federal%20court%20orders%20Biden%E2%80%99s%20DOJ%20to%20stop%20extracting%20data%20from%20phones%20of%20Project%20Veritas%20founder%20James%20O%E2%80%99Keefe&t_t=Federal%20court%20orders%20Biden%E2%80%99s%20DOJ%20to%20stop%20extracting%20data%20from%20phones%20of%20Project%20Veritas%20founder%20James%20O%E2%80%99Keefe&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 10:36:15 GMT
via
1.1 09211df9a08903bbbc04e39ab4e6f301.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
3690088
x-cache
Hit from cloudfront
content-length
3591
x-xss-protection
1; mode=block
x-served-by
static-web-2
last-modified
Thu, 04 Aug 2016 18:30:26 GMT
server
nginx
etag
"05de1ed06d6441c135cb8319b9b39873"
content-type
image/jpeg
expires
Fri, 30 Sep 2022 10:36:15 GMT
cache-control
max-age=31536000, public, immutable
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
x-amz-cf-id
lK9DDDbF_7eaRsb8AwoItK6iiTAe7xjSzGBdsvK9jb3vamkttwWFWg==
x-cache-hits
0
truncated
/ Frame 2DCF 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/gif
svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame 2DCF 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.45ce3ab7627dd20241bfd7e5b01d3737.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:2200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c.disquscdn.com/next/embed/styles/lounge.45ce3ab7627dd20241bfd7e5b01d3737.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 14:37:41 GMT
via
1.1 09211df9a08903bbbc04e39ab4e6f301.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
17067603
x-cache
Hit from cloudfront
content-length
13079
x-xss-protection
1; mode=block
x-served-by
static-web-1
surrogate-key
next
last-modified
Tue, 27 Apr 2021 21:01:56 GMT
server
nginx
etag
"60887bc4-3317"
content-type
image/svg+xml; charset=utf-8
access-control-allow-origin
*
expires
Thu, 28 Apr 2022 14:37:41 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
gFzkqB8Dg7HRq6Z7BiCwEuKtPwjlY4He3RCwVzo-SQWS08agDgFV_Q==
x-cache-hits
0
loader.ba7c86e8b4b6135bb668d05223f8f127.gif
c.disquscdn.com/next/embed/assets/img/ Frame 2DCF 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/next/embed/assets/img/loader.ba7c86e8b4b6135bb668d05223f8f127.gif
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.45ce3ab7627dd20241bfd7e5b01d3737.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:2200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c.disquscdn.com/next/embed/styles/lounge.45ce3ab7627dd20241bfd7e5b01d3737.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 04:58:07 GMT
via
1.1 09211df9a08903bbbc04e39ab4e6f301.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
24359977
x-cache
Hit from cloudfront
content-length
2971
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Wed, 27 Jan 2021 17:23:07 GMT
server
nginx
etag
"6011a17b-b9b"
content-type
image/gif
access-control-allow-origin
*
expires
Thu, 03 Feb 2022 04:58:07 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
hLkHeBX9pvZiWbPIM6aKb-TmUasT30uAvO5subDXNiftuUuq7PswBw==
x-cache-hits
0
icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
c.disquscdn.com/next/embed/assets/font/ Frame 2DCF 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.45ce3ab7627dd20241bfd7e5b01d3737.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:2200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://c.disquscdn.com/next/embed/styles/lounge.45ce3ab7627dd20241bfd7e5b01d3737.css
Origin
https://disqus.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 09:58:18 GMT
via
1.1 cd8cc1ff175a63c59feeb56bb3687767.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
6197966
x-cache
Hit from cloudfront
content-length
7900
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Tue, 24 Aug 2021 21:06:44 GMT
server
nginx
etag
"61255f64-1edc"
content-type
application/octet-stream
access-control-allow-origin
*
expires
Thu, 01 Sep 2022 09:58:18 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
m2nrAiqpZoHwdmyixy-VLiCJOY6Gtp3Ni7dzj3UMPk4Rs0lIzeSyhg==
x-cache-hits
0
creative_js.js
vidstat.taboola.com/vpaid/units/27_2_17/creatives/ Frame 132F 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/27_2_17/creatives/creative_js.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211110-1-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6258018e9f890f2383a09a2be6df7792affd977d856e7247ace8341f5b5487f0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:45 GMT
via
1.1 08bbe291f260c2b80a00874a80ade07c.cloudfront.net (CloudFront), 1.1 varnish
age
2554147
x-amz-meta-mtime
1580720676
x-cache
Hit from cloudfront, HIT
x-amz-meta-ctime
1580720957
x-amz-meta-mode
33188
content-encoding
gzip
content-length
1904
x-served-by
cache-fra19166-FRA
last-modified
Mon, 03 Feb 2020 09:09:18 GMT
server
AmazonS3
x-timer
S1636688265.009361,VS0,VE0
etag
"d80eacb3ed43f93a2da80d76e65d19a8"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
application/javascript
access-control-allow-headers
*
x-amz-cf-id
Sk-dQ-vXqlkymfouDYO0ROLJleZN_EmWEBrNrUZpeGf8tabSmNbJwg==
x-cache-hits
444385
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.oann.com%2F&domain=www.oann.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.oann.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://www.oann.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1514
date
Fri, 12 Nov 2021 03:37:44 GMT
content-encoding
gzip
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 3239
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.oann.com%2F&domain=www.oann.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=LB9jC3xFVXFzd2MxVjNMaTZTWkh6b1BiRnBISS91cGZyTU9MZVQ1N1VIVDFtZDVicTRZeHY1SEYxNllaZXdua1d1dktuQkVtQUFucGdZbFIzYTJtOUZ1UU9LSDN4UXlCQ2xpQVZWaDl2by9nK0VCSDBaYUFyaDBPOFpveH...
352 B
604 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=LB9jC3xFVXFzd2MxVjNMaTZTWkh6b1BiRnBISS91cGZyTU9MZVQ1N1VIVDFtZDVicTRZeHY1SEYxNllaZXdua1d1dktuQkVtQUFucGdZbFIzYTJtOUZ1UU9LSDN4UXlCQ2xpQVZWaDl2by9nK0VCSDBaYUFyaDBPOFpveHpTeGVZVTVzeHdLTVF2bU1YajBUVUI5RkQ1OVpITm5OUFFsbktCcjZ1ZFF5ZW9IMDh2YTBNYmlvUExoWlNYZTB5ZWdOTWcwbjQzVysxOXhpSUVsL1hDbm5IZ3JIc3htUVhjUzFiTzNmVGhSU2R6a0NQZlJjPXw&cppv=2
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
139822e4b0e1237d59693b8d48f726883bf1de2d1aef5e5cbb47feafc03577a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Fri, 12 Nov 2021 03:37:45 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2165
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 12 Nov 2021 03:37:44 GMT
location
https://mug.criteo.com/sid?cpp=LB9jC3xFVXFzd2MxVjNMaTZTWkh6b1BiRnBISS91cGZyTU9MZVQ1N1VIVDFtZDVicTRZeHY1SEYxNllaZXdua1d1dktuQkVtQUFucGdZbFIzYTJtOUZ1UU9LSDN4UXlCQ2xpQVZWaDl2by9nK0VCSDBaYUFyaDBPOFpveHpTeGVZVTVzeHdLTVF2bU1YajBUVUI5RkQ1OVpITm5OUFFsbktCcjZ1ZFF5ZW9IMDh2YTBNYmlvUExoWlNYZTB5ZWdOTWcwbjQzVysxOXhpSUVsL1hDbm5IZ3JIc3htUVhjUzFiTzNmVGhSU2R6a0NQZlJjPXw&cppv=2
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.oann.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1934
content-length
482
expires
0
529.json
id5-sync.com/g/v2/ Frame 3239 		213 B
530 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/529.json
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.109.48 , France, ASN16276 (OVH, FR),
Reverse DNS
p03.id5-sync.com
Software
/
Resource Hash
e03658321fdfd30bcaa04ac2e4847d993cd8abcb14550362f97580853b436b0c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.oann.com
Date
Fri, 12 Nov 2021 03:36:37 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ Frame 3239 		0
0
rid
match.adsrvr.org/track/ Frame 3239 		108 B
648 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=yoni5uv&fmt=json
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8608511f76a65e92cda9d88b8f90dc46a4310d60af3e19d810e9982ba86a1580

Request headers

Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 12 Nov 2021 03:37:45 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.oann.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Sun, 12 Dec 2021 03:37:45 GMT
seg
secure.adnxs.com/ Frame 3239 		0
1005 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/seg?add=27578926%2C27578926&t=1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:45 GMT
X-Proxy-Origin
91.199.118.74; 91.199.118.74; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
cc1c5b8f-4dbe-4c79-a905-39d21124a460
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
recommendations.bundle.926bc472e4859a48daa346b4ba2ab4f4.js
c.disquscdn.com/next/recommendations/ Frame 8070 		65 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/recommendations/recommendations.bundle.926bc472e4859a48daa346b4ba2ab4f4.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.6c6defcc206edabe5048d82459ee0a0e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:2200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
dbffe4825c6ba1f19ff48607381ad4384b0609b64998830502c130f00abe887d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 11 Oct 2021 20:25:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2704322
x-cache
Hit from cloudfront
content-length
20244
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Mon, 11 Oct 2021 20:15:56 GMT
server
nginx
etag
"61649b7c-4f14"
content-type
application/javascript; charset=utf-8
via
1.1 09211df9a08903bbbc04e39ab4e6f301.cloudfront.net (CloudFront)
expires
Tue, 11 Oct 2022 20:25:43 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
DUS51-P1
timing-allow-origin
*
x-amz-cf-id
1_96oDp1fL1Nbjsu2WEApH91tEc1zA6rwpYMOPn-tknKHPNKM1FYQg==
x-cache-hits
0
config.js
disqus.com/next/ Frame 8070 		13 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://disqus.com/next/config.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.6c6defcc206edabe5048d82459ee0a0e.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.128.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6572640d21e523ae2e62df79b201ef4956696631333f0edf0a042e9dee698b2e
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/recommendations/?base=default&f=oann&t_i=2578519%20https%3A%2F%2Fwww.oann.com%2F%3Fp%3D2578519&t_u=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&t_e=Federal%20court%20orders%20Biden%E2%80%99s%20DOJ%20to%20stop%20extracting%20data%20from%20phones%20of%20Project%20Veritas%20founder%20James%20O%E2%80%99Keefe&t_d=Federal%20court%20orders%20Biden%E2%80%99s%20DOJ%20to%20stop%20extracting%20data%20from%20phones%20of%20Project%20Veritas%20founder%20James%20O%E2%80%99Keefe&t_t=Federal%20court%20orders%20Biden%E2%80%99s%20DOJ%20to%20stop%20extracting%20data%20from%20phones%20of%20Project%20Veritas%20founder%20James%20O%E2%80%99Keefe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:37:45 GMT
X-Content-Type-Options
nosniff
Content-Type
application/javascript; charset=UTF-8
Server
nginx
Age
27
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin
*
Cache-Control
public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
13683
X-XSS-Protection
1; mode=block
XRXW3I6Li01BKofA6sKUYevI.woff2
fonts.gstatic.com/s/nunito/v16/ Frame 2DCF 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunito/v16/XRXW3I6Li01BKofA6sKUYevI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d8a2fc19b3c25b470b6b7a2cb69be14e22328bc0bf9adfe709f0b1477fc61525
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://disqus.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 03:36:26 GMT
x-content-type-options
nosniff
age
86479
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19248
x-xss-protection
0
last-modified
Wed, 25 Nov 2020 02:44:29 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 11 Nov 2022 03:36:26 GMT
XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v16/ Frame 2DCF 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunito/v16/XRXV3I6Li01BKofINeaB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
06f3af3fe52542d40ad9bc14ec03e04deaabd09ec369221cc8f536db1c72bf55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://disqus.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 05:32:05 GMT
x-content-type-options
nosniff
age
252340
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18972
x-xss-protection
0
last-modified
Wed, 25 Nov 2020 02:44:35 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 09 Nov 2022 05:32:05 GMT
XRXW3I6Li01BKofAjsOUYevI.woff2
fonts.gstatic.com/s/nunito/v16/ Frame 2DCF 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunito/v16/XRXW3I6Li01BKofAjsOUYevI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
622b2acb1b2c8d4eba45b028583b297a195b839f4684fc02d6906c84779f763d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://disqus.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 13:29:55 GMT
x-content-type-options
nosniff
age
137270
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19088
x-xss-protection
0
last-modified
Wed, 25 Nov 2020 02:44:23 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 10 Nov 2022 13:29:55 GMT
XRXQ3I6Li01BKofIMN44Y9vKUT8.woff2
fonts.gstatic.com/s/nunito/v16/ Frame 2DCF 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunito/v16/XRXQ3I6Li01BKofIMN44Y9vKUT8.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f188be3dcb944ab17761f8d70348dd1aaf1b0cdc1737d16f0651013d1a37975
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://disqus.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 05:32:26 GMT
x-content-type-options
nosniff
age
252319
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20192
x-xss-protection
0
last-modified
Wed, 25 Nov 2020 02:44:54 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 09 Nov 2022 05:32:26 GMT
XRXX3I6Li01BKofIMNaDRs4.woff2
fonts.gstatic.com/s/nunito/v16/ Frame 2DCF 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunito/v16/XRXX3I6Li01BKofIMNaDRs4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7fc216fee39c00f17a733e086d08aadf680e01adff58039b50acc53dda3ac5c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://disqus.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 05 Nov 2021 07:13:42 GMT
x-content-type-options
nosniff
age
591843
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20000
x-xss-protection
0
last-modified
Wed, 25 Nov 2020 02:44:44 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 05 Nov 2022 07:13:42 GMT
horizon_tweet.4027cff8c5dfbbf9b414b0df963e6b7d.js
platform.twitter.com/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/horizon_tweet.4027cff8c5dfbbf9b414b0df963e6b7d.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.25 Playa Vista, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67A7) /
Resource Hash
7ca703a20171d4d4440daefb529292d7720e3bb2b0aa1aa6d797228bcd3b762c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:37:45 GMT
Content-Encoding
gzip
Last-Modified
Mon, 18 Oct 2021 18:31:52 GMT
Server
ECS (frb/67A7)
Age
187308
Etag
"8e55b85bd8d8e443c9a80691ed34d775+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
2438
event.gif
referrer.disqus.com/juggler/ Frame 2DCF 		43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://referrer.disqus.com/juggler/event.gif?abe=0&embed_hidden=0&integration=wordpress%203.0.22&load_time=600&event=init_embed&thread=8875651269&forum=oann&forum_id=4468287&imp=65ug7plqaf8nl&thread_slug=federal_court_orders_bidens_doj_to_stop_extracting_data_from_phones_of_project_veritas_founder_james&user_type=anon&referrer=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&theme=next&dnt=0&tracking_enabled=0&experiment=network_default&variant=fallthrough&service=dynamic&promoted_enabled=true&max_enabled=false
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=oann&t_i=2578519%20https%3A%2F%2Fwww.oann.com%2F%3Fp%3D2578519&t_u=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&t_e=Federal%20court%20orders%20Biden%E2%80%99s%20DOJ%20to%20stop%20extracting%20data%20from%20phones%20of%20Project%20Veritas%20founder%20James%20O%E2%80%99Keefe&t_d=Federal%20court%20orders%20Biden%E2%80%99s%20DOJ%20to%20stop%20extracting%20data%20from%20phones%20of%20Project%20Veritas%20founder%20James%20O%E2%80%99Keefe&t_t=Federal%20court%20orders%20Biden%E2%80%99s%20DOJ%20to%20stop%20extracting%20data%20from%20phones%20of%20Project%20Veritas%20founder%20James%20O%E2%80%99Keefe&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:37:45 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Content-Type
image/gif
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
upvote-512x512.png
c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/ Frame 2DCF 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/upvote-512x512.png
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:2200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
ddc6aec4144b67f0a2a12d687f3c4b8a9faf7c445847d0e25dcb5bd1a9ba9018
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=oann&t_i=2578519%20https%3A%2F%2Fwww.oann.com%2F%3Fp%3D2578519&t_u=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&t_e=Federal%20court%20orders%20Biden%E2%80%99s%20DOJ%20to%20stop%20extracting%20data%20from%20phones%20of%20Project%20Veritas%20founder%20James%20O%E2%80%99Keefe&t_d=Federal%20court%20orders%20Biden%E2%80%99s%20DOJ%20to%20stop%20extracting%20data%20from%20phones%20of%20Project%20Veritas%20founder%20James%20O%E2%80%99Keefe&t_t=Federal%20court%20orders%20Biden%E2%80%99s%20DOJ%20to%20stop%20extracting%20data%20from%20phones%20of%20Project%20Veritas%20founder%20James%20O%E2%80%99Keefe&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:33:35 GMT
via
1.1 09211df9a08903bbbc04e39ab4e6f301.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
250
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
8170
x-xss-protection
1; mode=block
x-served-by
static-web-1
last-modified
Wed, 10 Nov 2021 23:08:20 GMT
server
nginx
etag
"618c50e4-1fea"
content-type
image/png
access-control-allow-origin
*
expires
Fri, 12 Nov 2021 03:38:11 GMT
cache-control
max-age=300, public
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
dMBa3b63v5b7QkFlmQXMB0JmbEfw5X95lPvVW5eMo1GkJrdlHeJokA==
x-cache-hits
0
funny-512x512.png
c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/ Frame 2DCF 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/funny-512x512.png
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:2200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
20a91bd509668238b6af8e16475c5e2611bcd2861d0eec2e0d4f6815e81449bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=oann&t_i=2578519%20https%3A%2F%2Fwww.oann.com%2F%3Fp%3D2578519&t_u=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&t_e=Federal%20court%20orders%20Biden%E2%80%99s%20DOJ%20to%20stop%20extracting%20data%20from%20phones%20of%20Project%20Veritas%20founder%20James%20O%E2%80%99Keefe&t_d=Federal%20court%20orders%20Biden%E2%80%99s%20DOJ%20to%20stop%20extracting%20data%20from%20phones%20of%20Project%20Veritas%20founder%20James%20O%E2%80%99Keefe&t_t=Federal%20court%20orders%20Biden%E2%80%99s%20DOJ%20to%20stop%20extracting%20data%20from%20phones%20of%20Project%20Veritas%20founder%20James%20O%E2%80%99Keefe&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:36:56 GMT
via
1.1 09211df9a08903bbbc04e39ab4e6f301.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
49
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
8883
x-xss-protection
1; mode=block
x-served-by
static-web-2
last-modified
Wed, 10 Nov 2021 23:08:20 GMT
server
nginx
etag
"618c50e4-22b3"
content-type
image/png
access-control-allow-origin
*
expires
Fri, 12 Nov 2021 03:41:56 GMT
cache-control
max-age=300, public
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
EvFBI6dUOG0Mb5Whlm6zLUKAk1dnxgX0C1040JS8VBC9qs5auJMe6Q==
x-cache-hits
0
love-512x512.png
c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/ Frame 2DCF 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/love-512x512.png
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:2200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e422b07ca1550e55cd90a518e910fd3cfb4d9337ea6092357f9761aa77ac9e33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=oann&t_i=2578519%20https%3A%2F%2Fwww.oann.com%2F%3Fp%3D2578519&t_u=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&t_e=Federal%20court%20orders%20Biden%E2%80%99s%20DOJ%20to%20stop%20extracting%20data%20from%20phones%20of%20Project%20Veritas%20founder%20James%20O%E2%80%99Keefe&t_d=Federal%20court%20orders%20Biden%E2%80%99s%20DOJ%20to%20stop%20extracting%20data%20from%20phones%20of%20Project%20Veritas%20founder%20James%20O%E2%80%99Keefe&t_t=Federal%20court%20orders%20Biden%E2%80%99s%20DOJ%20to%20stop%20extracting%20data%20from%20phones%20of%20Project%20Veritas%20founder%20James%20O%E2%80%99Keefe&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:33:35 GMT
via
1.1 09211df9a08903bbbc04e39ab4e6f301.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
250
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
11910
x-xss-protection
1; mode=block
x-served-by
static-web-2
last-modified
Wed, 10 Nov 2021 23:08:20 GMT
server
nginx
etag
"618c50e4-2e86"
content-type
image/png
access-control-allow-origin
*
expires
Fri, 12 Nov 2021 03:38:34 GMT
cache-control
max-age=300, public
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
BigAcjpjyFYKTbjk_UY2tTy39jU4SSzppOM_WgA1yyBrf_4aWyPpRg==
x-cache-hits
0
surprised-512x512.png
c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/ Frame 2DCF 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/surprised-512x512.png
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:2200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
4e14ce1bd0d4433eee84cbb16196a7a051126f07af888ef7f9d252120f32f907
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=oann&t_i=2578519%20https%3A%2F%2Fwww.oann.com%2F%3Fp%3D2578519&t_u=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&t_e=Federal%20court%20orders%20Biden%E2%80%99s%20DOJ%20to%20stop%20extracting%20data%20from%20phones%20of%20Project%20Veritas%20founder%20James%20O%E2%80%99Keefe&t_d=Federal%20court%20orders%20Biden%E2%80%99s%20DOJ%20to%20stop%20extracting%20data%20from%20phones%20of%20Project%20Veritas%20founder%20James%20O%E2%80%99Keefe&t_t=Federal%20court%20orders%20Biden%E2%80%99s%20DOJ%20to%20stop%20extracting%20data%20from%20phones%20of%20Project%20Veritas%20founder%20James%20O%E2%80%99Keefe&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:36:24 GMT
via
1.1 09211df9a08903bbbc04e39ab4e6f301.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
100
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
7308
x-xss-protection
1; mode=block
x-served-by
static-web-1
last-modified
Wed, 10 Nov 2021 23:08:20 GMT
server
nginx
etag
"618c50e4-1c8c"
content-type
image/png
access-control-allow-origin
*
expires
Fri, 12 Nov 2021 03:41:05 GMT
cache-control
max-age=300, public
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
NVBbFwTmKaIFU12UFXBW39ZBKDubpN_C2oQ407IWFvgKmoIhva1loA==
x-cache-hits
0
angry-512x512.png
c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/ Frame 2DCF 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/angry-512x512.png
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:2200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
db865c8f3642f3485829c0ee0008fe04a32cc66af70867b39f60395a7fed3984
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=oann&t_i=2578519%20https%3A%2F%2Fwww.oann.com%2F%3Fp%3D2578519&t_u=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&t_e=Federal%20court%20orders%20Biden%E2%80%99s%20DOJ%20to%20stop%20extracting%20data%20from%20phones%20of%20Project%20Veritas%20founder%20James%20O%E2%80%99Keefe&t_d=Federal%20court%20orders%20Biden%E2%80%99s%20DOJ%20to%20stop%20extracting%20data%20from%20phones%20of%20Project%20Veritas%20founder%20James%20O%E2%80%99Keefe&t_t=Federal%20court%20orders%20Biden%E2%80%99s%20DOJ%20to%20stop%20extracting%20data%20from%20phones%20of%20Project%20Veritas%20founder%20James%20O%E2%80%99Keefe&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:34:48 GMT
via
1.1 09211df9a08903bbbc04e39ab4e6f301.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
227
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
20675
x-xss-protection
1; mode=block
x-served-by
static-web-1
last-modified
Wed, 10 Nov 2021 23:08:20 GMT
server
nginx
etag
"618c50e4-50c3"
content-type
image/png
access-control-allow-origin
*
expires
Fri, 12 Nov 2021 03:38:58 GMT
cache-control
max-age=300, public
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
MF-NGzgQCAMqENj3UJ4bvZgLjImP7bTzjkxw7qW752hBMGLMk3tUMA==
x-cache-hits
0
sad-512x512.png
c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/ Frame 2DCF 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/next/current/publisher-admin/assets/img/emoji/sad-512x512.png
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:2200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
11c401a81e32b086bea3798c033009907b429fb601411da6ffc266b78184898a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=oann&t_i=2578519%20https%3A%2F%2Fwww.oann.com%2F%3Fp%3D2578519&t_u=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&t_e=Federal%20court%20orders%20Biden%E2%80%99s%20DOJ%20to%20stop%20extracting%20data%20from%20phones%20of%20Project%20Veritas%20founder%20James%20O%E2%80%99Keefe&t_d=Federal%20court%20orders%20Biden%E2%80%99s%20DOJ%20to%20stop%20extracting%20data%20from%20phones%20of%20Project%20Veritas%20founder%20James%20O%E2%80%99Keefe&t_t=Federal%20court%20orders%20Biden%E2%80%99s%20DOJ%20to%20stop%20extracting%20data%20from%20phones%20of%20Project%20Veritas%20founder%20James%20O%E2%80%99Keefe&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:06 GMT
via
1.1 09211df9a08903bbbc04e39ab4e6f301.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
107
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
8986
x-xss-protection
1; mode=block
x-served-by
static-web-2
last-modified
Wed, 10 Nov 2021 23:08:20 GMT
server
nginx
etag
"618c50e4-231a"
content-type
image/png
access-control-allow-origin
*
expires
Fri, 12 Nov 2021 03:40:58 GMT
cache-control
max-age=300, public
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
NMnRHmo2PSl4MU5w2FiLgekdtl2EH_Q5ebRN2w6PFer1BpXSmVk20A==
x-cache-hits
0
realtime.b23ff3c36dd0169627f8e54ca1621eca.css
c.disquscdn.com/next/embed/styles/ Frame D6C2 		337 B
839 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/styles/realtime.b23ff3c36dd0169627f8e54ca1621eca.css
Requested by
Host: oann.disqus.com
URL: https://oann.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:2200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 02 Nov 2021 19:05:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
808356
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
244
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Tue, 02 Nov 2021 18:16:01 GMT
server
nginx
etag
"61818061-f4"
content-type
text/css; charset=utf-8
via
1.1 09211df9a08903bbbc04e39ab4e6f301.cloudfront.net (CloudFront)
expires
Wed, 02 Nov 2022 19:05:09 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
DUS51-P1
timing-allow-origin
*
x-amz-cf-id
VTRwLqiBOYIZ_U6gtZhyorreI7am8Z2stgbOGpE_X6U_M97NPF0Zbw==
x-cache-hits
0
realtime.b23ff3c36dd0169627f8e54ca1621eca.css
c.disquscdn.com/next/embed/styles/ Frame DF4A 		337 B
839 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/styles/realtime.b23ff3c36dd0169627f8e54ca1621eca.css
Requested by
Host: oann.disqus.com
URL: https://oann.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:2200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 02 Nov 2021 19:05:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
808356
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
244
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Tue, 02 Nov 2021 18:16:01 GMT
server
nginx
etag
"61818061-f4"
content-type
text/css; charset=utf-8
via
1.1 09211df9a08903bbbc04e39ab4e6f301.cloudfront.net (CloudFront)
expires
Wed, 02 Nov 2022 19:05:09 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
DUS51-P1
timing-allow-origin
*
x-amz-cf-id
sf7rtXlcj3ryTJmyNlQ3VWmE_EXsg15EWUSXUHHlRaYN5hsy6-ywSA==
x-cache-hits
0
svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame 2DCF 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.45ce3ab7627dd20241bfd7e5b01d3737.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:2200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c.disquscdn.com/next/embed/styles/lounge.45ce3ab7627dd20241bfd7e5b01d3737.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 14:37:41 GMT
via
1.1 09211df9a08903bbbc04e39ab4e6f301.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
17067604
x-cache
Hit from cloudfront
content-length
13079
x-xss-protection
1; mode=block
x-served-by
static-web-1
surrogate-key
next
last-modified
Tue, 27 Apr 2021 21:01:56 GMT
server
nginx
etag
"60887bc4-3317"
content-type
image/svg+xml; charset=utf-8
access-control-allow-origin
*
expires
Thu, 28 Apr 2022 14:37:41 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
n4URhkzwZLXzUM72OJtjNC4rl8MmeVlE2M-5A0EunYoNAoULuqYrJQ==
x-cache-hits
0
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=LB9jC3xFVXFzd2MxVjNMaTZTWkh6b1BiRnBISS91cGZyTU9MZVQ1N1VIVDFtZDVicTRZeHY1SEYxNllaZXdua1d1dktuQkVtQUFucGdZbFIzYTJtOUZ1UU9LSDN4UXlCQ2xpQVZWaDl2by9nK0VCSDBaYUFyaDBPOFpveHpTeGVZVTVzeHdLTVF2bU1YajBUVUI5RkQ1OVpITm5OUFFsbktCcjZ1ZFF5ZW9IMDh2YTBNYmlvUExoWlNYZTB5ZWdOTWcwbjQzVysxOXhpSUVsL1hDbm5IZ3JIc3htUVhjUzFiTzNmVGhSU2R6a0NQZlJjPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
912
date
Fri, 12 Nov 2021 03:37:44 GMT
content-encoding
gzip
vary
Accept-Encoding
pub5644548548544
s.adx.opera.com/ortb/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://s.adx.opera.com/ortb/v2/pub5644548548544?ep=ep5644764124224
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS
n-sysadmin-jumpbox-03.feednews.opera.technology
Software
Tengine /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-openrtb-version
Origin
https://www.oann.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
Tengine
date
Fri, 12 Nov 2021 03:37:45 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin,Content-Length,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST
access-control-allow-origin
https://www.oann.com
access-control-max-age
604800
content-encoding
gzip
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
pixfuture
pixfuture.technoratimedia.com/openrtb/bids/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pixfuture.technoratimedia.com/openrtb/bids/pixfuture?src=prebid_prebid_5.9.0-pre
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
132.226.41.106 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.oann.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Fri, 12 Nov 2021 03:37:45 GMT
access-control-allow-headers
content-type
access-control-allow-origin
https://www.oann.com
access-control-allow-credentials
true
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
19831771
age
0
via
1.1 varnish
cookie_sync
prebidserver.pixfuture.com/ Frame 3239 		373 B
739 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebidserver.pixfuture.com/cookie_sync
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.245.94.128 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
7b3e6aa198b3a8e48f7496e05c31718b21c7e31896b80d2a33b508623fa8ecda

Request headers

Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:45 GMT
Server
nginx/1.14.0 (Ubuntu)
Vary
Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.oann.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
373
Expires
0
auction
prebidserver.pixfuture.com/openrtb2/ Frame 3239 		159 B
510 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebidserver.pixfuture.com/openrtb2/auction
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.245.94.128 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dea787fa2e8aa2e14e3e7b4a165efcac57c45bd84ed28ae8dba9aecd36f69bc7

Request headers

Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:45 GMT
Server
nginx/1.14.0 (Ubuntu)
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.oann.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
159
Expires
0
arj
pixfuture2-d.openx.net/w/1.0/ Frame 3239 		172 B
494 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixfuture2-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=a6e547c8-ee3b-407b-9fb3-ff1594b334ab&nocache=1636688264822&pubcid=aad7b0e3-a10e-4df7-ad25-b4d27f46934b&schain=1.0%2C1!pixfuture.com%2C4195%2C1%2C%2C%2C&aus=300x250&divids=25449x300x250x4195x_ADSLOT3&aucs=&auid=540580840&tps=bXlrZXl3b3JkPSZteW90aGVya2V5d29yZD0%3D
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
262e6b45416f835d1aec802b8067d0aed802755980a4ca681b4797d7546da2af

Request headers

Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:45 GMT
content-encoding
gzip
server
OXGW/16.218.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.oann.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
pub5644548548544
s.adx.opera.com/ortb/v2/ Frame 3239 		483 B
627 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.adx.opera.com/ortb/v2/pub5644548548544?ep=ep5644764124224
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS
n-sysadmin-jumpbox-03.feednews.opera.technology
Software
Tengine /
Resource Hash
8b3922fd96f223ef4f5d679419e6091c578c064cb55ab411455bf9d408f4c15c

Request headers

Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
x-openrtb-version
2.5
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 12 Nov 2021 03:37:45 GMT
content-encoding
gzip
x-openrtb-version
2.5
server
Tengine
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.oann.com
access-control-allow-credentials
true
content-length
347
trinity.json
apex.go.sonobi.com/ Frame 3239 		94 B
730 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22889c49600c2ed3%22%3A%22833199e4bd4003904bc3%7C300x250%7Cf%3D0.3%22%7D&ref=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&s=0d7888b8-3235-4d4f-83a5-5e75010d5430&pv=ca3a70f9-a81a-4715-8282-df050c5eff5a&vp=mobile&lib_name=prebid&lib_v=5.9.0-pre&us=0&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22pixfuture.com%22%2C%22sid%22%3A%224195%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
ba39154bd7149e8299feada594c3dd79d015f723666eab8914be71527d698ec6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:45 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-132
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.oann.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
119
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
hb
ssc.33across.com/api/v1/ Frame 3239 		65 B
295 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=azC7qard4r6OkMaKlId8sQ
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
38e1bf8b6674d1c70125bd849347eb61009d66b5d347151e5f34ec9f5bd0f59a

Request headers

Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 12 Nov 2021 03:37:45 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.oann.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
pixfuture
pixfuture.technoratimedia.com/openrtb/bids/ Frame 3239 		0
290 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixfuture.technoratimedia.com/openrtb/bids/pixfuture?src=prebid_prebid_5.9.0-pre
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
132.226.41.106 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 12 Nov 2021 03:37:45 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
8270406
access-control-allow-origin
https://www.oann.com
access-control-allow-credentials
true
/
hb.emxdgt.com/ Frame 3239 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=3000&ts=1636688264827&src=pbjs
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.25.241 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-25-241.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.oann.com
date
Fri, 12 Nov 2021 03:37:45 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 3239 		241 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23564&site_id=377492&zone_id=2082582&size_id=15&p_pos=atf&rp_schain=1.0,1!pixfuture.com,4195,1,,,&rf=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&tk_flint=pbjs_lite_v5.9.0-pre&x_source.tid=a6e547c8-ee3b-407b-9fb3-ff1594b334ab&p_screen_res=1600x1200&rp_floor=0.1&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7666849604952477
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
e0b9d0cc1376193e1d78446be128eb5144880d5b261915637ac790c876f23f2b

Request headers

Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:45 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.oann.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
prg.smartadserver.com/prebid/ Frame 3239 		171 B
563 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:44 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
6%3b14%3b72
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.oann.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
v1
prg.smartadserver.com/prebid/ Frame 3239 		171 B
564 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:45 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
6%3b29%3b116
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.oann.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
bid
ap.lijit.com/rtb/ Frame 3239 		94 B
743 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_5.9.0-pre
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
1b91dc3d5f6d07d1933b317d9438a9986c835f6a1e7b08353431985339a14b50

Request headers

Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 12 Nov 2021 03:37:45 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.oann.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
prebid
prebid.media.net/rtb/ Frame 3239 		1 KB
807 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUIUMTP7
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
0835e007437d5ddb873d5d886cebf2889e941fcd6f35448ea7eb8d1135226320

Request headers

Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:45 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.oann.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
translator
hbopenbid.pubmatic.com/ Frame 3239 		0
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.oann.com
date
Fri, 12 Nov 2021 03:37:44 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
/
ghb.adtelligent.com/v2/auction/ Frame 3239 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.173.210 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
55cef1e7c3d6b5e16e101f3e5d948830aba8dff4a055eacbf02049b94dd8123b

Request headers

Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 12 Nov 2021 03:37:44 GMT
Content-Encoding
gzip
Server
VertaMedia 1.0
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.oann.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Length
1129
prebid
ib.adnxs.com/ut/v3/ Frame 3239 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
f1135dafbb1912c95202ea1cd2394738b62dfbbb4d8ca24697c143e6008b05ce
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:45 GMT
X-Proxy-Origin
91.199.118.74; 91.199.118.74; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
9065c9a0-e0ce-4d8a-bc63-ff5adae93366
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.oann.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
mvo
tag.1rx.io/rmp/236374/0/ Frame 3239 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/236374/0/mvo?z=1r&hbv=5.9.0-pre,2.1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.oann.com
pragma
no-cache
date
Fri, 12 Nov 2021 03:37:45 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
event.gif
referrer.disqus.com/juggler/ 		43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://referrer.disqus.com/juggler/event.gif?imp=65ug7plqaf8nl&experiment=network_default&variant=fallthrough&service=dynamic&area=bottom&product=embed&forum=oann&zone=thread&version=54ad8400991b5238623186955f09564c&page_url=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&page_referrer=&object_type=advertisement&provider=taboola&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&object_id=%5B184193%5D&section=default&verb=load&advertisement_id=184193&forum_id=4468287
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:37:45 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Content-Type
image/gif
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
view
securepubads.g.doubleclick.net/pcs/ Frame 3239 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstUNlTOmaj6isqjfhbXPaTJZhcMSldKcR3JE6qWdVgRB7nrt0FcNKUQy-gHXEF5y3Pn3DUjeDFzKFsZlDPF5PMFVCazxvsZx4u86uugSl9AdAJBxqRERCVSuqpcJt4IhcmFDYelfekDBuX_oSW8ryAgHK-8X2yttOdyczkOe9xcOwqDrxNA43vhqHq6Vrz3Psj8_LUkgzhQSZjABtbZ0ZtZET0qESVEa0Vo8srGxiaUQCtPLq9qOduHAyDGYJx9PixGMw3KPzcRuHvG7WuuX7pJZ7cfFvA0PnOC6f206PUosXJwOZZWgCQHpD2X6A4ImA&sai=AMfl-YS9EOcJ8ZUIYOI9ZTOlKIAPthp6dTI6fOdBlhQiPHBo78szP76PxLDcwg1lMea3fPQyFJaXJ8hQlrKYFmUD0P3aewktTMikLsZOYWNAtX04CBn7PBA1LTRoTSmonsI&sig=Cg0ArKJSzGVWOfIa7cpMEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Nov 2021 03:37:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 12 Nov 2021 03:37:45 GMT
st
imprammp.taboola.com/ Frame 1B0D 		0
67 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=DC5A89F54276567556757653211&cicmp=1337627&cijs=1&dast=V79s0CFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHHMRhLYjLGWs02c1Ws91qtVrMhovJarmbDJcwMYvFYjRcrUZjzWKxGE1mq-EUDLbwOd3dbQgMRNPp8Lnu9brf76532O12jd_tl7lMLsvD7Nb4XZfTW285uSyft8Rpctk9b5Hf6hb93ZrT3_BWGU-Xh8f0tPvcIofp4ZZZ_m634Oi3uzxvvc0tuPytLo_pLXtZnqaH5y3zu-4ml-Utdbhdnrfe63LZXH45AAAAADwAELVEQ-z4NrRHAAAAAEjwjFwrUARU_FsIXAAAAABgABCIhWsAQHEovMVl-ZxOfsvNHwAADwogAAACGCEABUYWIgAAAAAjAAAAACQAAomFJQAOd4smAAABfRI4_j4nAAAAB3UyT9ss_____zEAee9NMgAUaRs3Bj0ADz4AD0IAAAAfQ3_dTHyzPbXVRAWWRYwAAAAAto7tlI4mdUJlUfX___9vBXAFABDQJ4Hjj5Z1c1LMGgYAABAwtkAPi99vdtg1frfL_v_________N_s8A0IR6uFLSgkii2NV4Rq4V1n4BAQDY3g0A4E0ALuYA7AAAAADu_v____MAAACa9ijZXqvx7FHW-wy28Dnd3fWbsMVoNZlslsPZcjEZDEfD0Wh_Arka4EQMlsvJZDHZrUar0Wa4G80GCxSIwQQpWjSYrEajyWIyXI0mq9lysdttkKJVq9loMxiuZpPZbrcaDobL0QgnbDFaTSab5XC2XEwGw9FwNBriQdW5dD6vzseGXMwVy-VcsRjOdaNVAgAAAAAAAABYwpR5EwAAAIDTIGazyW634sabPRPEWq2WNQAAAAC3buQA!&excid=22&tst=1&docw=0&cs=false
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/

Response headers

server
nginx
accept-ranges
bytes
date
Fri, 12 Nov 2021 03:37:45 GMT
via
1.1 varnish
x-served-by
cache-fra19166-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1636688265.334142,VS0,VE9
content-length
0
cmTagCUSTOM.js
vidstat.taboola.com/vpaid/units/30_3_6003/infra/ 		604 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/30_3_6003/infra/cmTagCUSTOM.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/27_2_17/creatives/creative_js.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
90b62f0ed726b758ae26bc50483ca39c9a5dd7f4e49d7114da4cf1c793ba3517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:45 GMT
via
1.1 varnish
age
911212
x-amz-meta-mtime
1635768622
x-cache
HIT
x-amz-meta-ctime
1635768623
x-amz-meta-mode
33188
content-encoding
br
content-length
114667
x-amz-id-2
lOGXhs+U0MnH4IFMcCifm7OeFQ3QDbTRHc54GBR0m1bmG6GoAuYPmIMiPKMZpwi8Qa0fU9/Nl+U=
x-served-by
cache-fra19166-FRA
accept-ranges
bytes
last-modified
Mon, 01 Nov 2021 12:10:24 GMT
server
AmazonS3-br
x-timer
S1636688265.334074,VS0,VE0
etag
"8f1ffd938f13d8e24f2ee515678c152d"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
73M7KNQBPS5XHSTV
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-headers
*
x-cache-hits
213127
cmOsUnit.css
vidstat.taboola.com/vpaid/units/30_3_6003/assets/css/ 		61 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/30_3_6003/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/27_2_17/creatives/creative_js.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
33f61e1b1da141e3e09aea8f1ec365a3e82eaf521c651746acbbae4d0f273ec7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:45 GMT
via
1.1 varnish
age
911212
x-amz-meta-mtime
1635768632
x-cache
HIT
x-amz-meta-ctime
1635768633
x-amz-meta-mode
33188
content-encoding
br
content-length
8006
x-amz-id-2
mavL/em732LREBUNukF00FMvB2jA9vF837GDIy4obKTFrOBgKsApWDphwuFUI5vq9TD2FKzqQ3A=
x-served-by
cache-fra19166-FRA
accept-ranges
bytes
last-modified
Mon, 01 Nov 2021 12:10:34 GMT
server
AmazonS3-br
x-timer
S1636688265.334301,VS0,VE0
etag
"a329807a26d839d25128be31967136af"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
73M74BH8D7JPMF5X
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
text/css
access-control-allow-headers
*
x-cache-hits
203748
st
imprammp.taboola.com/ Frame 166B 		0
52 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=058D7DAB577273184651956307&cicmp=1337627&cijs=1&dast=V7Se8CFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHGrAajngjBoW12012m8VwM1mMVsvVYDFawsQsFovRcLUajTWLxWI0ma2GUzDYwud0d7chMBBNp8Pnutfrfr-73mG32zV-t1_mMrksD7Nb43ddTm-95eSyfN4Sp8ll97xFfqtb9HdrTn_DW2U8XR4e09Puc4scpodbZvm73YKj3-7yvPU2t-Dyt7o8prfsZXmaHp63zO-6m1yWt9Thdnneeq_LZXP55QAAAADwAEDUEg2x49vQHgEAAAAgwTNyrUARUPFvIXABAAAAgAFAIBauAQDFofAWl-VzOvktN38AADwogAAACGCEABQYWYgAAAAAjAAAAACQAAgkFpYAONwtmgAABPRJ4Pj7nAAAABzUyTxts_z____HAOS9N8kAUKRt3Bj0ADz4ADwIAQAAfAylSa2VFIcTZREVKBYxAgAAANg6tlM6mtQJlUXV____vxXAFQBAQJ8Ejr9Z1s1JMWsYAABAwNgCPSx-v9lh1_jdLvv_________N_s_A0AT6uFKSQsiiWJX4xm5Vlj7BQQAYHs3AIA3AbiYA7ADAAAAuPv____PAwAAaNqjZHutxrNHWe8z2MLndHfXb8IWo9VkslkOZ8vFZDAcDUej_QnkaoATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiAdV59L5vDofG3IxVyyXc8ViONeNVgkAAAAAAAAAYAlT5k0AAAAAToOYzSa73Yobb_ZMEGu1WtYAAAAA3LqRAw!&excid=22&tst=1&docw=0&cs=false
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/

Response headers

server
nginx
accept-ranges
bytes
date
Fri, 12 Nov 2021 03:37:45 GMT
via
1.1 varnish
x-served-by
cache-fra19166-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1636688265.336320,VS0,VE9
content-length
0
Tweet.html
platform.twitter.com/embed/ Frame C1E4 		487 B
972 B 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1458904181540995079&lang=en&origin=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&sessionId=6cdd71d210df1c09d32d5179b0a61410ce4fe9c9&theme=light&widgetsVersion=f001879%3A1634581029404&width=550px
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.25 Playa Vista, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6724) /
Resource Hash
f29d04ee0f5958ea024817ae15ffbd3e6f15dfd6c741c1927a6d8c7b3fbd3e38

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
1238
Cache-Control
public, max-age=1800
Content-Type
text/html; charset=utf-8
Date
Fri, 12 Nov 2021 03:37:45 GMT
Etag
"0d775af1199c0cba0c3ebd7b7695a614"
Last-Modified
Tue, 09 Nov 2021 23:26:51 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6724)
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
487
details
disqus.com/api/3.0/forums/ Frame 8070 		3 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://disqus.com/api/3.0/forums/details?forum=oann&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.6c6defcc206edabe5048d82459ee0a0e.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.128.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
39c4e9e3a5714108a69e934ef49c8530fdc630018fb4eb109a45ea8b6f8dae8e
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://disqus.com/recommendations/?base=default&f=oann&t_i=2578519%20https%3A%2F%2Fwww.oann.com%2F%3Fp%3D2578519&t_u=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&t_e=Federal%20court%20orders%20Biden%E2%80%99s%20DOJ%20to%20stop%20extracting%20data%20from%20phones%20of%20Project%20Veritas%20founder%20James%20O%E2%80%99Keefe&t_d=Federal%20court%20orders%20Biden%E2%80%99s%20DOJ%20to%20stop%20extracting%20data%20from%20phones%20of%20Project%20Veritas%20founder%20James%20O%E2%80%99Keefe&t_t=Federal%20court%20orders%20Biden%E2%80%99s%20DOJ%20to%20stop%20extracting%20data%20from%20phones%20of%20Project%20Veritas%20founder%20James%20O%E2%80%99Keefe
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:37:45 GMT
X-Content-Type-Options
nosniff
Server
nginx
Age
1
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Type
application/json
Vary
Origin, Cookie
Content-Length
3191
X-XSS-Protection
1; mode=block
PMS.js
vidstat.taboola.com/PMS/2.2.1/ 		51 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/PMS/2.2.1/PMS.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_3_6003/infra/cmTagCUSTOM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a9e402d2d19f1057cdea09b2152d8cfd35664182564595e19bb83916c1f00201

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:45 GMT
via
1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront), 1.1 varnish
age
733680
x-amz-meta-mtime
1542789750
x-cache
Hit from cloudfront, HIT
x-amz-meta-mode
33188
content-encoding
gzip
content-length
15795
x-served-by
cache-fra19166-FRA
last-modified
Wed, 21 Nov 2018 08:42:31 GMT
server
AmazonS3
x-timer
S1636688265.455431,VS0,VE0
etag
"57a7ebef371550a9ab54a2f0f82547af"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-type
application/javascript
access-control-allow-headers
*
x-amz-cf-id
hYmlhwUcMuy_jY0bhHen0eQYADyDybzLMR7x7dl3LWMvtY6DtLOx0A==
x-cache-hits
122346
embed.runtime.5b28e1eb2ce7e3cfb96b.js
platform.twitter.com/embed/ Frame C1E4 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.runtime.5b28e1eb2ce7e3cfb96b.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1458904181540995079&lang=en&origin=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&sessionId=6cdd71d210df1c09d32d5179b0a61410ce4fe9c9&theme=light&widgetsVersion=f001879%3A1634581029404&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.25 Playa Vista, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/669E) /
Resource Hash
1e19cd0114d128362c000a6cc35cd95bc20b8bfd78a637f3cc90a66b86319eca

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1458904181540995079&lang=en&origin=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&sessionId=6cdd71d210df1c09d32d5179b0a61410ce4fe9c9&theme=light&widgetsVersion=f001879%3A1634581029404&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:37:45 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Nov 2021 23:26:51 GMT
Server
ECS (frb/669E)
Age
187307
Etag
"476ababff9c8feb955f7f5de12354111+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
3522
embed.modules.66e311263622456867b1.js
platform.twitter.com/embed/ Frame C1E4 		519 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.modules.66e311263622456867b1.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1458904181540995079&lang=en&origin=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&sessionId=6cdd71d210df1c09d32d5179b0a61410ce4fe9c9&theme=light&widgetsVersion=f001879%3A1634581029404&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.25 Playa Vista, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67E0) /
Resource Hash
8e60f604f0ca5f472149b3e3a02c184ae1082ad59b54ce7eb26c1b6ff51ccfc4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1458904181540995079&lang=en&origin=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&sessionId=6cdd71d210df1c09d32d5179b0a61410ce4fe9c9&theme=light&widgetsVersion=f001879%3A1634581029404&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:37:45 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Nov 2021 23:26:51 GMT
Server
ECS (frb/67E0)
Age
187307
Etag
"d2a7d4d81994376470f2560f453ad37b+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
166772
embed.i18n.c052951fae9a0c2b4020.js
platform.twitter.com/embed/ Frame C1E4 		146 B
651 B 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.i18n.c052951fae9a0c2b4020.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1458904181540995079&lang=en&origin=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&sessionId=6cdd71d210df1c09d32d5179b0a61410ce4fe9c9&theme=light&widgetsVersion=f001879%3A1634581029404&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.25 Playa Vista, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6738) /
Resource Hash
9863c7532e26b3e9a2e1ac1d7ee7d96bc03db512a2af9174aa5c1d07046376cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1458904181540995079&lang=en&origin=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&sessionId=6cdd71d210df1c09d32d5179b0a61410ce4fe9c9&theme=light&widgetsVersion=f001879%3A1634581029404&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:37:45 GMT
Access-Control-Allow-Methods
GET
Last-Modified
Tue, 09 Nov 2021 23:26:51 GMT
Server
ECS (frb/6738)
Age
187308
Etag
"ae3db27722181e85d0a069a920b4ed89"
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
Content-Length
146
embed.Tweet.49c57014066d30bb9bc6.js
platform.twitter.com/embed/ Frame C1E4 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.Tweet.49c57014066d30bb9bc6.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1458904181540995079&lang=en&origin=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&sessionId=6cdd71d210df1c09d32d5179b0a61410ce4fe9c9&theme=light&widgetsVersion=f001879%3A1634581029404&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.25 Playa Vista, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668D) /
Resource Hash
fb603fb9eb626a56cef3f9d4f148dc6b6501d7408b5a35f475459e9099234be9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1458904181540995079&lang=en&origin=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&sessionId=6cdd71d210df1c09d32d5179b0a61410ce4fe9c9&theme=light&widgetsVersion=f001879%3A1634581029404&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:37:45 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Nov 2021 23:26:51 GMT
Server
ECS (frb/668D)
Age
187308
Etag
"86e18509fea9178472462b9eb6b8ff68+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
5739
css2
fonts.googleapis.com/ Frame 8070 		8 KB
835 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Nunito:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2203ba5dbc62526475f18514711d21ee4dd08d411feb7fcdfc2f20184c8ff2e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 12 Nov 2021 03:37:45 GMT
server
ESF
date
Fri, 12 Nov 2021 03:37:45 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 12 Nov 2021 03:37:45 GMT
listRecommendations.json
disqus.com/api/3.0/discovery/ Frame 8070 		7 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://disqus.com/api/3.0/discovery/listRecommendations.json?forum=oann&thread=ident%3A2578519+https%3A%2F%2Fwww.oann.com%2F%3Fp%3D2578519&limit=8&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.6c6defcc206edabe5048d82459ee0a0e.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.128.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
07da2935c92c8a4a6a27193384d954a4438c92581d2ca37f12cc05201dba955c
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://disqus.com/recommendations/?base=default&f=oann&t_i=2578519%20https%3A%2F%2Fwww.oann.com%2F%3Fp%3D2578519&t_u=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&t_e=Federal%20court%20orders%20Biden%E2%80%99s%20DOJ%20to%20stop%20extracting%20data%20from%20phones%20of%20Project%20Veritas%20founder%20James%20O%E2%80%99Keefe&t_d=Federal%20court%20orders%20Biden%E2%80%99s%20DOJ%20to%20stop%20extracting%20data%20from%20phones%20of%20Project%20Veritas%20founder%20James%20O%E2%80%99Keefe&t_t=Federal%20court%20orders%20Biden%E2%80%99s%20DOJ%20to%20stop%20extracting%20data%20from%20phones%20of%20Project%20Veritas%20founder%20James%20O%E2%80%99Keefe
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:37:45 GMT
X-Content-Type-Options
nosniff
Server
nginx
Age
1248
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Cache-Control
stale-while-revalidate=450, public, max-age=1800
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Type
application/json
Vary
Origin
Content-Length
6669
X-XSS-Protection
1; mode=block
video-autoplay-detector.js
vidstat.taboola.com/video-autoplay-detector/1.0.0/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/video-autoplay-detector/1.0.0/video-autoplay-detector.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_3_6003/infra/cmTagCUSTOM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5b497b3dea8511b361da644850f9a576c982e26ce7b18754c5c82f50f4049024

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:45 GMT
via
1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront), 1.1 varnish
age
1576114
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
2210
x-served-by
cache-fra19166-FRA
last-modified
Mon, 10 Jun 2019 11:55:53 GMT
server
AmazonS3
x-timer
S1636688266.556274,VS0,VE0
etag
"2fac39530c1c168282a35d1ab56450ed"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA60-P1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
5puIF1VtGsg5AgLD-YhuubmNu7Q6UPt-NFh936bEWE39Q7_EvHV1Mw==
x-cache-hits
1296578
5e43de85e66e491de5f9be50927ee166.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		0
0
5e43de85e66e491de5f9be50927ee166.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 132F 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5e43de85e66e491de5f9be50927ee166.png
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_3_6003/infra/cmTagCUSTOM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
432a267b5e20a714faba62a8bb5d8dc1418720c3bb3f30cbcc4de99e4da3d30c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 12 Nov 2021 03:37:45 GMT
via
1.1 varnish, 1.1 varnish
age
646165
edge-cache-tag
455891600362132420660955424826514940961,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
850
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5e43de85e66e491de5f9be50927ee166.png
content-length
20840
x-request-id
91ab94d2d50f24c339759f901852f075
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Thu, 04 Nov 2021 14:10:17 GMT
server
nginx
x-timer
S1636688266.594054,VS0,VE0
etag
"7c875edd65cd4c12885189d0adcd894e"
x-served-by
cache-wdc5566-WDC, cache-dca17766-DCA, cache-fra19166-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 3
34ae3d8438b9f0684092dd84dd25fdb9.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		0
0
34ae3d8438b9f0684092dd84dd25fdb9.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 132F 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/34ae3d8438b9f0684092dd84dd25fdb9.jpeg
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_3_6003/infra/cmTagCUSTOM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
926920b5793853b247a3f9af35fb90b852a2d96b13998d9f548e61e320f891fd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 12 Nov 2021 03:37:45 GMT
via
1.1 varnish, 1.1 varnish
age
3169251
edge-cache-tag
501898018763052567145069362010418137997,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
x-envoy-upstream-service-time
98
expiration
expiry-date="Sun, 24 Oct 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/34ae3d8438b9f0684092dd84dd25fdb9.jpeg
content-length
30188
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified
Thu, 23 Sep 2021 07:38:03 GMT
server
nginx
x-timer
S1636688266.605940,VS0,VE0
etag
"61abc1a7e9d1bb6497bfbc0a26f8b9e5"
x-served-by
cache-wdc5573-WDC, cache-dca12929-DCA, cache-fra19166-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 4
setuid
prebidserver.pixfuture.com/ Frame 3239
Redirect Chain
  • https://pixfuture-inv-nyc.admixer.net/adxcm.aspx?gdpr=&gdpr_consent=&us_privacy=&redir=1&rurl=https%3A%2F%2Fprebidserver.pixfuture.com%3A8000%2Fsetuid%3Fbidder%3Dadmixeropenrtb%26gdpr%3D%26gdpr_con...
  • https://prebidserver.pixfuture.com:8000/setuid?bidder=admixeropenrtb&gdpr=&gdpr_consent=&f=i&uid=1febdac1a0e64b97a0fb4a1976418a77
86 B
635 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebidserver.pixfuture.com:8000/setuid?bidder=admixeropenrtb&gdpr=&gdpr_consent=&f=i&uid=1febdac1a0e64b97a0fb4a1976418a77
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
HTTP/1.1
Server
157.245.94.128 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:46 GMT
Server
nginx/1.14.0 (Ubuntu)
Vary
Origin
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
86
Expires
0

Redirect headers

Date
Fri, 12 Nov 2021 03:37:45 GMT
Server
nginx
Access-Control-Allow-Origin
*
P3p
CP="NID DSP ALL COR"
Location
https://prebidserver.pixfuture.com:8000/setuid?bidder=admixeropenrtb&gdpr=&gdpr_consent=&f=i&uid=1febdac1a0e64b97a0fb4a1976418a77
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
0
X-Xss-Protection
0
k7p8nwyhzogckukm3nio.mp4
c3.taboola.com/libtrc/static/video/v1636034985/ Frame 132F 		1 MB
1 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://c3.taboola.com/libtrc/static/video/v1636034985/k7p8nwyhzogckukm3nio.mp4
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
270b0bec4335dc02366aee6ded737cd4f6700b5b2a313f392deacdfcf9de55c2

Request headers

Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
2kwQ0lYk85pcJgRgbeeCGSrNxxkPTM6R
via
1.1 varnish
etag
"816e49e9fd874d3ef470750f44e875c5"
age
87
x-cache
HIT
Content-Range
bytes 0-1444502/1444503
x-amz-replication-status
COMPLETED
Content-Length
1444503
x-amz-id-2
cIcS7J0XhciEuIcpdqb2ElmvskmqF8hPhf6vtbEDtXawrQRXGyPbKzl1xjRwS/la08MiPPmnlN0=
x-served-by
cache-fra19166-FRA
last-modified
Thu, 04 Nov 2021 14:09:58 GMT
server
AmazonS3
x-timer
S1636688266.655358,VS0,VE0
date
Fri, 12 Nov 2021 03:37:45 GMT
x-amz-request-id
12EAYM9MCRYKWJ8X
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
video/mp4;codecs=avc1
abp
92
x-cache-hits
0
st
imprammp.taboola.com/ Frame 9459 		1 KB
671 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8061395&crid=4711345&dast=V7uckCFgNjSzY4k9p6fwRjSzY4k9p6fwUAAAAGBuIHG7AajngjBoW12012m8VuMhmslrPBYLDaDWEDVsMRb8SgsHa7yW6z2C0Wk9lmNhnNdsspBCLuReR3O5x2i3QgEZpOh891r9f9fne9w263a_xui1ggURkPL8vT7bKbLtKBRO4y_f6Wr7_ksjlcZ9NFLJAI_p6n6em3W6QDicRvOv3dFrFAojn6Lae7w-2ySAcSvcNut4gFEtnD8nTYTRfpQCJzmM2mo-Xv-hkt6jcEBqLpdPhc93rd73fXO-x2u8bv9stcJpflYXZr_K7L6a23nFyWz1viNLnsnrfIb3WL_m7N6W94q4yny8Njetp9bpHD9HDLLH-3W3D0212et97mFlz-VpfH9Ja9LE_Tw_OW-V13k8vyljrcLs9b73W5bC6_HAAAAAAeAI7GYyF-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAAKUqM0AKA4FN7isnxOJ7_l5g8AgAcFEAAAAQwSgAG3phIACbKwEwAAAAAAAAAAlv____8YgL2AaRmAC8CxHoAHH4AHogLFIkYAAAAAW8d2SkeTOqGyqAIAIEi3ArgCAAjok8DxLwoDAAAIEJO9n91VZX-IGVugh8XvNzvsGr_bZQAAAAAAAAAAZv9n_2hCPVwpaUEkUexqv4AAAGu_gAAAbOoGAPAmABdygYFoOh0-171e9_vd9Q673a7xu_0yl8lleZjdGr_rcnrrLSeX5fOWOE0uu-ct8lvdor9bc_ob3irj6fLwmJ52n1vkMD3cMsvf7RYc_XaX5623uQWXv9XlMb1lL8vT9PC8ZX7X3eSyvKUOt8vz1ntdLpvLLzqCVgwGq1OI3XC22I0Wu8HsAAAAAO7-____8WTvZ3dV2R9i9EDGMlrZRiubcTAZGWYrk8kxW84mo9Vw49jNLKaV9zhlZisx0BMR-gIR9yLyux1Ou0U6kAhNp8Pnutfrfr-73mG32zV-t0UskKiMh5fl6XbZTRfpQCJ3mX5_y9dfctkcrrPpIhZIBH_P0_T02y3SgUTiN53-botYINEc_ZbT3eF2WaQDid5ht1vEAonsYXk67KaLdCCROcxm09Hyd_2MFvX9JmwxWk0mm-VwtlxMBsPRcDTan0CuBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBihYNJqvRaLKYDFejyWq2XOx2G6Ro1Wo22gyGq9lkttuthoPhcjTCCVuMVpPJZjmcLReTwXA0HI2GCBOW4WiwWK3cCsNm5hZNHB63cLjZrSWL3WiyGCxXDo9xLXp9TMfhbrYbDLcoGPC3F8FFOhE5PY_X5617mnwu01vvsNstYonmZJFOZJd9xzJa2UYrm3EwGRlmK5PJMVvOJqPVcOPYzSymlb9hGY4Gi9XKrTBsZm7RxOFxC4eb3Vqy2I0mi8Fy5fAY16LXx3Qc7ma7wXDfmG1ms-FwMhvtG7PNbDYcTmajfYfJ9Ex9zkbTX2PwmLzRaDWklJkPCpfB4v1JTItpd3bw_H5Hp8oZeRZ0RuHle_QaFJ6DRzUdn_0617j6tVZU3oNBEUsEp4t0InoZTxexRPK0SCfKmc23nFgcC4trMZzZbM7ZyLMxOVwb22DmMDlcE7FEabpIJ3qZy-SyPMxujd91Ob31lpPL8nlLnCaX3fMW-a1u0d-tOf0Nb5XxdHl4TE-7zy1ymB5umeXvdguOfrvL89bb3ILL3-rymN6yl-VpenjeMr_rbnJZ3lKH2-V5670ul81lUf-xIRdzxXI5VyyGc91olQAAAAAAAAAAljBn3gQAAADgNJDJaDhaLRcAAmdRFxgEAAAAAABg9x5silJb5uuiuPFjCXJ6Hq_PW_c0-Vymt95ht1sZ4MFpkXmzZ4JYq9WyBgAAEMAGAAAIyM6tm7eAMEsO!&cmcv=&pix=undefined&cb=1636688265231&uv=3065&tms=1636688265231&abt=adh5c-1_vA!adh5c_vA!t45!ufm&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=058D7DAB5772731722059600057&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.5.2/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a7e10dbfb0283c0817331b260e5d431bf49b969e3ff862292752c747bdf39e1d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/

Response headers

server
nginx
content-type
text/html;charset=ISO-8859-1
content-encoding
gzip
accept-ranges
bytes
date
Fri, 12 Nov 2021 03:37:45 GMT
via
1.1 varnish
x-served-by
cache-fra19166-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1636688266.638109,VS0,VE14
vary
Accept-Encoding
sync
am-match.taboola.com/ Frame 9031 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V7uckCFgNjSzY4k9p6fwRjSzY4k9p6fwUAAAAGBuIHG7AajngjBoW12012m8VuMhmslrPBYLDaDWEDVsMRb8SgsHa7yW6z2C0Wk9lmNhnNdsspBCLuReR3O5x2i3QgEZpOh891r9f9fne9w263a_xui1ggURkPL8vT7bKbLtKBRO4y_f6Wr7_ksjlcZ9NFLJAI_p6n6em3W6QDicRvOv3dFrFAojn6Lae7w-2ySAcSvcNut4gFEtnD8nTYTRfpQCJzmM2mo-Xv-hkt6jcEBqLpdPhc93rd73fXO-x2u8bv9stcJpflYXZr_K7L6a23nFyWz1viNLnsnrfIb3WL_m7N6W94q4yny8Njetp9bpHD9HDLLH-3W3D0212et97mFlz-VpfH9Ja9LE_Tw_OW-V13k8vyljrcLs9b73W5bC6_HAAAAAAeAI7GYyF-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAAKUqM0AKA4FN7isnxOJ7_l5g8AgAcFEAAAAQwSgAG3phIACbKwEwAAAAAAAAAAlv____8YgL2AaRmAC8CxHoAHH4AHogLFIkYAAAAAW8d2SkeTOqGyqAIAIEi3ArgCAAjok8DxLwoDAAAIEJO9n91VZX-IGVugh8XvNzvsGr_bZQAAAAAAAAAAZv9n_2hCPVwpaUEkUexqv4AAAGu_gAAAbOoGAPAmABdygYFoOh0-171e9_vd9Q673a7xu_0yl8lleZjdGr_rcnrrLSeX5fOWOE0uu-ct8lvdor9bc_ob3irj6fLwmJ52n1vkMD3cMsvf7RYc_XaX5623uQWXv9XlMb1lL8vT9PC8ZX7X3eSyvKUOt8vz1ntdLpvLLzqCVgwGq1OI3XC22I0Wu8HsAAAAAO7-____8WTvZ3dV2R9i9EDGMlrZRiubcTAZGWYrk8kxW84mo9Vw49jNLKaV9zhlZisx0BMR-gIR9yLyux1Ou0U6kAhNp8Pnutfrfr-73mG32zV-t0UskKiMh5fl6XbZTRfpQCJ3mX5_y9dfctkcrrPpIhZIBH_P0_T02y3SgUTiN53-botYINEc_ZbT3eF2WaQDid5ht1vEAonsYXk67KaLdCCROcxm09Hyd_2MFvX9JmwxWk0mm-VwtlxMBsPRcDTan0CuBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBihYNJqvRaLKYDFejyWq2XOx2G6Ro1Wo22gyGq9lkttuthoPhcjTCCVuMVpPJZjmcLReTwXA0HI2GCBOW4WiwWK3cCsNm5hZNHB63cLjZrSWL3WiyGCxXDo9xLXp9TMfhbrYbDLcoGPC3F8FFOhE5PY_X5617mnwu01vvsNstYonmZJFOZJd9xzJa2UYrm3EwGRlmK5PJMVvOJqPVcOPYzSymlb9hGY4Gi9XKrTBsZm7RxOFxC4eb3Vqy2I0mi8Fy5fAY16LXx3Qc7ma7wXDfmG1ms-FwMhvtG7PNbDYcTmajfYfJ9Ex9zkbTX2PwmLzRaDWklJkPCpfB4v1JTItpd3bw_H5Hp8oZeRZ0RuHle_QaFJ6DRzUdn_0617j6tVZU3oNBEUsEp4t0InoZTxexRPK0SCfKmc23nFgcC4trMZzZbM7ZyLMxOVwb22DmMDlcE7FEabpIJ3qZy-SyPMxujd91Ob31lpPL8nlLnCaX3fMW-a1u0d-tOf0Nb5XxdHl4TE-7zy1ymB5umeXvdguOfrvL89bb3ILL3-rymN6yl-VpenjeMr_rbnJZ3lKH2-V5670ul81lUf-xIRdzxXI5VyyGc91olQAAAAAAAAAAljBn3gQAAADgNJDJaDhaLRcAAmdRFxgEAAAAAABg9x5silJb5uuiuPFjCXJ6Hq_PW_c0-Vymt95ht1sZ4MFpkXmzZ4JYq9WyBgAAEMAGAAAIyM6tm7eAMEsO!&excid=22&docw=0&cijs=1&nlb=true
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.5.2/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
86d0b0c5c5ac215d1bccc0057a9e5aeaf96554438e7eacc1c8d53f9f3f827b26

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/

Response headers

server
nginx
date
Fri, 12 Nov 2021 03:37:45 GMT
content-type
text/html;charset=ISO-8859-1
machineid
9405
VideoBidRequestHandlerServlet
wf.taboola.com/ Frame 132F 		1 KB
807 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=462&height=259&pubid=169497&tagid=953497&crid=4711345&noaop=3&sortOrderType=0&cb=1636688265238&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1295&pt=1358769458&tz=0&viewable=true&ddast=V7uckCFgNjSzY4k9p6fwRjSzY4k9p6fwUAAAAGBuIHG7AajngjBoW12012m8VuMhmslrPBYLDaDWEDVsMRb8SgsHa7yW6z2C0Wk9lmNhnNdsspBCLuReR3O5x2i3QgEZpOh891r9f9fne9w263a_xui1ggURkPL8vT7bKbLtKBRO4y_f6Wr7_ksjlcZ9NFLJAI_p6n6em3W6QDicRvOv3dFrFAojn6Lae7w-2ySAcSvcNut4gFEtnD8nTYTRfpQCJzmM2mo-Xv-hkt6jcEBqLpdPhc93rd73fXO-x2u8bv9stcJpflYXZr_K7L6a23nFyWz1viNLnsnrfIb3WL_m7N6W94q4yny8Njetp9bpHD9HDLLH-3W3D0212et97mFlz-VpfH9Ja9LE_Tw_OW-V13k8vyljrcLs9b73W5bC6_HAAAAAAeAI7GYyF-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAAKUqM0AKA4FN7isnxOJ7_l5g8AgAcFEAAAAQwSgAG3phIACbKwEwAAAAAAAAAAlv____8YgL2AaRmAC8CxHoAHH4AHogLFIkYAAAAAW8d2SkeTOqGyqAIAIEi3ArgCAAjok8DxLwoDAAAIEJO9n91VZX-IGVugh8XvNzvsGr_bZQAAAAAAAAAAZv9n_2hCPVwpaUEkUexqv4AAAGu_gAAAbOoGAPAmABdygYFoOh0-171e9_vd9Q673a7xu_0yl8lleZjdGr_rcnrrLSeX5fOWOE0uu-ct8lvdor9bc_ob3irj6fLwmJ52n1vkMD3cMsvf7RYc_XaX5623uQWXv9XlMb1lL8vT9PC8ZX7X3eSyvKUOt8vz1ntdLpvLLzqCVgwGq1OI3XC22I0Wu8HsAAAAAO7-____8WTvZ3dV2R9i9EDGMlrZRiubcTAZGWYrk8kxW84mo9Vw49jNLKaV9zhlZisx0BMR-gIR9yLyux1Ou0U6kAhNp8Pnutfrfr-73mG32zV-t0UskKiMh5fl6XbZTRfpQCJ3mX5_y9dfctkcrrPpIhZIBH_P0_T02y3SgUTiN53-botYINEc_ZbT3eF2WaQDid5ht1vEAonsYXk67KaLdCCROcxm09Hyd_2MFvX9JmwxWk0mm-VwtlxMBsPRcDTan0CuBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBihYNJqvRaLKYDFejyWq2XOx2G6Ro1Wo22gyGq9lkttuthoPhcjTCCVuMVpPJZjmcLReTwXA0HI2GCBOW4WiwWK3cCsNm5hZNHB63cLjZrSWL3WiyGCxXDo9xLXp9TMfhbrYbDLcoGPC3F8FFOhE5PY_X5617mnwu01vvsNstYonmZJFOZJd9xzJa2UYrm3EwGRlmK5PJMVvOJqPVcOPYzSymlb9hGY4Gi9XKrTBsZm7RxOFxC4eb3Vqy2I0mi8Fy5fAY16LXx3Qc7ma7wXDfmG1ms-FwMhvtG7PNbDYcTmajfYfJ9Ex9zkbTX2PwmLzRaDWklJkPCpfB4v1JTItpd3bw_H5Hp8oZeRZ0RuHle_QaFJ6DRzUdn_0617j6tVZU3oNBEUsEp4t0InoZTxexRPK0SCfKmc23nFgcC4trMZzZbM7ZyLMxOVwb22DmMDlcE7FEabpIJ3qZy-SyPMxujd91Ob31lpPL8nlLnCaX3fMW-a1u0d-tOf0Nb5XxdHl4TE-7zy1ymB5umeXvdguOfrvL89bb3ILL3-rymN6yl-VpenjeMr_rbnJZ3lKH2-V5670ul81lUf-xIRdzxXI5VyyGc91olQAAAAAAAAAAljBn3gQAAADgNJDJaDhaLRcAAmdRFxgEAAAAAABg9x5silJb5uuiuPFjCXJ6Hq_PW_c0-Vymt95ht1sZ4MFpkXmzZ4JYq9WyBgAAEMAGAAAIyM6tm7eAMEsO!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=1&pb=0&pagg=3&sd=undefined&dtagid=1205345&dpubid=224845&abtst=adh5c-1_vA!adh5c_vA!t45!ufm&mPre=0.033&cirf=https%3A%2F%2Fwww.oann.com&en=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.5.2/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0ef6bb12ff01a4a03c00ae073a6e3d370654e4901f6885d9a527c9258310affd

Request headers

Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type
text/plain

Response headers

date
Fri, 12 Nov 2021 03:37:45 GMT
content-encoding
gzip
access-control-allow-origin
https://www.oann.com
machineid
1469
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra19166-FRA
pragma
no-cache
server
nginx
x-timer
S1636688266.649301,VS0,VE49
vary
Accept-Encoding
content-type
application/json;charset=utf-8
via
1.1 varnish
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
st
am-vid-events.taboola.com/ Frame 132F 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=8061395&crid=4711345&dast=V7uckCFgNjSzY4k9p6fwRjSzY4k9p6fwUAAAAGBuIHG7AajngjBoW12012m8VuMhmslrPBYLDaDWEDVsMRb8SgsHa7yW6z2C0Wk9lmNhnNdsspBCLuReR3O5x2i3QgEZpOh891r9f9fne9w263a_xui1ggURkPL8vT7bKbLtKBRO4y_f6Wr7_ksjlcZ9NFLJAI_p6n6em3W6QDicRvOv3dFrFAojn6Lae7w-2ySAcSvcNut4gFEtnD8nTYTRfpQCJzmM2mo-Xv-hkt6jcEBqLpdPhc93rd73fXO-x2u8bv9stcJpflYXZr_K7L6a23nFyWz1viNLnsnrfIb3WL_m7N6W94q4yny8Njetp9bpHD9HDLLH-3W3D0212et97mFlz-VpfH9Ja9LE_Tw_OW-V13k8vyljrcLs9b73W5bC6_HAAAAAAeAI7GYyF-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAAKUqM0AKA4FN7isnxOJ7_l5g8AgAcFEAAAAQwSgAG3phIACbKwEwAAAAAAAAAAlv____8YgL2AaRmAC8CxHoAHH4AHogLFIkYAAAAAW8d2SkeTOqGyqAIAIEi3ArgCAAjok8DxLwoDAAAIEJO9n91VZX-IGVugh8XvNzvsGr_bZQAAAAAAAAAAZv9n_2hCPVwpaUEkUexqv4AAAGu_gAAAbOoGAPAmABdygYFoOh0-171e9_vd9Q673a7xu_0yl8lleZjdGr_rcnrrLSeX5fOWOE0uu-ct8lvdor9bc_ob3irj6fLwmJ52n1vkMD3cMsvf7RYc_XaX5623uQWXv9XlMb1lL8vT9PC8ZX7X3eSyvKUOt8vz1ntdLpvLLzqCVgwGq1OI3XC22I0Wu8HsAAAAAO7-____8WTvZ3dV2R9i9EDGMlrZRiubcTAZGWYrk8kxW84mo9Vw49jNLKaV9zhlZisx0BMR-gIR9yLyux1Ou0U6kAhNp8Pnutfrfr-73mG32zV-t0UskKiMh5fl6XbZTRfpQCJ3mX5_y9dfctkcrrPpIhZIBH_P0_T02y3SgUTiN53-botYINEc_ZbT3eF2WaQDid5ht1vEAonsYXk67KaLdCCROcxm09Hyd_2MFvX9JmwxWk0mm-VwtlxMBsPRcDTan0CuBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBihYNJqvRaLKYDFejyWq2XOx2G6Ro1Wo22gyGq9lkttuthoPhcjTCCVuMVpPJZjmcLReTwXA0HI2GCBOW4WiwWK3cCsNm5hZNHB63cLjZrSWL3WiyGCxXDo9xLXp9TMfhbrYbDLcoGPC3F8FFOhE5PY_X5617mnwu01vvsNstYonmZJFOZJd9xzJa2UYrm3EwGRlmK5PJMVvOJqPVcOPYzSymlb9hGY4Gi9XKrTBsZm7RxOFxC4eb3Vqy2I0mi8Fy5fAY16LXx3Qc7ma7wXDfmG1ms-FwMhvtG7PNbDYcTmajfYfJ9Ex9zkbTX2PwmLzRaDWklJkPCpfB4v1JTItpd3bw_H5Hp8oZeRZ0RuHle_QaFJ6DRzUdn_0617j6tVZU3oNBEUsEp4t0InoZTxexRPK0SCfKmc23nFgcC4trMZzZbM7ZyLMxOVwb22DmMDlcE7FEabpIJ3qZy-SyPMxujd91Ob31lpPL8nlLnCaX3fMW-a1u0d-tOf0Nb5XxdHl4TE-7zy1ymB5umeXvdguOfrvL89bb3ILL3-rymN6yl-VpenjeMr_rbnJZ3lKH2-V5670ul81lUf-xIRdzxXI5VyyGc91olQAAAAAAAAAAljBn3gQAAADgNJDJaDhaLRcAAmdRFxgEAAAAAABg9x5silJb5uuiuPFjCXJ6Hq_PW_c0-Vymt95ht1sZ4MFpkXmzZ4JYq9WyBgAAEMAGAAAIyM6tm7eAMEsO!&cmcv=&pix=31589837&cb=1636688265231&uv=3065&tms=1636688265231&abt=adh5c-1_vA!adh5c_vA!t45!ufm&ft=1&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1636688263364.4!ts:1636688265231&mntl=3
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:45 GMT
content-length
0
server
nginx
XRXW3I6Li01BKofAjsOUYevI.woff2
fonts.gstatic.com/s/nunito/v16/ Frame 8070 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunito/v16/XRXW3I6Li01BKofAjsOUYevI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
622b2acb1b2c8d4eba45b028583b297a195b839f4684fc02d6906c84779f763d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://disqus.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 13:29:55 GMT
x-content-type-options
nosniff
age
137270
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19088
x-xss-protection
0
last-modified
Wed, 25 Nov 2020 02:44:23 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 10 Nov 2022 13:29:55 GMT
XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v16/ Frame 8070 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunito/v16/XRXV3I6Li01BKofINeaB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
06f3af3fe52542d40ad9bc14ec03e04deaabd09ec369221cc8f536db1c72bf55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://disqus.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 05:32:05 GMT
x-content-type-options
nosniff
age
252340
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18972
x-xss-protection
0
last-modified
Wed, 25 Nov 2020 02:44:35 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 09 Nov 2022 05:32:05 GMT
get
c.disquscdn.com/ Frame 8070 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fdzm0ugdauank9.cloudfront.net%2Fwp-content%2Fuploads%2F2021%2F11%2FBDAS-1024x630.jpg&key=DShhPKhZUaTlmiV3Qzdcow&h=200
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:2200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6260ea4c4d663dec4483a6a7d98f65e5f55d9e82a23195b3d6f9a4d1ea6365a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 21:37:31 GMT
via
1.1 8348c06ca24c7faf1ae00ad6facc20b2.cloudfront.net (CloudFront), 1.1 09211df9a08903bbbc04e39ab4e6f301.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
23292
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy
cross-origin, cross-origin, cross-origin
content-length
12329
x-xss-protection
1; mode=block
x-served-by
static-web-1
referrer-policy
no-referrer-when-downgrade
server
nginx
x-cache-hits
0
content-type
image/jpeg
cache-control
max-age=2592000
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
x-amz-cf-id
kfQjefzx-eciTQUtoelHgW6LantErAQVPc8psyd94NKuPgkuJg_kZQ==
expires
Sat, 11 Dec 2021 21:37:31 GMT
get
c.disquscdn.com/ Frame 8070 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fdzm0ugdauank9.cloudfront.net%2Fwp-content%2Fuploads%2F2021%2F11%2FAP21314608551599.jpg&key=ZukG_FsiX7frgH2wIccntg&h=200
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:2200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
33aa4838b28dc0e8a3a432547061468fb23b9ea056acee71149f79048f427329
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 19:55:52 GMT
via
1.1 6ef654a6fd950af1eb6fc4790b972c72.cloudfront.net (CloudFront), 1.1 09211df9a08903bbbc04e39ab4e6f301.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
28866
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy
cross-origin, cross-origin, cross-origin
content-length
17401
x-xss-protection
1; mode=block
x-served-by
static-web-1
referrer-policy
no-referrer-when-downgrade
server
nginx
x-cache-hits
0
content-type
image/jpeg
cache-control
max-age=2592000
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
x-amz-cf-id
tRAUaQpd9k8TrIeUYausOClG6fxOYmoVxhLb79XRRdFKQ3tqueaxlQ==
expires
Sat, 11 Dec 2021 19:55:52 GMT
get
c.disquscdn.com/ Frame 8070 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fdzm0ugdauank9.cloudfront.net%2Fwp-content%2Fuploads%2F2021%2F11%2F2021-11-11T232403Z_1_LYNXMPEHAA1CA_RTROPTP_0_USA-TREASURY-SANCTIONS_1.jpg&key=vrQRDasG4e4jEr_MAwPTXA&h=200
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:2200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
ba5bf9aba1e50f7225c71ba355a9a0c03eb83ad935d7229fe1b0b5330e3e596a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 02:23:24 GMT
via
1.1 92ed8a6103fa735c31caf49b92d4efb7.cloudfront.net (CloudFront), 1.1 09211df9a08903bbbc04e39ab4e6f301.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
13414
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy
cross-origin, cross-origin, cross-origin
content-length
8730
x-xss-protection
1; mode=block
x-served-by
static-web-1
referrer-policy
no-referrer-when-downgrade
server
nginx
x-cache-hits
0
content-type
image/jpeg
cache-control
max-age=2592000
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
x-amz-cf-id
Wr_SoiUCLh-vhdSEWuEBRdlRRd8PLgotkkad6gFDfrtsO6rxEfBKCA==
expires
Sun, 12 Dec 2021 02:23:24 GMT
get
c.disquscdn.com/ Frame 8070 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fdzm0ugdauank9.cloudfront.net%2Fwp-content%2Fuploads%2F2021%2F11%2Fhate-1024x630.jpg&key=W44d7u8EhaLxUHEuhrpnGQ&h=200
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:2200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
86825242f6d00d72098ec198ad35f620d0543e171ee8d80555f0374a1930b523
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 23:49:15 GMT
via
1.1 4e6e9c8ad6e40529a0e7659f2f4c5f28.cloudfront.net (CloudFront), 1.1 09211df9a08903bbbc04e39ab4e6f301.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
17374
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy
cross-origin, cross-origin, cross-origin
content-length
16588
x-xss-protection
1; mode=block
x-served-by
static-web-1
referrer-policy
no-referrer-when-downgrade
server
nginx
x-cache-hits
0
content-type
image/jpeg
cache-control
max-age=2592000
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
x-amz-cf-id
TxNOEmd3Y_57h-xtHKHSf049dZsOF3mwjlDPGZvsvqlh3Czd0LMU7A==
expires
Sat, 11 Dec 2021 23:49:15 GMT
get
c.disquscdn.com/ Frame 8070 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fdzm0ugdauank9.cloudfront.net%2Fwp-content%2Fuploads%2F2021%2F11%2Ffgsd.jpg&key=Cdh-VG2Zqr1Mbjt8JHgGDg&h=200
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:2200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
835e0f43f4e82cb51c71996064baf3f81f8086a32ebc7076e908d56ab44b07d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 00:25:57 GMT
via
1.1 122cd39a473c6e4835362753fc929a09.cloudfront.net (CloudFront), 1.1 09211df9a08903bbbc04e39ab4e6f301.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
16657
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy
cross-origin, cross-origin, cross-origin
content-length
15042
x-xss-protection
1; mode=block
x-served-by
static-web-1
referrer-policy
no-referrer-when-downgrade
server
nginx
x-cache-hits
0
content-type
image/jpeg
cache-control
max-age=2592000
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
x-amz-cf-id
drhqzTC0sdrLd00NFOkal3j4ePp-UMHSugkNQNIxaROKuXRB770IAg==
expires
Sun, 12 Dec 2021 00:25:57 GMT
get
c.disquscdn.com/ Frame 8070 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fdzm0ugdauank9.cloudfront.net%2Fwp-content%2Fuploads%2F2021%2F11%2FGAVINS-1024x630.jpg&key=xX3DniedT45nZD7hZtZWEg&h=200
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:2200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e1b4d7a7f8a7d8dbbf69a27da147dd5d5f181388992272b1e731b046e215320c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 01:44:08 GMT
via
1.1 4e6e9c8ad6e40529a0e7659f2f4c5f28.cloudfront.net (CloudFront), 1.1 09211df9a08903bbbc04e39ab4e6f301.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
8041
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy
cross-origin, cross-origin, cross-origin
content-length
7171
x-xss-protection
1; mode=block
x-served-by
static-web-1
referrer-policy
no-referrer-when-downgrade
server
nginx
x-cache-hits
0
content-type
image/jpeg
cache-control
max-age=2592000
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
x-amz-cf-id
AdrzXrkHHehFLaXxPDh1T7UfQBAkiwDKr2S-5UaKvst28Ie9-d5BLw==
expires
Sun, 12 Dec 2021 01:44:08 GMT
get
c.disquscdn.com/ Frame 8070 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fdzm0ugdauank9.cloudfront.net%2Fwp-content%2Fuploads%2F2021%2F11%2FFDGSD.jpg&key=4GbC98IDqEbLTZ5tQnuxdw&h=200
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:2200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
84326647214c7d75e10c5f86929914bed369a9319ddd49f66c686b9e6358c3c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 00:25:25 GMT
via
1.1 92ed8a6103fa735c31caf49b92d4efb7.cloudfront.net (CloudFront), 1.1 09211df9a08903bbbc04e39ab4e6f301.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
16436
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy
cross-origin, cross-origin, cross-origin
content-length
16803
x-xss-protection
1; mode=block
x-served-by
static-web-1
referrer-policy
no-referrer-when-downgrade
server
nginx
x-cache-hits
0
content-type
image/jpeg
cache-control
max-age=2592000
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
x-amz-cf-id
qizHWExtz10Ww90Og_haL8ezQIEF1SC34Tpt2ZM8Ie_bB6Rte7AIjw==
expires
Sun, 12 Dec 2021 00:25:25 GMT
get
c.disquscdn.com/ Frame 8070 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/get?url=https%3A%2F%2Fdzm0ugdauank9.cloudfront.net%2Fwp-content%2Fuploads%2F2021%2F11%2F2021-11-11T200427Z_1_LYNXMPEHAA172_RTROPTP_0_TEXAS-SECURITY-TRAVISSCOTT-STATEMENT_1-450x630.jpg&key=oK26lZlxZpUTEnca0qYBrA&h=200
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:2200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5a047caf3001106af3953c7a389cc558b150fb54c95add7f26d037ea543b5290
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 21:37:31 GMT
via
1.1 1bd7d779bed244375679d82e1821cc3d.cloudfront.net (CloudFront), 1.1 09211df9a08903bbbc04e39ab4e6f301.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
25981
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy
cross-origin, cross-origin, cross-origin
content-length
4588
x-xss-protection
1; mode=block
x-served-by
static-web-1
referrer-policy
no-referrer-when-downgrade
server
nginx
x-cache-hits
0
content-type
image/jpeg
cache-control
max-age=2592000
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
x-amz-cf-id
5JxhS8vu44_UypszsIklSTcCal_J7QTl-CMwmmCVekGbt1n4dtPkcQ==
expires
Sat, 11 Dec 2021 21:37:31 GMT
u6lgzdloonsvi8gw5vsj.mp4
c3.taboola.com/libtrc/static/video/t_PERFORMANCE_VIDEO_DEFAULT/v1598426398/ Frame 132F 		342 KB
343 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://c3.taboola.com/libtrc/static/video/t_PERFORMANCE_VIDEO_DEFAULT/v1598426398/u6lgzdloonsvi8gw5vsj.mp4
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
954cf82356dc90e3a5c0e1d4ae4eea01026abd90f817835021c3d9a5268a83ac

Request headers

Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
wr7RB.iMdWJLBoe8SxZPnHWraWQdEAry
via
1.1 varnish
etag
"9e2b18afe889a9c285b4d42d3625193b"
age
103
x-cache
HIT
Content-Range
bytes 0-350488/350489
x-amz-replication-status
COMPLETED
Content-Length
350489
x-amz-id-2
AYk8HzN71ieo3q/UVQsLtQIATQ43hQxM8qATOuQYVOAQkS0WooVdPR6xkqI2yUnwohKKJWA9W9w=
x-served-by
cache-fra19166-FRA
last-modified
Wed, 26 Aug 2020 07:20:04 GMT
server
AmazonS3
x-timer
S1636688266.688230,VS0,VE1
date
Fri, 12 Nov 2021 03:37:45 GMT
x-amz-request-id
KAJP17M61Z6DDR45
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
video/mp4;codecs=avc1
abp
92
x-cache-hits
0
embed.vendors~ondemand.horizon-web.en-js.b7421551ee3ebed56e9a.js
platform.twitter.com/embed/ Frame C1E4 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.horizon-web.en-js.b7421551ee3ebed56e9a.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.5b28e1eb2ce7e3cfb96b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.25 Playa Vista, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6725) /
Resource Hash
95c423bf8171e23d66d1b74a7f5bd90ad1806e8a3bea717280f9d71577389230

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1458904181540995079&lang=en&origin=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&sessionId=6cdd71d210df1c09d32d5179b0a61410ce4fe9c9&theme=light&widgetsVersion=f001879%3A1634581029404&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:37:45 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Nov 2021 23:26:51 GMT
Server
ECS (frb/6725)
Age
187308
Etag
"243d823d043564092099acd4323c5b02+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
9316
embed.ondemand.i18n.en-js.f16741b6fb21a128fd90.js
platform.twitter.com/embed/ Frame C1E4 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.i18n.en-js.f16741b6fb21a128fd90.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.5b28e1eb2ce7e3cfb96b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.25 Playa Vista, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67DF) /
Resource Hash
bab164d85e467a11e91cec9a64238e29bc0e5b0d6d8c107ebe2a4f19a7e99ac3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1458904181540995079&lang=en&origin=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&sessionId=6cdd71d210df1c09d32d5179b0a61410ce4fe9c9&theme=light&widgetsVersion=f001879%3A1634581029404&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:37:45 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Nov 2021 23:26:51 GMT
Server
ECS (frb/67DF)
Age
187306
Etag
"9f3c8a5e2dd560ec891c95f951f5617c+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
1766
bulk
trc.taboola.com/disqus-widget-oann/log/3/ Frame 132F 		0
190 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/disqus-widget-oann/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211110-1-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Fri, 12 Nov 2021 03:37:45 GMT
via
1.1 varnish
server
nginx
x-timer
S1636688266.810474,VS0,VE9
x-served-by
cache-fra19166-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.oann.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
sync
taboola-supply-partners.tremorhub.com/ Frame 9459 		43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8061395&crid=4711345&dast=V7uckCFgNjSzY4k9p6fwRjSzY4k9p6fwUAAAAGBuIHG7AajngjBoW12012m8VuMhmslrPBYLDaDWEDVsMRb8SgsHa7yW6z2C0Wk9lmNhnNdsspBCLuReR3O5x2i3QgEZpOh891r9f9fne9w263a_xui1ggURkPL8vT7bKbLtKBRO4y_f6Wr7_ksjlcZ9NFLJAI_p6n6em3W6QDicRvOv3dFrFAojn6Lae7w-2ySAcSvcNut4gFEtnD8nTYTRfpQCJzmM2mo-Xv-hkt6jcEBqLpdPhc93rd73fXO-x2u8bv9stcJpflYXZr_K7L6a23nFyWz1viNLnsnrfIb3WL_m7N6W94q4yny8Njetp9bpHD9HDLLH-3W3D0212et97mFlz-VpfH9Ja9LE_Tw_OW-V13k8vyljrcLs9b73W5bC6_HAAAAAAeAI7GYyF-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAAKUqM0AKA4FN7isnxOJ7_l5g8AgAcFEAAAAQwSgAG3phIACbKwEwAAAAAAAAAAlv____8YgL2AaRmAC8CxHoAHH4AHogLFIkYAAAAAW8d2SkeTOqGyqAIAIEi3ArgCAAjok8DxLwoDAAAIEJO9n91VZX-IGVugh8XvNzvsGr_bZQAAAAAAAAAAZv9n_2hCPVwpaUEkUexqv4AAAGu_gAAAbOoGAPAmABdygYFoOh0-171e9_vd9Q673a7xu_0yl8lleZjdGr_rcnrrLSeX5fOWOE0uu-ct8lvdor9bc_ob3irj6fLwmJ52n1vkMD3cMsvf7RYc_XaX5623uQWXv9XlMb1lL8vT9PC8ZX7X3eSyvKUOt8vz1ntdLpvLLzqCVgwGq1OI3XC22I0Wu8HsAAAAAO7-____8WTvZ3dV2R9i9EDGMlrZRiubcTAZGWYrk8kxW84mo9Vw49jNLKaV9zhlZisx0BMR-gIR9yLyux1Ou0U6kAhNp8Pnutfrfr-73mG32zV-t0UskKiMh5fl6XbZTRfpQCJ3mX5_y9dfctkcrrPpIhZIBH_P0_T02y3SgUTiN53-botYINEc_ZbT3eF2WaQDid5ht1vEAonsYXk67KaLdCCROcxm09Hyd_2MFvX9JmwxWk0mm-VwtlxMBsPRcDTan0CuBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBihYNJqvRaLKYDFejyWq2XOx2G6Ro1Wo22gyGq9lkttuthoPhcjTCCVuMVpPJZjmcLReTwXA0HI2GCBOW4WiwWK3cCsNm5hZNHB63cLjZrSWL3WiyGCxXDo9xLXp9TMfhbrYbDLcoGPC3F8FFOhE5PY_X5617mnwu01vvsNstYonmZJFOZJd9xzJa2UYrm3EwGRlmK5PJMVvOJqPVcOPYzSymlb9hGY4Gi9XKrTBsZm7RxOFxC4eb3Vqy2I0mi8Fy5fAY16LXx3Qc7ma7wXDfmG1ms-FwMhvtG7PNbDYcTmajfYfJ9Ex9zkbTX2PwmLzRaDWklJkPCpfB4v1JTItpd3bw_H5Hp8oZeRZ0RuHle_QaFJ6DRzUdn_0617j6tVZU3oNBEUsEp4t0InoZTxexRPK0SCfKmc23nFgcC4trMZzZbM7ZyLMxOVwb22DmMDlcE7FEabpIJ3qZy-SyPMxujd91Ob31lpPL8nlLnCaX3fMW-a1u0d-tOf0Nb5XxdHl4TE-7zy1ymB5umeXvdguOfrvL89bb3ILL3-rymN6yl-VpenjeMr_rbnJZ3lKH2-V5670ul81lUf-xIRdzxXI5VyyGc91olQAAAAAAAAAAljBn3gQAAADgNJDJaDhaLRcAAmdRFxgEAAAAAABg9x5silJb5uuiuPFjCXJ6Hq_PW_c0-Vymt95ht1sZ4MFpkXmzZ4JYq9WyBgAAEMAGAAAIyM6tm7eAMEsO!&cmcv=&pix=undefined&cb=1636688265231&uv=3065&tms=1636688265231&abt=adh5c-1_vA!adh5c_vA!t45!ufm&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=058D7DAB5772731722059600057&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:542e:84b1:1361:c28e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:46 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
generic
match.adsrvr.org/track/cmf/ Frame 9459 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8061395&crid=4711345&dast=V7uckCFgNjSzY4k9p6fwRjSzY4k9p6fwUAAAAGBuIHG7AajngjBoW12012m8VuMhmslrPBYLDaDWEDVsMRb8SgsHa7yW6z2C0Wk9lmNhnNdsspBCLuReR3O5x2i3QgEZpOh891r9f9fne9w263a_xui1ggURkPL8vT7bKbLtKBRO4y_f6Wr7_ksjlcZ9NFLJAI_p6n6em3W6QDicRvOv3dFrFAojn6Lae7w-2ySAcSvcNut4gFEtnD8nTYTRfpQCJzmM2mo-Xv-hkt6jcEBqLpdPhc93rd73fXO-x2u8bv9stcJpflYXZr_K7L6a23nFyWz1viNLnsnrfIb3WL_m7N6W94q4yny8Njetp9bpHD9HDLLH-3W3D0212et97mFlz-VpfH9Ja9LE_Tw_OW-V13k8vyljrcLs9b73W5bC6_HAAAAAAeAI7GYyF-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAAKUqM0AKA4FN7isnxOJ7_l5g8AgAcFEAAAAQwSgAG3phIACbKwEwAAAAAAAAAAlv____8YgL2AaRmAC8CxHoAHH4AHogLFIkYAAAAAW8d2SkeTOqGyqAIAIEi3ArgCAAjok8DxLwoDAAAIEJO9n91VZX-IGVugh8XvNzvsGr_bZQAAAAAAAAAAZv9n_2hCPVwpaUEkUexqv4AAAGu_gAAAbOoGAPAmABdygYFoOh0-171e9_vd9Q673a7xu_0yl8lleZjdGr_rcnrrLSeX5fOWOE0uu-ct8lvdor9bc_ob3irj6fLwmJ52n1vkMD3cMsvf7RYc_XaX5623uQWXv9XlMb1lL8vT9PC8ZX7X3eSyvKUOt8vz1ntdLpvLLzqCVgwGq1OI3XC22I0Wu8HsAAAAAO7-____8WTvZ3dV2R9i9EDGMlrZRiubcTAZGWYrk8kxW84mo9Vw49jNLKaV9zhlZisx0BMR-gIR9yLyux1Ou0U6kAhNp8Pnutfrfr-73mG32zV-t0UskKiMh5fl6XbZTRfpQCJ3mX5_y9dfctkcrrPpIhZIBH_P0_T02y3SgUTiN53-botYINEc_ZbT3eF2WaQDid5ht1vEAonsYXk67KaLdCCROcxm09Hyd_2MFvX9JmwxWk0mm-VwtlxMBsPRcDTan0CuBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBihYNJqvRaLKYDFejyWq2XOx2G6Ro1Wo22gyGq9lkttuthoPhcjTCCVuMVpPJZjmcLReTwXA0HI2GCBOW4WiwWK3cCsNm5hZNHB63cLjZrSWL3WiyGCxXDo9xLXp9TMfhbrYbDLcoGPC3F8FFOhE5PY_X5617mnwu01vvsNstYonmZJFOZJd9xzJa2UYrm3EwGRlmK5PJMVvOJqPVcOPYzSymlb9hGY4Gi9XKrTBsZm7RxOFxC4eb3Vqy2I0mi8Fy5fAY16LXx3Qc7ma7wXDfmG1ms-FwMhvtG7PNbDYcTmajfYfJ9Ex9zkbTX2PwmLzRaDWklJkPCpfB4v1JTItpd3bw_H5Hp8oZeRZ0RuHle_QaFJ6DRzUdn_0617j6tVZU3oNBEUsEp4t0InoZTxexRPK0SCfKmc23nFgcC4trMZzZbM7ZyLMxOVwb22DmMDlcE7FEabpIJ3qZy-SyPMxujd91Ob31lpPL8nlLnCaX3fMW-a1u0d-tOf0Nb5XxdHl4TE-7zy1ymB5umeXvdguOfrvL89bb3ILL3-rymN6yl-VpenjeMr_rbnJZ3lKH2-V5670ul81lUf-xIRdzxXI5VyyGc91olQAAAAAAAAAAljBn3gQAAADgNJDJaDhaLRcAAmdRFxgEAAAAAABg9x5silJb5uuiuPFjCXJ6Hq_PW_c0-Vymt95ht1sZ4MFpkXmzZ4JYq9WyBgAAEMAGAAAIyM6tm7eAMEsO!&cmcv=&pix=undefined&cb=1636688265231&uv=3065&tms=1636688265231&abt=adh5c-1_vA!adh5c_vA!t45!ufm&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=058D7DAB5772731722059600057&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:45 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 9459
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=e67ad1e9-4369-11ec-b9ca-18b2794d0206&orig=video&us_privacy=1---gdpr=1&
0
229 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=e67ad1e9-4369-11ec-b9ca-18b2794d0206&orig=video&us_privacy=1---gdpr=1&
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8061395&crid=4711345&dast=V7uckCFgNjSzY4k9p6fwRjSzY4k9p6fwUAAAAGBuIHG7AajngjBoW12012m8VuMhmslrPBYLDaDWEDVsMRb8SgsHa7yW6z2C0Wk9lmNhnNdsspBCLuReR3O5x2i3QgEZpOh891r9f9fne9w263a_xui1ggURkPL8vT7bKbLtKBRO4y_f6Wr7_ksjlcZ9NFLJAI_p6n6em3W6QDicRvOv3dFrFAojn6Lae7w-2ySAcSvcNut4gFEtnD8nTYTRfpQCJzmM2mo-Xv-hkt6jcEBqLpdPhc93rd73fXO-x2u8bv9stcJpflYXZr_K7L6a23nFyWz1viNLnsnrfIb3WL_m7N6W94q4yny8Njetp9bpHD9HDLLH-3W3D0212et97mFlz-VpfH9Ja9LE_Tw_OW-V13k8vyljrcLs9b73W5bC6_HAAAAAAeAI7GYyF-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAAKUqM0AKA4FN7isnxOJ7_l5g8AgAcFEAAAAQwSgAG3phIACbKwEwAAAAAAAAAAlv____8YgL2AaRmAC8CxHoAHH4AHogLFIkYAAAAAW8d2SkeTOqGyqAIAIEi3ArgCAAjok8DxLwoDAAAIEJO9n91VZX-IGVugh8XvNzvsGr_bZQAAAAAAAAAAZv9n_2hCPVwpaUEkUexqv4AAAGu_gAAAbOoGAPAmABdygYFoOh0-171e9_vd9Q673a7xu_0yl8lleZjdGr_rcnrrLSeX5fOWOE0uu-ct8lvdor9bc_ob3irj6fLwmJ52n1vkMD3cMsvf7RYc_XaX5623uQWXv9XlMb1lL8vT9PC8ZX7X3eSyvKUOt8vz1ntdLpvLLzqCVgwGq1OI3XC22I0Wu8HsAAAAAO7-____8WTvZ3dV2R9i9EDGMlrZRiubcTAZGWYrk8kxW84mo9Vw49jNLKaV9zhlZisx0BMR-gIR9yLyux1Ou0U6kAhNp8Pnutfrfr-73mG32zV-t0UskKiMh5fl6XbZTRfpQCJ3mX5_y9dfctkcrrPpIhZIBH_P0_T02y3SgUTiN53-botYINEc_ZbT3eF2WaQDid5ht1vEAonsYXk67KaLdCCROcxm09Hyd_2MFvX9JmwxWk0mm-VwtlxMBsPRcDTan0CuBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBihYNJqvRaLKYDFejyWq2XOx2G6Ro1Wo22gyGq9lkttuthoPhcjTCCVuMVpPJZjmcLReTwXA0HI2GCBOW4WiwWK3cCsNm5hZNHB63cLjZrSWL3WiyGCxXDo9xLXp9TMfhbrYbDLcoGPC3F8FFOhE5PY_X5617mnwu01vvsNstYonmZJFOZJd9xzJa2UYrm3EwGRlmK5PJMVvOJqPVcOPYzSymlb9hGY4Gi9XKrTBsZm7RxOFxC4eb3Vqy2I0mi8Fy5fAY16LXx3Qc7ma7wXDfmG1ms-FwMhvtG7PNbDYcTmajfYfJ9Ex9zkbTX2PwmLzRaDWklJkPCpfB4v1JTItpd3bw_H5Hp8oZeRZ0RuHle_QaFJ6DRzUdn_0617j6tVZU3oNBEUsEp4t0InoZTxexRPK0SCfKmc23nFgcC4trMZzZbM7ZyLMxOVwb22DmMDlcE7FEabpIJ3qZy-SyPMxujd91Ob31lpPL8nlLnCaX3fMW-a1u0d-tOf0Nb5XxdHl4TE-7zy1ymB5umeXvdguOfrvL89bb3ILL3-rymN6yl-VpenjeMr_rbnJZ3lKH2-V5670ul81lUf-xIRdzxXI5VyyGc91olQAAAAAAAAAAljBn3gQAAADgNJDJaDhaLRcAAmdRFxgEAAAAAABg9x5silJb5uuiuPFjCXJ6Hq_PW_c0-Vymt95ht1sZ4MFpkXmzZ4JYq9WyBgAAEMAGAAAIyM6tm7eAMEsO!&cmcv=&pix=undefined&cb=1636688265231&uv=3065&tms=1636688265231&abt=adh5c-1_vA!adh5c_vA!t45!ufm&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=058D7DAB5772731722059600057&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:45 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
8180

Redirect headers

Date
Fri, 12 Nov 2021 03:37:45 GMT
Server
nginx
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=e67ad1e9-4369-11ec-b9ca-18b2794d0206&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
25
Connection
keep-alive
Content-Length
0
sync
x.bidswitch.net/ Frame 9459 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8061395&crid=4711345&dast=V7uckCFgNjSzY4k9p6fwRjSzY4k9p6fwUAAAAGBuIHG7AajngjBoW12012m8VuMhmslrPBYLDaDWEDVsMRb8SgsHa7yW6z2C0Wk9lmNhnNdsspBCLuReR3O5x2i3QgEZpOh891r9f9fne9w263a_xui1ggURkPL8vT7bKbLtKBRO4y_f6Wr7_ksjlcZ9NFLJAI_p6n6em3W6QDicRvOv3dFrFAojn6Lae7w-2ySAcSvcNut4gFEtnD8nTYTRfpQCJzmM2mo-Xv-hkt6jcEBqLpdPhc93rd73fXO-x2u8bv9stcJpflYXZr_K7L6a23nFyWz1viNLnsnrfIb3WL_m7N6W94q4yny8Njetp9bpHD9HDLLH-3W3D0212et97mFlz-VpfH9Ja9LE_Tw_OW-V13k8vyljrcLs9b73W5bC6_HAAAAAAeAI7GYyF-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAAKUqM0AKA4FN7isnxOJ7_l5g8AgAcFEAAAAQwSgAG3phIACbKwEwAAAAAAAAAAlv____8YgL2AaRmAC8CxHoAHH4AHogLFIkYAAAAAW8d2SkeTOqGyqAIAIEi3ArgCAAjok8DxLwoDAAAIEJO9n91VZX-IGVugh8XvNzvsGr_bZQAAAAAAAAAAZv9n_2hCPVwpaUEkUexqv4AAAGu_gAAAbOoGAPAmABdygYFoOh0-171e9_vd9Q673a7xu_0yl8lleZjdGr_rcnrrLSeX5fOWOE0uu-ct8lvdor9bc_ob3irj6fLwmJ52n1vkMD3cMsvf7RYc_XaX5623uQWXv9XlMb1lL8vT9PC8ZX7X3eSyvKUOt8vz1ntdLpvLLzqCVgwGq1OI3XC22I0Wu8HsAAAAAO7-____8WTvZ3dV2R9i9EDGMlrZRiubcTAZGWYrk8kxW84mo9Vw49jNLKaV9zhlZisx0BMR-gIR9yLyux1Ou0U6kAhNp8Pnutfrfr-73mG32zV-t0UskKiMh5fl6XbZTRfpQCJ3mX5_y9dfctkcrrPpIhZIBH_P0_T02y3SgUTiN53-botYINEc_ZbT3eF2WaQDid5ht1vEAonsYXk67KaLdCCROcxm09Hyd_2MFvX9JmwxWk0mm-VwtlxMBsPRcDTan0CuBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBihYNJqvRaLKYDFejyWq2XOx2G6Ro1Wo22gyGq9lkttuthoPhcjTCCVuMVpPJZjmcLReTwXA0HI2GCBOW4WiwWK3cCsNm5hZNHB63cLjZrSWL3WiyGCxXDo9xLXp9TMfhbrYbDLcoGPC3F8FFOhE5PY_X5617mnwu01vvsNstYonmZJFOZJd9xzJa2UYrm3EwGRlmK5PJMVvOJqPVcOPYzSymlb9hGY4Gi9XKrTBsZm7RxOFxC4eb3Vqy2I0mi8Fy5fAY16LXx3Qc7ma7wXDfmG1ms-FwMhvtG7PNbDYcTmajfYfJ9Ex9zkbTX2PwmLzRaDWklJkPCpfB4v1JTItpd3bw_H5Hp8oZeRZ0RuHle_QaFJ6DRzUdn_0617j6tVZU3oNBEUsEp4t0InoZTxexRPK0SCfKmc23nFgcC4trMZzZbM7ZyLMxOVwb22DmMDlcE7FEabpIJ3qZy-SyPMxujd91Ob31lpPL8nlLnCaX3fMW-a1u0d-tOf0Nb5XxdHl4TE-7zy1ymB5umeXvdguOfrvL89bb3ILL3-rymN6yl-VpenjeMr_rbnJZ3lKH2-V5670ul81lUf-xIRdzxXI5VyyGc91olQAAAAAAAAAAljBn3gQAAADgNJDJaDhaLRcAAmdRFxgEAAAAAABg9x5silJb5uuiuPFjCXJ6Hq_PW_c0-Vymt95ht1sZ4MFpkXmzZ4JYq9WyBgAAEMAGAAAIyM6tm7eAMEsO!&cmcv=&pix=undefined&cb=1636688265231&uv=3065&tms=1636688265231&abt=adh5c-1_vA!adh5c_vA!t45!ufm&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=058D7DAB5772731722059600057&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.90.196 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-90-196.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:37:45 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
generic
match.adsrvr.org/track/cmf/ Frame 9031 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7uckCFgNjSzY4k9p6fwRjSzY4k9p6fwUAAAAGBuIHG7AajngjBoW12012m8VuMhmslrPBYLDaDWEDVsMRb8SgsHa7yW6z2C0Wk9lmNhnNdsspBCLuReR3O5x2i3QgEZpOh891r9f9fne9w263a_xui1ggURkPL8vT7bKbLtKBRO4y_f6Wr7_ksjlcZ9NFLJAI_p6n6em3W6QDicRvOv3dFrFAojn6Lae7w-2ySAcSvcNut4gFEtnD8nTYTRfpQCJzmM2mo-Xv-hkt6jcEBqLpdPhc93rd73fXO-x2u8bv9stcJpflYXZr_K7L6a23nFyWz1viNLnsnrfIb3WL_m7N6W94q4yny8Njetp9bpHD9HDLLH-3W3D0212et97mFlz-VpfH9Ja9LE_Tw_OW-V13k8vyljrcLs9b73W5bC6_HAAAAAAeAI7GYyF-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAAKUqM0AKA4FN7isnxOJ7_l5g8AgAcFEAAAAQwSgAG3phIACbKwEwAAAAAAAAAAlv____8YgL2AaRmAC8CxHoAHH4AHogLFIkYAAAAAW8d2SkeTOqGyqAIAIEi3ArgCAAjok8DxLwoDAAAIEJO9n91VZX-IGVugh8XvNzvsGr_bZQAAAAAAAAAAZv9n_2hCPVwpaUEkUexqv4AAAGu_gAAAbOoGAPAmABdygYFoOh0-171e9_vd9Q673a7xu_0yl8lleZjdGr_rcnrrLSeX5fOWOE0uu-ct8lvdor9bc_ob3irj6fLwmJ52n1vkMD3cMsvf7RYc_XaX5623uQWXv9XlMb1lL8vT9PC8ZX7X3eSyvKUOt8vz1ntdLpvLLzqCVgwGq1OI3XC22I0Wu8HsAAAAAO7-____8WTvZ3dV2R9i9EDGMlrZRiubcTAZGWYrk8kxW84mo9Vw49jNLKaV9zhlZisx0BMR-gIR9yLyux1Ou0U6kAhNp8Pnutfrfr-73mG32zV-t0UskKiMh5fl6XbZTRfpQCJ3mX5_y9dfctkcrrPpIhZIBH_P0_T02y3SgUTiN53-botYINEc_ZbT3eF2WaQDid5ht1vEAonsYXk67KaLdCCROcxm09Hyd_2MFvX9JmwxWk0mm-VwtlxMBsPRcDTan0CuBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBihYNJqvRaLKYDFejyWq2XOx2G6Ro1Wo22gyGq9lkttuthoPhcjTCCVuMVpPJZjmcLReTwXA0HI2GCBOW4WiwWK3cCsNm5hZNHB63cLjZrSWL3WiyGCxXDo9xLXp9TMfhbrYbDLcoGPC3F8FFOhE5PY_X5617mnwu01vvsNstYonmZJFOZJd9xzJa2UYrm3EwGRlmK5PJMVvOJqPVcOPYzSymlb9hGY4Gi9XKrTBsZm7RxOFxC4eb3Vqy2I0mi8Fy5fAY16LXx3Qc7ma7wXDfmG1ms-FwMhvtG7PNbDYcTmajfYfJ9Ex9zkbTX2PwmLzRaDWklJkPCpfB4v1JTItpd3bw_H5Hp8oZeRZ0RuHle_QaFJ6DRzUdn_0617j6tVZU3oNBEUsEp4t0InoZTxexRPK0SCfKmc23nFgcC4trMZzZbM7ZyLMxOVwb22DmMDlcE7FEabpIJ3qZy-SyPMxujd91Ob31lpPL8nlLnCaX3fMW-a1u0d-tOf0Nb5XxdHl4TE-7zy1ymB5umeXvdguOfrvL89bb3ILL3-rymN6yl-VpenjeMr_rbnJZ3lKH2-V5670ul81lUf-xIRdzxXI5VyyGc91olQAAAAAAAAAAljBn3gQAAADgNJDJaDhaLRcAAmdRFxgEAAAAAABg9x5silJb5uuiuPFjCXJ6Hq_PW_c0-Vymt95ht1sZ4MFpkXmzZ4JYq9WyBgAAEMAGAAAIyM6tm7eAMEsO!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:45 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
taboola-supply-partners.tremorhub.com/ Frame 9031 		43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7uckCFgNjSzY4k9p6fwRjSzY4k9p6fwUAAAAGBuIHG7AajngjBoW12012m8VuMhmslrPBYLDaDWEDVsMRb8SgsHa7yW6z2C0Wk9lmNhnNdsspBCLuReR3O5x2i3QgEZpOh891r9f9fne9w263a_xui1ggURkPL8vT7bKbLtKBRO4y_f6Wr7_ksjlcZ9NFLJAI_p6n6em3W6QDicRvOv3dFrFAojn6Lae7w-2ySAcSvcNut4gFEtnD8nTYTRfpQCJzmM2mo-Xv-hkt6jcEBqLpdPhc93rd73fXO-x2u8bv9stcJpflYXZr_K7L6a23nFyWz1viNLnsnrfIb3WL_m7N6W94q4yny8Njetp9bpHD9HDLLH-3W3D0212et97mFlz-VpfH9Ja9LE_Tw_OW-V13k8vyljrcLs9b73W5bC6_HAAAAAAeAI7GYyF-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAAKUqM0AKA4FN7isnxOJ7_l5g8AgAcFEAAAAQwSgAG3phIACbKwEwAAAAAAAAAAlv____8YgL2AaRmAC8CxHoAHH4AHogLFIkYAAAAAW8d2SkeTOqGyqAIAIEi3ArgCAAjok8DxLwoDAAAIEJO9n91VZX-IGVugh8XvNzvsGr_bZQAAAAAAAAAAZv9n_2hCPVwpaUEkUexqv4AAAGu_gAAAbOoGAPAmABdygYFoOh0-171e9_vd9Q673a7xu_0yl8lleZjdGr_rcnrrLSeX5fOWOE0uu-ct8lvdor9bc_ob3irj6fLwmJ52n1vkMD3cMsvf7RYc_XaX5623uQWXv9XlMb1lL8vT9PC8ZX7X3eSyvKUOt8vz1ntdLpvLLzqCVgwGq1OI3XC22I0Wu8HsAAAAAO7-____8WTvZ3dV2R9i9EDGMlrZRiubcTAZGWYrk8kxW84mo9Vw49jNLKaV9zhlZisx0BMR-gIR9yLyux1Ou0U6kAhNp8Pnutfrfr-73mG32zV-t0UskKiMh5fl6XbZTRfpQCJ3mX5_y9dfctkcrrPpIhZIBH_P0_T02y3SgUTiN53-botYINEc_ZbT3eF2WaQDid5ht1vEAonsYXk67KaLdCCROcxm09Hyd_2MFvX9JmwxWk0mm-VwtlxMBsPRcDTan0CuBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBihYNJqvRaLKYDFejyWq2XOx2G6Ro1Wo22gyGq9lkttuthoPhcjTCCVuMVpPJZjmcLReTwXA0HI2GCBOW4WiwWK3cCsNm5hZNHB63cLjZrSWL3WiyGCxXDo9xLXp9TMfhbrYbDLcoGPC3F8FFOhE5PY_X5617mnwu01vvsNstYonmZJFOZJd9xzJa2UYrm3EwGRlmK5PJMVvOJqPVcOPYzSymlb9hGY4Gi9XKrTBsZm7RxOFxC4eb3Vqy2I0mi8Fy5fAY16LXx3Qc7ma7wXDfmG1ms-FwMhvtG7PNbDYcTmajfYfJ9Ex9zkbTX2PwmLzRaDWklJkPCpfB4v1JTItpd3bw_H5Hp8oZeRZ0RuHle_QaFJ6DRzUdn_0617j6tVZU3oNBEUsEp4t0InoZTxexRPK0SCfKmc23nFgcC4trMZzZbM7ZyLMxOVwb22DmMDlcE7FEabpIJ3qZy-SyPMxujd91Ob31lpPL8nlLnCaX3fMW-a1u0d-tOf0Nb5XxdHl4TE-7zy1ymB5umeXvdguOfrvL89bb3ILL3-rymN6yl-VpenjeMr_rbnJZ3lKH2-V5670ul81lUf-xIRdzxXI5VyyGc91olQAAAAAAAAAAljBn3gQAAADgNJDJaDhaLRcAAmdRFxgEAAAAAABg9x5silJb5uuiuPFjCXJ6Hq_PW_c0-Vymt95ht1sZ4MFpkXmzZ4JYq9WyBgAAEMAGAAAIyM6tm7eAMEsO!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:542e:84b1:1361:c28e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:46 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 9031
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=e67ad1e9-4369-11ec-b9ca-18b2794d0206&orig=video&us_privacy=1---gdpr=1&
0
229 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=e67ad1e9-4369-11ec-b9ca-18b2794d0206&orig=video&us_privacy=1---gdpr=1&
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7uckCFgNjSzY4k9p6fwRjSzY4k9p6fwUAAAAGBuIHG7AajngjBoW12012m8VuMhmslrPBYLDaDWEDVsMRb8SgsHa7yW6z2C0Wk9lmNhnNdsspBCLuReR3O5x2i3QgEZpOh891r9f9fne9w263a_xui1ggURkPL8vT7bKbLtKBRO4y_f6Wr7_ksjlcZ9NFLJAI_p6n6em3W6QDicRvOv3dFrFAojn6Lae7w-2ySAcSvcNut4gFEtnD8nTYTRfpQCJzmM2mo-Xv-hkt6jcEBqLpdPhc93rd73fXO-x2u8bv9stcJpflYXZr_K7L6a23nFyWz1viNLnsnrfIb3WL_m7N6W94q4yny8Njetp9bpHD9HDLLH-3W3D0212et97mFlz-VpfH9Ja9LE_Tw_OW-V13k8vyljrcLs9b73W5bC6_HAAAAAAeAI7GYyF-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAAKUqM0AKA4FN7isnxOJ7_l5g8AgAcFEAAAAQwSgAG3phIACbKwEwAAAAAAAAAAlv____8YgL2AaRmAC8CxHoAHH4AHogLFIkYAAAAAW8d2SkeTOqGyqAIAIEi3ArgCAAjok8DxLwoDAAAIEJO9n91VZX-IGVugh8XvNzvsGr_bZQAAAAAAAAAAZv9n_2hCPVwpaUEkUexqv4AAAGu_gAAAbOoGAPAmABdygYFoOh0-171e9_vd9Q673a7xu_0yl8lleZjdGr_rcnrrLSeX5fOWOE0uu-ct8lvdor9bc_ob3irj6fLwmJ52n1vkMD3cMsvf7RYc_XaX5623uQWXv9XlMb1lL8vT9PC8ZX7X3eSyvKUOt8vz1ntdLpvLLzqCVgwGq1OI3XC22I0Wu8HsAAAAAO7-____8WTvZ3dV2R9i9EDGMlrZRiubcTAZGWYrk8kxW84mo9Vw49jNLKaV9zhlZisx0BMR-gIR9yLyux1Ou0U6kAhNp8Pnutfrfr-73mG32zV-t0UskKiMh5fl6XbZTRfpQCJ3mX5_y9dfctkcrrPpIhZIBH_P0_T02y3SgUTiN53-botYINEc_ZbT3eF2WaQDid5ht1vEAonsYXk67KaLdCCROcxm09Hyd_2MFvX9JmwxWk0mm-VwtlxMBsPRcDTan0CuBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBihYNJqvRaLKYDFejyWq2XOx2G6Ro1Wo22gyGq9lkttuthoPhcjTCCVuMVpPJZjmcLReTwXA0HI2GCBOW4WiwWK3cCsNm5hZNHB63cLjZrSWL3WiyGCxXDo9xLXp9TMfhbrYbDLcoGPC3F8FFOhE5PY_X5617mnwu01vvsNstYonmZJFOZJd9xzJa2UYrm3EwGRlmK5PJMVvOJqPVcOPYzSymlb9hGY4Gi9XKrTBsZm7RxOFxC4eb3Vqy2I0mi8Fy5fAY16LXx3Qc7ma7wXDfmG1ms-FwMhvtG7PNbDYcTmajfYfJ9Ex9zkbTX2PwmLzRaDWklJkPCpfB4v1JTItpd3bw_H5Hp8oZeRZ0RuHle_QaFJ6DRzUdn_0617j6tVZU3oNBEUsEp4t0InoZTxexRPK0SCfKmc23nFgcC4trMZzZbM7ZyLMxOVwb22DmMDlcE7FEabpIJ3qZy-SyPMxujd91Ob31lpPL8nlLnCaX3fMW-a1u0d-tOf0Nb5XxdHl4TE-7zy1ymB5umeXvdguOfrvL89bb3ILL3-rymN6yl-VpenjeMr_rbnJZ3lKH2-V5670ul81lUf-xIRdzxXI5VyyGc91olQAAAAAAAAAAljBn3gQAAADgNJDJaDhaLRcAAmdRFxgEAAAAAABg9x5silJb5uuiuPFjCXJ6Hq_PW_c0-Vymt95ht1sZ4MFpkXmzZ4JYq9WyBgAAEMAGAAAIyM6tm7eAMEsO!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:45 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
8180

Redirect headers

Date
Fri, 12 Nov 2021 03:37:45 GMT
Server
nginx
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=e67ad1e9-4369-11ec-b9ca-18b2794d0206&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
2
Connection
keep-alive
Content-Length
0
sync
x.bidswitch.net/ Frame 9031 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7uckCFgNjSzY4k9p6fwRjSzY4k9p6fwUAAAAGBuIHG7AajngjBoW12012m8VuMhmslrPBYLDaDWEDVsMRb8SgsHa7yW6z2C0Wk9lmNhnNdsspBCLuReR3O5x2i3QgEZpOh891r9f9fne9w263a_xui1ggURkPL8vT7bKbLtKBRO4y_f6Wr7_ksjlcZ9NFLJAI_p6n6em3W6QDicRvOv3dFrFAojn6Lae7w-2ySAcSvcNut4gFEtnD8nTYTRfpQCJzmM2mo-Xv-hkt6jcEBqLpdPhc93rd73fXO-x2u8bv9stcJpflYXZr_K7L6a23nFyWz1viNLnsnrfIb3WL_m7N6W94q4yny8Njetp9bpHD9HDLLH-3W3D0212et97mFlz-VpfH9Ja9LE_Tw_OW-V13k8vyljrcLs9b73W5bC6_HAAAAAAeAI7GYyF-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAAKUqM0AKA4FN7isnxOJ7_l5g8AgAcFEAAAAQwSgAG3phIACbKwEwAAAAAAAAAAlv____8YgL2AaRmAC8CxHoAHH4AHogLFIkYAAAAAW8d2SkeTOqGyqAIAIEi3ArgCAAjok8DxLwoDAAAIEJO9n91VZX-IGVugh8XvNzvsGr_bZQAAAAAAAAAAZv9n_2hCPVwpaUEkUexqv4AAAGu_gAAAbOoGAPAmABdygYFoOh0-171e9_vd9Q673a7xu_0yl8lleZjdGr_rcnrrLSeX5fOWOE0uu-ct8lvdor9bc_ob3irj6fLwmJ52n1vkMD3cMsvf7RYc_XaX5623uQWXv9XlMb1lL8vT9PC8ZX7X3eSyvKUOt8vz1ntdLpvLLzqCVgwGq1OI3XC22I0Wu8HsAAAAAO7-____8WTvZ3dV2R9i9EDGMlrZRiubcTAZGWYrk8kxW84mo9Vw49jNLKaV9zhlZisx0BMR-gIR9yLyux1Ou0U6kAhNp8Pnutfrfr-73mG32zV-t0UskKiMh5fl6XbZTRfpQCJ3mX5_y9dfctkcrrPpIhZIBH_P0_T02y3SgUTiN53-botYINEc_ZbT3eF2WaQDid5ht1vEAonsYXk67KaLdCCROcxm09Hyd_2MFvX9JmwxWk0mm-VwtlxMBsPRcDTan0CuBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBihYNJqvRaLKYDFejyWq2XOx2G6Ro1Wo22gyGq9lkttuthoPhcjTCCVuMVpPJZjmcLReTwXA0HI2GCBOW4WiwWK3cCsNm5hZNHB63cLjZrSWL3WiyGCxXDo9xLXp9TMfhbrYbDLcoGPC3F8FFOhE5PY_X5617mnwu01vvsNstYonmZJFOZJd9xzJa2UYrm3EwGRlmK5PJMVvOJqPVcOPYzSymlb9hGY4Gi9XKrTBsZm7RxOFxC4eb3Vqy2I0mi8Fy5fAY16LXx3Qc7ma7wXDfmG1ms-FwMhvtG7PNbDYcTmajfYfJ9Ex9zkbTX2PwmLzRaDWklJkPCpfB4v1JTItpd3bw_H5Hp8oZeRZ0RuHle_QaFJ6DRzUdn_0617j6tVZU3oNBEUsEp4t0InoZTxexRPK0SCfKmc23nFgcC4trMZzZbM7ZyLMxOVwb22DmMDlcE7FEabpIJ3qZy-SyPMxujd91Ob31lpPL8nlLnCaX3fMW-a1u0d-tOf0Nb5XxdHl4TE-7zy1ymB5umeXvdguOfrvL89bb3ILL3-rymN6yl-VpenjeMr_rbnJZ3lKH2-V5670ul81lUf-xIRdzxXI5VyyGc91olQAAAAAAAAAAljBn3gQAAADgNJDJaDhaLRcAAmdRFxgEAAAAAABg9x5silJb5uuiuPFjCXJ6Hq_PW_c0-Vymt95ht1sZ4MFpkXmzZ4JYq9WyBgAAEMAGAAAIyM6tm7eAMEsO!&excid=22&docw=0&cijs=1&nlb=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.90.196 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-90-196.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:37:45 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
/
ads57.adtelligent.com/display/ Frame FBAC 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads57.adtelligent.com/display/?adid=39B6835BB354F397&aid=500592&cb=1684978975
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5147::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
cf1ea092633db48d56088c6998f565e2c0d3103af54dfe7836b8c796fe1c06c8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:37:45 GMT
Content-Encoding
gzip
Server
VertaMedia 1.0
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
https://www.oann.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Length
13750
tracking.php
served-by.pixfuture.com/www/headerbid/library/tracking/ Frame 3239 		0
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/headerbid/library/tracking/tracking.php
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:45 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
max-age=172800
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Sun, 14 Nov 2021 03:37:45 GMT
embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.29715ca2e27538cc4c88.js
platform.twitter.com/embed/ Frame C1E4 		383 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.29715ca2e27538cc4c88.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.5b28e1eb2ce7e3cfb96b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.25 Playa Vista, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67A8) /
Resource Hash
7abdd47254800f35ffef0fc434fa7fcf432e13651b27670b2e6f8e08143d4b00

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1458904181540995079&lang=en&origin=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&sessionId=6cdd71d210df1c09d32d5179b0a61410ce4fe9c9&theme=light&widgetsVersion=f001879%3A1634581029404&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:37:45 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Nov 2021 23:26:51 GMT
Server
ECS (frb/67A8)
Age
187308
Etag
"28a37f9b17808aa66f17b1c227be059e+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
96013
embed.vendors~ondemand.Tweet.215918e9c83880e27bc2.js
platform.twitter.com/embed/ Frame C1E4 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.Tweet.215918e9c83880e27bc2.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.5b28e1eb2ce7e3cfb96b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.25 Playa Vista, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6711) /
Resource Hash
0e8670554443313b972c10ae1a34baeb408d060fc5e82c6a358f77d7e98dd15e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1458904181540995079&lang=en&origin=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&sessionId=6cdd71d210df1c09d32d5179b0a61410ce4fe9c9&theme=light&widgetsVersion=f001879%3A1634581029404&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:37:45 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Nov 2021 23:26:51 GMT
Server
ECS (frb/6711)
Age
187308
Etag
"c247e426d2ec154064a87aaff54defce+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
5857
embed.ondemand.Tweet.491eda648dcd5ba41f52.js
platform.twitter.com/embed/ Frame C1E4 		66 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.Tweet.491eda648dcd5ba41f52.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.5b28e1eb2ce7e3cfb96b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.25 Playa Vista, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67DF) /
Resource Hash
ad08bd3100213ec0dee3b3dc030401d6d98c9e61f5719e6296ed7cbdc6ea3588

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1458904181540995079&lang=en&origin=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&sessionId=6cdd71d210df1c09d32d5179b0a61410ce4fe9c9&theme=light&widgetsVersion=f001879%3A1634581029404&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:37:45 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Nov 2021 23:26:51 GMT
Server
ECS (frb/67DF)
Age
187308
Etag
"a7263afbfe059e9c928fa468a7e9ab79+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
15943
tweet
cdn.syndication.twimg.com/ Frame C1E4 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.syndication.twimg.com/tweet?features=tfw_experiments_cookie_expiration%3A1209600%3Btfw_horizon_tweet_embed_9555%3Ahte%3Btfw_space_card%3Aoff&id=1458904181540995079&lang=en
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.modules.66e311263622456867b1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lcy/1D6B) / Express
Resource Hash
402ad6873594f3308b4c812c4a5e608a6f34a44144d29d6a20a1779675609184
Security Headers
Name Value
Content-Security-Policy connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
content-encoding
gzip
etag
W/"547-+V5xgURN405pgL/rhXTTSsSqfSs"
age
52
x-powered-by
Express
x-cache
HIT
access-control-allow-methods
GET
strict-transport-security
max-age=631138519
content-length
733
x-xss-protection
0
x-response-time
139
last-modified
Fri, 12 Nov 2021 03:36:54 GMT
server
ECS (lcy/1D6B)
x-frame-options
SAMEORIGIN
date
Fri, 12 Nov 2021 03:37:46 GMT
vary
Accept-Encoding
x-tw-cdn
VZ, VZ
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=60
access-control-allow-credentials
true
x-connection-hash
a3d42c872e09ed9d6071e43b42bca13035960a8bd994a7649538021df82cd0b9
accept-ranges
bytes
x-content-type-options
nosniff
access-contol-allow-origin
platform.twitter.com
sync.js
ads57.adtelligent.com/ Frame FBAC 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads57.adtelligent.com/sync.js?aid=500592
Requested by
Host: ads57.adtelligent.com
URL: https://ads57.adtelligent.com/display/?adid=39B6835BB354F397&aid=500592&cb=1684978975
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5147::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e36bee9cb76dfe1db7283acdcdb0d9a74776df04ca9f0d80cb73293bcefcd35f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:37:45 GMT
Content-Encoding
gzip
Server
VertaMedia 1.0
Content-Type
text/javascript
Access-Control-Allow-Origin
https://www.oann.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Length
1019
campaign
ads57.adtelligent.com/tracking/ Frame FBAC 		43 B
414 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads57.adtelligent.com/tracking/campaign?code=2001&dae=false&cec=true&adid=39B6835BB354F397&cmpId=529070&aid=500592&i_top_domain=https%3A%2F%2Fwww.oann.com&event=1
Requested by
Host: ads57.adtelligent.com
URL: https://ads57.adtelligent.com/display/?adid=39B6835BB354F397&aid=500592&cb=1684978975
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5147::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.oann.com
Date
Fri, 12 Nov 2021 03:37:45 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
campaign
ads57.adtelligent.com/tracking/ Frame FBAC 		43 B
414 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads57.adtelligent.com/tracking/campaign?code=0&adid=39B6835BB354F397&cmpId=529070&aid=500592&i_top_domain=https%3A%2F%2Fwww.oann.com&event=1
Requested by
Host: ads57.adtelligent.com
URL: https://ads57.adtelligent.com/display/?adid=39B6835BB354F397&aid=500592&cb=1684978975
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5147::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.oann.com
Date
Fri, 12 Nov 2021 03:37:45 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
campaign
ads57.adtelligent.com/tracking/ Frame FBAC 		43 B
414 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads57.adtelligent.com/tracking/campaign?code=2003&nested=0&adid=39B6835BB354F397&cmpId=529070&aid=500592&i_top_domain=https%3A%2F%2Fwww.oann.com&event=1
Requested by
Host: ads57.adtelligent.com
URL: https://ads57.adtelligent.com/display/?adid=39B6835BB354F397&aid=500592&cb=1684978975
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5147::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.oann.com
Date
Fri, 12 Nov 2021 03:37:45 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
nmedianet.js
contextual.media.net/ Frame 3B5A 		130 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CUL2446F
Requested by
Host: ads57.adtelligent.com
URL: https://ads57.adtelligent.com/display/?adid=39B6835BB354F397&aid=500592&cb=1684978975
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f6322dd58c45c38fb430b9d673a5bccdcdbcf19681870e03c163e7595fd13646
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-mnt-h
8-32
content-encoding
gzip
server
Apache
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
etag
"b4083998de6c4095e4767f8db4313280"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
date
Fri, 12 Nov 2021 03:37:46 GMT
strict-transport-security
max-age=604800
x-mnt-w
8-21
expires
Fri, 12 Nov 2021 03:42:46 GMT
log
qsearch-a.akamaihd.net/ Frame 3B5A 		35 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&lper=&app_type=appnexus&bdr_typ=2&ss_d1=0&ogerpm=0.0000&ss_d2=0&stid=19372499&other_prv=9&jar_err=&current_day=5.0&req_id=4933841748388469148&bd_m3=0.0000&dmm_d36=NA&bidfp=0.0660&bd_m2=0.0000&bd_m1=0.0000&ugd=4&dim10=false&predicted_wr=13.0141&exp=&second_bidder=*&search_res=48&floor_bucket=0.05&seat=&size=300x250&url_l1=federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe&f_seg=&prdp=0.0988&local_wr_url=0.0000&ogcbdp=0.1900&dfpbd=0.0988&server=1&ogerpm_wd_bkt=0-1&model_version=202111112113_generic_appn_2-dn_1&viewability=0.3200&dmm_r=2.0740&cut=48&dmm_l=0.0120&as_cache=0&tcyerpm=&sc=BY&send_erpm=true&dmm_m9=0.0000&sd=0&seg=&dmm_m4=0.0000&erpm_bucket=0.00&ugd_ver=&requrl=oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/&bidrestime=1636688265415&cc=DE&strg=harmony&ss=&current_hour=3&time_stamp=2021-11-12+03:37:45&model_key=generic_appn_2-dn_1&rvshhon=&mul_ratio=0.0000&bdp=0.1900&ct=Oberstdorf&akey=&mnckfl=0&bdp_bucket=0.20&algo=default&dc=eu_be&splid=19372499&dim4=exploration&dn=oann.com&ua=Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/95.0.4638.54+Safari/537.36&dmm_m10=463366&bdp_wider_bucket=1&acid=4933841748388469148_6212596354550269364&infl=&o_ver=NT+10.0&br_ver=95.0.4638.54&bdmm_m6=0.0000&bdmm_m7=1.5080&bdmm_m5=0.0000&ver=8.3&totalTimeBucket=3&visibility=0&totalTime=3215940&dmm_m1=2021-11-12+03:37:45.417222538&e_rpm=0.2390&dmm_m22=0.0000&gdpr=&vsid=EEA0000&log_less=false&ogerpm_used=false&bdmm_m12=1.5080&cid=8CU6M287B&rawbid=0.1900&sub_bidder=0&pbshr=100.0000&dmm_d10=0&o_id=101&clisp=rtb-common-5b7d448845-km5n8.BE&dfp_bucket=0.10&adblk=&itype=appnexus&pvid_seat=9&cliIP=1539798528&advurl=content.businessinfoline.com/&level_base=0&crid=856004011&sat=1&br_id=265&cut_bkt=50&iwb=1&dmm_d22=0.01&second_bid=0.000000&sc_pvid=9&capd=0&other_bids=0.19
Requested by
Host: ads57.adtelligent.com
URL: https://ads57.adtelligent.com/display/?adid=39B6835BB354F397&aid=500592&cb=1684978975
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.66 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-66.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:46 GMT
Server
Jetty(9.4.35.v20201120)
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Fri, 12 Nov 2021 03:37:46 GMT
adperformance.js
warp.media.net/rtb/resource/ Frame 3B5A 		61 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resource/adperformance.js?v=35e90bcdc8
Requested by
Host: ads57.adtelligent.com
URL: https://ads57.adtelligent.com/display/?adid=39B6835BB354F397&aid=500592&cb=1684978975
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.140.74 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-140-74.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=604800
server
nginx
date
Fri, 12 Nov 2021 03:37:46 GMT
content-type
application/javascript;charset=ISO-8859-1
cache-control
max-age=13310
access-control-allow-credentials
true
content-length
62892
expires
Fri, 12 Nov 2021 07:19:36 GMT
it
fra1-ib.adnxs.com/ Frame 3B5A 		0
803 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/&e=wqT_3QLXBfBM1wIAAAMA1gAFAQiJw7eMBhC0i-zu_-7km1YYoOrzuvz2ys5wKjYJ8tJNYhBYuT8RKNpVSPlJtT8ZAAAAgD0K_z8hKNpVSPlJtT8p8tIJJNgxAAAAwPUovD8w07OeCTjRGECVCUhgUMSDvpEBWIqfigFgAGjb7qEBeNrVBYABAYoBA1VTRJIBAQb0SAKYAawCoAH6AagBAbABALgBAcABBcgBAtABCdgBAOABAPABANgC50PgAsPLWeoCgQFodHRwczovL3d3dy5vYW5uLmNvbS9mZWRlcmFsLWNvdXJ0LW9yZGVycy1iaWRlbnMtZG9qLXRvLXN0b3AtZXh0cmFjdGluZy1kYXRhLWZyb20tcGhvbmVzLW9mLXByb2plY3QtdmVyaXRhcy1mb3VuZGVyLWphbWVzLW9rZWVmZS-AAwCIAwGQAwCYAxSgAwGqA0ESGDQ5MzM4NDE3NDgzODg0NjkxNDhfc2JpZBoTNjIxMjU5NjM1NDU1MDI2OTM2NCIJMzA1MTAzMzAwKgVNMTE3M8ADrALIAwDYA53IpwHgAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBA05MS4xOTkuMTE4Ljc0qAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBADwBMSDvpEB-gQSCQAAAOA0D0lAEQAAAKBcXiFAiAUBmAUAoAWcs7-1392hvESqBRAzOUI2ODM1QkIzNTRGMzk3wAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF9aQJ-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBq_xAdoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwgAEAAYACAAMAA4ugZAAMgH2tUF0gcNCQAAAAAAAAAAEAAYANoHBggAEAAYAOAHAOoHAggA8Ae66wM.&s=3f2b5502f38eebcb358d1eb01d0608c155925156&pp=0.0830
Requested by
Host: ads57.adtelligent.com
URL: https://ads57.adtelligent.com/display/?adid=39B6835BB354F397&aid=500592&cb=1684978975
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:45 GMT
X-Proxy-Origin
91.199.118.74; 91.199.118.74; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
c152374d-c003-49cc-b5b1-d5c2afd380a9
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
trk.js
cdn.adnxs.com/v/s/221/ Frame 3B5A 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/221/trk.js
Requested by
Host: ads57.adtelligent.com
URL: https://ads57.adtelligent.com/display/?adid=39B6835BB354F397&aid=500592&cb=1684978975
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
5beecaeceee4fae5080c40d2ad96dd7c0b7e5a9bc242fbe2b99ab1276aaaae94

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:37:45 GMT
Content-Encoding
gzip
Age
841121
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
29240
X-Served-By
cache-lga21932-LGA, cache-fra19130-FRA
Access-Control-Allow-Origin
*, *
Last-Modified
Tue, 02 Nov 2021 09:57:21 GMT
Server
AkamaiNetStorage
X-Timer
S1636688266.994131,VS0,VE0
ETag
"f0105ab6d7d1878d827eb99659d44d8f:1635847041.806544"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Via
1.1 varnish, 1.1 varnish
Expires
Wed, 02 Nov 2022 09:59:04 GMT
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
1, 1906601
score.min.js
js.ad-score.com/ Frame FBAC 		310 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.ad-score.com/score.min.js?pid=1000152
Requested by
Host: ads57.adtelligent.com
URL: https://ads57.adtelligent.com/display/?adid=39B6835BB354F397&aid=500592&cb=1684978975
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:ce00:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
5c8d982e95c7ec847815c750b1948bd3cb2e007cfc04298036fe98f8f6af7756

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 11 Nov 2021 17:41:08 GMT
Content-Encoding
gzip
Age
35798
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Access-Control-Allow-Origin
*
Last-Modified
Thu, 11 Nov 2021 17:41:08 GMT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Via
1.1 615f944336054ae07b8e7c415ddbad45.cloudfront.net (CloudFront)
Cache-Control
public, max-age=86400
Access-Control-Allow-Credentials
true
X-Amz-Cf-Pop
FRA60-P2
Access-Control-Allow-Headers
Cache-Control
X-Amz-Cf-Id
60IH2sqAh2gDpiMTP64BW__GSvcdhZZ0KLz19483D4NVqQAq8V1nUA==
Expires
Fri, 12 Nov 2021 17:41:08 GMT
request
aux-log2-ah.adtelligent.com/scoring/ Frame FBAC 		0
0
impression
ads57.adtelligent.com/tracking/ Frame FBAC 		43 B
414 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads57.adtelligent.com/tracking/impression?creativeType=&inViewEnabled=true&inViewEvent=undefined&inViewSec=undefined&width=0&height=0&cmpId=529070&nestedLevel=0&tti=123&ttiFromStart=22&adid=39B6835BB354F397&aid=500592&i_top_domain=https%3A%2F%2Fwww.oann.com
Requested by
Host: ads57.adtelligent.com
URL: https://ads57.adtelligent.com/display/?adid=39B6835BB354F397&aid=500592&cb=1684978975
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5147::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.oann.com
Date
Fri, 12 Nov 2021 03:37:45 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
csync
sync.adtelligent.com/ Frame 5147
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D
  • https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=dcd0568f-0725-4172-8200-f3ef41aa761a
0
0
sync.html
s.console.adtarget.com.tr/ Frame 1D8D 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=609096
Requested by
Host: ads57.adtelligent.com
URL: https://ads57.adtelligent.com/sync.js?aid=500592
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5139::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
b49c16c9ff5eb6a3215c8fb60d2af437b51553818e478106b24ad635114e6204

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/

Response headers

Server
VertaMedia 1.0
Date
Fri, 12 Nov 2021 03:37:45 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
880
Access-Control-Allow-Origin
https://www.oann.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
d
ic.tynt.com/r/ Frame 5F0E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Requested by
Host: ads57.adtelligent.com
URL: https://ads57.adtelligent.com/sync.js?aid=500592
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.186 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip186.208-100-17.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/

Response headers

server
nginx/1.16.1
date
Fri, 12 Nov 2021 03:37:46 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
/
onetag-sys.com/usync/ Frame C675 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Requested by
Host: ads57.adtelligent.com
URL: https://ads57.adtelligent.com/sync.js?aid=500592
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
/
ads.us.e-planning.net/uspd/1/ Frame 060E
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Requested by
Host: ads57.adtelligent.com
URL: https://ads57.adtelligent.com/sync.js?aid=500592
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 Aalsmeer, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
b1a85e21ff9fb900f35f49ca67d4904a300f99ec3a318dd419fcf1782b81584b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/

Response headers

server
openresty
date
Fri, 12 Nov 2021 03:37:46 GMT
content-type
text/html
cache-control
max-age=0, no-cache
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
expires
Fri, 12 Nov 2021 03:37:46 GMT
x-sid
AMS-731
content-encoding
gzip

Redirect headers

server
openresty
date
Fri, 12 Nov 2021 03:37:46 GMT
content-type
text/html; charset=iso-8859-1
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
x-sid
AMS-731
sync.html
s.adtelligent.com/ Frame 7D7B 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=651796
Requested by
Host: ads57.adtelligent.com
URL: https://ads57.adtelligent.com/sync.js?aid=500592
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5139::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
373d499fc663925468122681df40e34455d7883c2c1ebba57aa22990fc38853c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/

Response headers

Server
VertaMedia 1.0
Date
Fri, 12 Nov 2021 03:37:45 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
786
Access-Control-Allow-Origin
https://www.oann.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
csync
sync.adtelligent.com/ Frame FBAC 		0
0
csync
sync.adtelligent.com/ Frame FBAC
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=59aa3052-ff19-4751-90ca-53cfef66db91
0
0
csync
sync.adtelligent.com/ Frame FBAC
Redirect Chain
  • https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D
  • https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=869d1979-d4d7-48b6-8296-b1c99ad5eb73
0
0
prebidserver
lockerdome.com/usync/ Frame FBAC 		43 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lockerdome.com/usync/prebidserver?pid=11201047612067584&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D285400%26extuid%3D%7B%7Buid%7D%7D
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.142.154.104.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:37:46 GMT
Cache-Control
no-cache, max-age=0, must-revalidate, no-store
Content-Type
image/gif
ETag
W/"2b-J5MV1QeFXGpDUeHiwvOd2c0vzNg"
Content-Length
43
P3P
CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
csync
sync.adtelligent.com/ Frame FBAC
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=f84f02358cfc80548d3f33c7
0
0
csync
sync.adtelligent.com/ Frame FBAC
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=7051991869510472897
0
0
usync.html
eus.rubiconproject.com/ Frame 64F4
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
  • https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7uckCFgNjSzY4k9p6fwRjSzY4k9p6fwUAAAAGBuIHG7AajngjBoW12012m8VuMhmslrPBYLDaDWEDVsMRb8SgsHa7yW6z2C0Wk9lmNhnNdsspBCLuReR3O5x2i3QgEZpOh891r9f9fne9w263a_xui1ggURkPL8vT7bKbLtKBRO4y_f6Wr7_ksjlcZ9NFLJAI_p6n6em3W6QDicRvOv3dFrFAojn6Lae7w-2ySAcSvcNut4gFEtnD8nTYTRfpQCJzmM2mo-Xv-hkt6jcEBqLpdPhc93rd73fXO-x2u8bv9stcJpflYXZr_K7L6a23nFyWz1viNLnsnrfIb3WL_m7N6W94q4yny8Njetp9bpHD9HDLLH-3W3D0212et97mFlz-VpfH9Ja9LE_Tw_OW-V13k8vyljrcLs9b73W5bC6_HAAAAAAeAI7GYyF-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAAKUqM0AKA4FN7isnxOJ7_l5g8AgAcFEAAAAQwSgAG3phIACbKwEwAAAAAAAAAAlv____8YgL2AaRmAC8CxHoAHH4AHogLFIkYAAAAAW8d2SkeTOqGyqAIAIEi3ArgCAAjok8DxLwoDAAAIEJO9n91VZX-IGVugh8XvNzvsGr_bZQAAAAAAAAAAZv9n_2hCPVwpaUEkUexqv4AAAGu_gAAAbOoGAPAmABdygYFoOh0-171e9_vd9Q673a7xu_0yl8lleZjdGr_rcnrrLSeX5fOWOE0uu-ct8lvdor9bc_ob3irj6fLwmJ52n1vkMD3cMsvf7RYc_XaX5623uQWXv9XlMb1lL8vT9PC8ZX7X3eSyvKUOt8vz1ntdLpvLLzqCVgwGq1OI3XC22I0Wu8HsAAAAAO7-____8WTvZ3dV2R9i9EDGMlrZRiubcTAZGWYrk8kxW84mo9Vw49jNLKaV9zhlZisx0BMR-gIR9yLyux1Ou0U6kAhNp8Pnutfrfr-73mG32zV-t0UskKiMh5fl6XbZTRfpQCJ3mX5_y9dfctkcrrPpIhZIBH_P0_T02y3SgUTiN53-botYINEc_ZbT3eF2WaQDid5ht1vEAonsYXk67KaLdCCROcxm09Hyd_2MFvX9JmwxWk0mm-VwtlxMBsPRcDTan0CuBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBihYNJqvRaLKYDFejyWq2XOx2G6Ro1Wo22gyGq9lkttuthoPhcjTCCVuMVpPJZjmcLReTwXA0HI2GCBOW4WiwWK3cCsNm5hZNHB63cLjZrSWL3WiyGCxXDo9xLXp9TMfhbrYbDLcoGPC3F8FFOhE5PY_X5617mnwu01vvsNstYonmZJFOZJd9xzJa2UYrm3EwGRlmK5PJMVvOJqPVcOPYzSymlb9hGY4Gi9XKrTBsZm7RxOFxC4eb3Vqy2I0mi8Fy5fAY16LXx3Qc7ma7wXDfmG1ms-FwMhvtG7PNbDYcTmajfYfJ9Ex9zkbTX2PwmLzRaDWklJkPCpfB4v1JTItpd3bw_H5Hp8oZeRZ0RuHle_QaFJ6DRzUdn_0617j6tVZU3oNBEUsEp4t0InoZTxexRPK0SCfKmc23nFgcC4trMZzZbM7ZyLMxOVwb22DmMDlcE7FEabpIJ3qZy-SyPMxujd91Ob31lpPL8nlLnCaX3fMW-a1u0d-tOf0Nb5XxdHl4TE-7zy1ymB5umeXvdguOfrvL89bb3ILL3-rymN6yl-VpenjeMr_rbnJZ3lKH2-V5670ul81lUf-xIRdzxXI5VyyGc91olQAAAAAAAAAAljBn3gQAAADgNJDJaDhaLRcAAmdRFxgEAAAAAABg9x5silJb5uuiuPFjCXJ6Hq_PW_c0-Vymt95ht1sZ4MFpkXmzZ4JYq9WyBgAAEMAGAAAIyM6tm7eAMEsO!&excid=22&docw=0&cijs=1&nlb=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40019-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 12 Nov 2021 03:37:46 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Date
Fri, 12 Nov 2021 03:37:46 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
usync.html
eus.rubiconproject.com/ Frame 6E8E
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
  • https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8061395&crid=4711345&dast=V7uckCFgNjSzY4k9p6fwRjSzY4k9p6fwUAAAAGBuIHG7AajngjBoW12012m8VuMhmslrPBYLDaDWEDVsMRb8SgsHa7yW6z2C0Wk9lmNhnNdsspBCLuReR3O5x2i3QgEZpOh891r9f9fne9w263a_xui1ggURkPL8vT7bKbLtKBRO4y_f6Wr7_ksjlcZ9NFLJAI_p6n6em3W6QDicRvOv3dFrFAojn6Lae7w-2ySAcSvcNut4gFEtnD8nTYTRfpQCJzmM2mo-Xv-hkt6jcEBqLpdPhc93rd73fXO-x2u8bv9stcJpflYXZr_K7L6a23nFyWz1viNLnsnrfIb3WL_m7N6W94q4yny8Njetp9bpHD9HDLLH-3W3D0212et97mFlz-VpfH9Ja9LE_Tw_OW-V13k8vyljrcLs9b73W5bC6_HAAAAAAeAI7GYyF-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAAKUqM0AKA4FN7isnxOJ7_l5g8AgAcFEAAAAQwSgAG3phIACbKwEwAAAAAAAAAAlv____8YgL2AaRmAC8CxHoAHH4AHogLFIkYAAAAAW8d2SkeTOqGyqAIAIEi3ArgCAAjok8DxLwoDAAAIEJO9n91VZX-IGVugh8XvNzvsGr_bZQAAAAAAAAAAZv9n_2hCPVwpaUEkUexqv4AAAGu_gAAAbOoGAPAmABdygYFoOh0-171e9_vd9Q673a7xu_0yl8lleZjdGr_rcnrrLSeX5fOWOE0uu-ct8lvdor9bc_ob3irj6fLwmJ52n1vkMD3cMsvf7RYc_XaX5623uQWXv9XlMb1lL8vT9PC8ZX7X3eSyvKUOt8vz1ntdLpvLLzqCVgwGq1OI3XC22I0Wu8HsAAAAAO7-____8WTvZ3dV2R9i9EDGMlrZRiubcTAZGWYrk8kxW84mo9Vw49jNLKaV9zhlZisx0BMR-gIR9yLyux1Ou0U6kAhNp8Pnutfrfr-73mG32zV-t0UskKiMh5fl6XbZTRfpQCJ3mX5_y9dfctkcrrPpIhZIBH_P0_T02y3SgUTiN53-botYINEc_ZbT3eF2WaQDid5ht1vEAonsYXk67KaLdCCROcxm09Hyd_2MFvX9JmwxWk0mm-VwtlxMBsPRcDTan0CuBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBihYNJqvRaLKYDFejyWq2XOx2G6Ro1Wo22gyGq9lkttuthoPhcjTCCVuMVpPJZjmcLReTwXA0HI2GCBOW4WiwWK3cCsNm5hZNHB63cLjZrSWL3WiyGCxXDo9xLXp9TMfhbrYbDLcoGPC3F8FFOhE5PY_X5617mnwu01vvsNstYonmZJFOZJd9xzJa2UYrm3EwGRlmK5PJMVvOJqPVcOPYzSymlb9hGY4Gi9XKrTBsZm7RxOFxC4eb3Vqy2I0mi8Fy5fAY16LXx3Qc7ma7wXDfmG1ms-FwMhvtG7PNbDYcTmajfYfJ9Ex9zkbTX2PwmLzRaDWklJkPCpfB4v1JTItpd3bw_H5Hp8oZeRZ0RuHle_QaFJ6DRzUdn_0617j6tVZU3oNBEUsEp4t0InoZTxexRPK0SCfKmc23nFgcC4trMZzZbM7ZyLMxOVwb22DmMDlcE7FEabpIJ3qZy-SyPMxujd91Ob31lpPL8nlLnCaX3fMW-a1u0d-tOf0Nb5XxdHl4TE-7zy1ymB5umeXvdguOfrvL89bb3ILL3-rymN6yl-VpenjeMr_rbnJZ3lKH2-V5670ul81lUf-xIRdzxXI5VyyGc91olQAAAAAAAAAAljBn3gQAAADgNJDJaDhaLRcAAmdRFxgEAAAAAABg9x5silJb5uuiuPFjCXJ6Hq_PW_c0-Vymt95ht1sZ4MFpkXmzZ4JYq9WyBgAAEMAGAAAIyM6tm7eAMEsO!&cmcv=&pix=undefined&cb=1636688265231&uv=3065&tms=1636688265231&abt=adh5c-1_vA!adh5c_vA!t45!ufm&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=058D7DAB5772731722059600057&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40019-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 12 Nov 2021 03:37:46 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Date
Fri, 12 Nov 2021 03:37:46 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
jot
syndication.twitter.com/i/ Frame C1E4 		43 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1636688265669%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22results%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%22f001879%3A1634581029404%22%2C%22dnt%22%3Atrue%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%222b31904%3A1636484198898%22%2C%22item_ids%22%3A%5B%221458904181540995079%22%5D%2C%22item_details%22%3A%7B%221458904181540995079%22%3A%7B%22item_type%22%3A0%7D%7D%7D&dnt=1
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.72 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
109
pragma
no-cache
last-modified
Fri, 12 Nov 2021 03:37:46 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
fdba8230757dc1ad4d70aaabb8a5a1377237a3bf93f0bd55217fc7cd7ad2b466
x-transaction
26c26fc522b8824f
expires
Tue, 31 Mar 1981 05:00:00 GMT
smtr
contextual.media.net/ Frame 3B5A 		78 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=1&cid=8CUL2446F&cpcd=XwoV-NCuQXHq_FbmS-SljQ%3D%3D&crid=421632617&size=300x250&cc=DE&chnm=HARMONY&pid=8PO15FLE3&tpid=T92M8NE&https=1&vif=1&requrl=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&nse=5&vi=1636688266572666372&lw=1&ugd=4&adt1=8CU6M287B&adt2=856004011&bcpf=B48fOnRrolnfOur8/44qqq4z&bdrId=9&katbid=-103&ntv=0&katpre=1&nb=1&adomain=https%3A%2F%2Fcontent.businessinfoline.com
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUL2446F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6fb68421a36469862d282355231ad2ed9721295167f92a9dd905ccfb1b85b185
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:46 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=604800
content-length
26480
expires
Fri, 12 Nov 2021 03:37:46 GMT
checksync.php
contextual.media.net/ Frame 9988 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CUL2446F&https=1&itype=CM
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
709033745e0a4c31005075fbee6efd0625b52ae985cfbd0dc9efba6cd0e935b2
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/

Response headers

server
Apache
content-type
text/html; charset=UTF-8
x-mnet-hl2
E
strict-transport-security
max-age=604800
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=172800
expires
Sun, 14 Nov 2021 03:37:46 GMT
date
Fri, 12 Nov 2021 03:37:46 GMT
content-length
5715
bping.php
lg3.media.net/ Frame 3B5A 		35 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?&gdpr=1&prid=8PRVCXX19&cid=8CUL2446F&crid=421632617&vi=1636688266572666372&ugd=4&lf=6&cc=DE&sc=HE&lper=100&wsip=2886781338&r=1636688265735&requrl=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&vgd_l2type=sca&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=62240&vgd_rakh=1636688265119662145&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_pgid=p1389283522t202111120337&vgd_pgids=1&vgd_uspa=0&hvsid=00001636688265731015397985285324&gdpr=1&vgd_end=1
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.140.74 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-140-74.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
server
Apache
date
Fri, 12 Nov 2021 03:37:46 GMT
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Fri, 12 Nov 2021 03:37:46 GMT
checksync.php
contextual.media.net/ Frame 3422 		21 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CU6M287B&prvid=99,77,3018,4,246,10000,9,2033&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=APPNEXUS
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2c1582c1dab7b77ffca68fec091dddc182e87610ec23245a3086fd44eeb148ac
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/

Response headers

server
Apache
content-type
text/html; charset=UTF-8
x-mnet-hl2
E
strict-transport-security
max-age=604800
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=172800
expires
Sun, 14 Nov 2021 03:37:46 GMT
date
Fri, 12 Nov 2021 03:37:46 GMT
content-length
7795
clog
hblg.media.net/ Frame 3B5A 		35 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?logid=awlog&prvAccId=421632617&ckfl=0&lper=1&mx_tgs=300x250&cbdp=0.099&mx_nsz=1&csex=0&spSource=0&insl=0&vid=4933841748388469148&pvdTmax=110&s_city=frankfurt+am+main&ltime=16.0&ugd=4&epc=421632617&prvReqId=77509237462110_841242135_856004011191&exp=sfl=false|ssBucket=0|bfl=-100|clt=2|fl_rl=1|ssProfile=0|dbr=1|tpi=1&zip=87561&app=0&ctr=-1.0&exid=31&spFst=0&mx_TAF=2&mx_GCID=0&cliIPType=v4&device_id=4&pexid=APPNEXUS-1798592&ae=false&brsrclk=0&mx_UCC=1&sbdrid=99&prspt=headerBid&concat%3C%3E=IAB12-2
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.140.74 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-140-74.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
max-age=3600
date
Fri, 12 Nov 2021 03:37:46 GMT
server
Apache
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=21600
content-length
35
expires
Fri, 12 Nov 2021 09:37:46 GMT
checksync.php
contextual.media.net/ Frame 258C 		21 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CU6M287B&prvid=99,77,3018,4,246,10000,9,2033&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=APPNEXUS
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2c1582c1dab7b77ffca68fec091dddc182e87610ec23245a3086fd44eeb148ac
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/

Response headers

server
Apache
content-type
text/html; charset=UTF-8
x-mnet-hl2
E
strict-transport-security
max-age=604800
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=172800
expires
Sun, 14 Nov 2021 03:37:46 GMT
date
Fri, 12 Nov 2021 03:37:46 GMT
content-length
7795
async_usersync.html
acdn.adnxs.com/dmp/ Frame 440D 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=3153&pub_id=1798592
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-148.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Content-Type
text/html
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Sat, 13 Nov 2021 03:37:48 GMT
Date
Fri, 12 Nov 2021 03:37:46 GMT
Connection
keep-alive
Vary
Accept-Encoding
rd_log
fra1-ib.adnxs.com/ Frame 3B5A 		0
803 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/&e=wqT_3QKWBfBMlgIAAAMA1gAFAQiJw7eMBhC0i-zu_-7km1YYoOrzuvz2ys5wKjYJ8tJNYhBYuT8RKNpVSPlJtT8ZAAAAgD0K_z8hKNpVSPlJtT8p8tIJJNgxAAAAwPUovD8w07OeCTjRGECVCUhgUMSDvpEBWIqfigFgAGjb7qEBeNrVBYABAYoBA1VTRJIBAQb0IAGYAawCoAH6AagBAbABALgBAcABBcgBAtABCdgBAOABAPABANgC50PgAsPLWeoCgQFodHRwczovL3d3dy5vYW5uLmNvbS9mZWRlcmFsLWNvdXJ0LW9yZGVycy1iaWRlbnMtZG9qLXRvLXN0b3AtZXh0cmFjdGluZy1kYXRhLWZyb20tcGhvbmVzLW9mLXByb2plY3QtdmVyaXRhcy1mb3VuZGVyLWphbWVzLW9rZWVmZS-AAwCIAwGQAwCYAxSgAwGqAwDAA6wCyAMA2AOdyKcB4AMA6AMA-AMDgAQAkgQJL29wZW5ydGIymAQAogQNOTEuMTk5LjExOC43NKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQA8ATEIUTwSfoEEgkAAADgNA9JQBEAAACgXF4hQIgFAZgFAKAFnLO_td_dobxEqgUQMzlCNjgzNUJCMzU0RjM5N8AFAMkFAAAAAAAA8D_SBQkJBQt8AAAA2AUB4AUB8AX1pAn6BQQIABAAkAYAmAYAuAYAwQYBITQAAPA_0Aav8QHaBhYKEAkSGQFcEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPAUlIGAAgADAAOLoGQADIB9rVBdIHDQG9BQEBOAjaBwYJJzDgBwDqBwIIAPAHuusD&s=bf0e7174a7191c611749ea1418fb71ae9c1b1ca6&bdref=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&bdtop=true&bdifs=3&bstk=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F,https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F,https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F,https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:46 GMT
X-Proxy-Origin
91.199.118.74; 91.199.118.74; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
9a467405-5b3d-4b06-ae19-f9de6ee1d514
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame 132F 		254 B
697 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
14335
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
AqVbMloMCfD0JPGPMtYh8HqWku+mU3LCOyBV3RWZDsbuxPPBhmPoCHF3dszT2/Ka3TN0CVxRa9I=
x-served-by
cache-fra19166-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1636688266.185474,VS0,VE0
date
Fri, 12 Nov 2021 03:37:46 GMT
x-amz-request-id
E8X2YXVA73E9K5Z9
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
92
x-cache-hits
1283
zKkpeJkh_normal.jpg
pbs.twimg.com/profile_images/1297514736708452354/ Frame C1E4 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/1297514736708452354/zKkpeJkh_normal.jpg
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67BC) /
Resource Hash
2427ed994cef14dd1cc30416a02b5439ee0201cd32666635fedbe2e67125844a
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:46 GMT
x-content-type-options
nosniff
age
426259
x-cache
HIT
content-length
2187
x-response-time
123
surrogate-key
profile_images profile_images/bucket/5 profile_images/1297514736708452354
last-modified
Sun, 23 Aug 2020 12:41:14 GMT
server
ECS (frb/67BC)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
d90b35c0eb5609242a258ca4fdbc03591cbebbe737062a5bab4e551756b863d8
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
cors
data.ad-score.com/data/ Frame FBAC 		50 B
715 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=WtWkRBGawuvUoCKATHoeLBQpGKgyQFjo-FE7fPshldVrkKDQb03rJEkLJ-E0zCOstiaVbkPg==&pm_ct=08b7edc9f5b6a57154868ea7&pm_pl=1636688265850&pm_td=8&pid=1000152&en=1.1&callback=__pm_glbl_mT6xxTkZjiY8zJ5wiiHRGts6._gc1&v=bf28c17
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000152
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
a58aee6e8647697a305cd3d4e54abd6738d0ef436e7ad1f9c70ebce915be740c

Request headers

Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:46 GMT
Age
0
Access-Control-Allow-Methods
POST
P3p
CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin
https://www.oann.com
Cache-Control
post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/plain; charset=utf-8
Content-Length
50
x.html
js.ad-score.com/ Frame 5C63 		16 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.ad-score.com/x.html?pid=1000152
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000152
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:ce00:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
fea09e4a9d33b00dc8fd1c86941b21949588a97b2f0d6331de0174e397e38850

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/

Response headers

Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400
Content-Encoding
gzip
Last-Modified
Thu, 11 Nov 2021 17:12:59 GMT
Date
Thu, 11 Nov 2021 17:41:08 GMT
X-Cache
Hit from cloudfront
Via
1.1 615f944336054ae07b8e7c415ddbad45.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P2
X-Amz-Cf-Id
eaeuMMYh8iexK6y-epxOkI6YmOdo8nAqeVzS4WJjPAXw9oJgaWSOsw==
Age
35798
truncated
/ Frame 03DA 		266 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame FBAC 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
FD8RnvNVQAcduj7
pbs.twimg.com/media/ Frame C1E4 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/FD8RnvNVQAcduj7?format=jpg&name=small
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6772) /
Resource Hash
a4c16846b9a682488c0d0f6afc74bab563faf25514fddcba5f7309ecb07cfb8c
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:46 GMT
x-content-type-options
nosniff
age
23424
x-cache
HIT
content-length
46241
x-response-time
235
surrogate-key
media media/bucket/8 media/1458904178676285447
last-modified
Thu, 11 Nov 2021 21:05:15 GMT
server
ECS (frb/6772)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
c4146183609aea79d0a18af159214125bd5afc8d0b9c91c114ec1624219f27da
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
campaign
ads57.adtelligent.com/tracking/ Frame FBAC 		43 B
414 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads57.adtelligent.com/tracking/campaign?code=2003&nested=1&adid=39B6835BB354F397&cmpId=529070&aid=500592&i_top_domain=https%3A%2F%2Fwww.oann.com&event=1
Requested by
Host: ads57.adtelligent.com
URL: https://ads57.adtelligent.com/display/?adid=39B6835BB354F397&aid=500592&cb=1684978975
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5147::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.oann.com
Date
Fri, 12 Nov 2021 03:37:45 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
campaign
ads57.adtelligent.com/tracking/ Frame FBAC 		43 B
414 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads57.adtelligent.com/tracking/campaign?code=2002&nested=1&adid=39B6835BB354F397&cmpId=529070&aid=500592&i_top_domain=https%3A%2F%2Fwww.oann.com&event=1
Requested by
Host: ads57.adtelligent.com
URL: https://ads57.adtelligent.com/display/?adid=39B6835BB354F397&aid=500592&cb=1684978975
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5147::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.oann.com
Date
Fri, 12 Nov 2021 03:37:45 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
campaign
ads57.adtelligent.com/tracking/ Frame FBAC 		43 B
414 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads57.adtelligent.com/tracking/campaign?code=2002&nested=1&adid=39B6835BB354F397&cmpId=529070&aid=500592&i_top_domain=https%3A%2F%2Fwww.oann.com&event=1
Requested by
Host: ads57.adtelligent.com
URL: https://ads57.adtelligent.com/display/?adid=39B6835BB354F397&aid=500592&cb=1684978975
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5147::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.oann.com
Date
Fri, 12 Nov 2021 03:37:45 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
campaign
ads57.adtelligent.com/tracking/ Frame FBAC 		43 B
414 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads57.adtelligent.com/tracking/campaign?code=2002&nested=1&adid=39B6835BB354F397&cmpId=529070&aid=500592&i_top_domain=https%3A%2F%2Fwww.oann.com&event=1
Requested by
Host: ads57.adtelligent.com
URL: https://ads57.adtelligent.com/display/?adid=39B6835BB354F397&aid=500592&cb=1684978975
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5147::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.oann.com
Date
Fri, 12 Nov 2021 03:37:45 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
5aec66d4-5e80-4cb5-b7bc-ec69b96ab67c
https://www.oann.com/ Frame FBAC 		720 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.oann.com/5aec66d4-5e80-4cb5-b7bc-ec69b96ab67c
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length
720
Content-Type
application/javascript
cors
data.ad-score.com/data/ Frame FBAC 		1 B
268 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=WtWkRBGawuvUoCKATHoeLBQpGKgyQFjo-FE7fPshldVrkKDQb03rJEkLJ-E0zCOstiaVbkPg==&pm_ct=08b7edc9f5b6a57154868ea7&pm_pl=1636688265850&pm_td=484&pid=1000152&en=1.1&callback=__pm_glbl_mT6xxTkZjiY8zJ5wiiHRGts6._gc2&v=bf28c17
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000152
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.oann.com
Date
Fri, 12 Nov 2021 03:37:46 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
truncated
/ Frame FBAC 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/gif
usync.js
eus.rubiconproject.com/ Frame 64F4 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0ab97734a7744ba95b6c3a25f32fc74029cae9a8b0e65b0f7bdeb4d1ba7b2d70

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:37:46 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Nov 2021 00:01:00 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=12169
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9510
Expires
Fri, 12 Nov 2021 07:00:35 GMT
usync.js
eus.rubiconproject.com/ Frame 6E8E 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0ab97734a7744ba95b6c3a25f32fc74029cae9a8b0e65b0f7bdeb4d1ba7b2d70

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:37:46 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Nov 2021 00:01:00 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=12169
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9510
Expires
Fri, 12 Nov 2021 07:00:35 GMT
um
u-ams02.e-planning.net/ Frame 060E
Redirect Chain
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D679a98072152b165
  • https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=679a98072152b165
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=679a98072152b165
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:46 GMT
server
openresty
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:46 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=679a98072152b165
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
um
sync.e-planning.net/ Frame 060E
Redirect Chain
  • https://sync.1rx.io/usersync2/eplanning
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-d09719eb-9e0b-4fa7-b0cf-b78a75f3cf54-003&rndcb=6389834084
  • https://x.bidswitch.net/ul_cb/sync?ssp=adconductor&user_id=RX-d09719eb-9e0b-4fa7-b0cf-b78a75f3cf54-003&rndcb=6389834084
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=ca55ffaf-b038-4845-a074-417fa5b634be&google_hm=Y2E1NWZmYWYtYjAzOC00ODQ1LWEwNzQtNDE3ZmE1YjYz...
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEFASSOEOef3uoXcbPsHPQQs&google_cver=1&ssp=adconductor&bsw_param=ca55ffaf-b038-4845-a074-417fa5b634be
  • https://sync.1rx.io/usersync/bidswitch/ca55ffaf-b038-4845-a074-417fa5b634be?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-d09719eb-9e0b-4fa7-b0cf-b78a75f3cf54-003?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3DRX-d09719eb-9e0b-4fa7-b0cf-b78a75f3cf54-003%26dc%3D1079...
  • https://sync.e-planning.net/um?uid=RX-d09719eb-9e0b-4fa7-b0cf-b78a75f3cf54-003&dc=1079cc634ca638f8&iss=1
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?uid=RX-d09719eb-9e0b-4fa7-b0cf-b78a75f3cf54-003&dc=1079cc634ca638f8&iss=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
46.249.52.248 Aalsmeer, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:47 GMT
server
openresty
content-type
image/gif

Redirect headers

location
https://sync.e-planning.net/um?uid=RX-d09719eb-9e0b-4fa7-b0cf-b78a75f3cf54-003&dc=1079cc634ca638f8&iss=1
date
Fri, 12 Nov 2021 03:37:47 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXd09719eb9e0b4fa7b0cfb78a75f3cf54003
content-type
text/html
dataxpand_28122020.js
s.e-planning.net/esb/4/1/3fb8/8a4272ba9ae263fe/ Frame 060E 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/8a4272ba9ae263fe/dataxpand_28122020.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
792e8d90eda8320b9bad0aa1aa9b98cb609ac3a72a642e6d370f40131c88ebe4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:46 GMT
content-encoding
gzip
last-modified
Mon, 28 Dec 2020 16:45:03 GMT
server
openresty
etag
W/"5fea0b8f-9a72"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Wed, 11 Nov 2026 03:37:46 GMT
retargetly_030920.js
s.e-planning.net/esb/4/1/3fb8/7bb4893a30d21aef/ Frame 060E 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/7bb4893a30d21aef/retargetly_030920.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
18cbfcb608af5885f7916274b60578d32006c90e8fce3d98dbcc89a646707608

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:46 GMT
content-encoding
gzip
last-modified
Thu, 03 Sep 2020 18:45:03 GMT
server
openresty
etag
W/"5f5139af-857"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Wed, 11 Nov 2026 03:37:46 GMT
um
u-ams02.e-planning.net/ Frame 060E
Redirect Chain
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D679a98072152b165%26uid%3D%24%7BUID%7D
  • https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=679a98072152b165&uid=59aa3052-ff19-4751-90ca-53cfef66db91
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=679a98072152b165&uid=59aa3052-ff19-4751-90ca-53cfef66db91
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:46 GMT
server
openresty
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:46 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=679a98072152b165&uid=59aa3052-ff19-4751-90ca-53cfef66db91
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
8du67r9k80cqfqvu56rvpjub6nk8j9e3
ptag
a.audrte.com/ Frame 060E 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.28.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-28-97.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
7a349630f46773b993f243b2ef0f26a88304fde74466717161d74b09c6a9fd2f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:37:47 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1682
lotame.js
s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/ Frame 060E 		266 B
415 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:46 GMT
content-encoding
gzip
last-modified
Thu, 19 Nov 2020 16:18:03 GMT
server
openresty
etag
W/"5fb69abb-10a"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Wed, 11 Nov 2026 03:37:46 GMT
current
prebid-match.dotomi.com/match/bounce/ Frame 060E 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-match.dotomi.com/match/bounce/current?networkId=72582&version=1&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi%3D679a98072152b165%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:46 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame 060E
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D679a98072152b165
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
95 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
162.55.233.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.233.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:46 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png

Redirect headers

location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
date
Fri, 12 Nov 2021 03:37:46 GMT
server
nginx/1.14.2
content-type
text/html; charset=UTF-8
um
u-ams02.e-planning.net/ Frame 060E
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D679a98072152b165%26uid%3D%24UID
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=679a98072152b165&uid=7051991869510472897
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=679a98072152b165&uid=7051991869510472897
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:46 GMT
server
openresty
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:46 GMT
X-Proxy-Origin
91.199.118.74; 91.199.118.74; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
dcec6d12-6800-4e45-ae60-da1af3e13a06
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=679a98072152b165&uid=7051991869510472897
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
us
sync.go.sonobi.com/ Frame 060E 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3D679a98072152b165%26uid%3D%5BUID%5D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:46 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
um
sync.e-planning.net/ Frame 060E
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58414/occ
  • https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-M2iu6oNE2uH9BCA7nc0lZZ320v3ogD.GRbxXZoA-~A
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-M2iu6oNE2uH9BCA7nc0lZZ320v3ogD.GRbxXZoA-~A
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
46.249.52.248 Aalsmeer, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:46 GMT
server
openresty
content-type
image/gif

Redirect headers

location
https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-M2iu6oNE2uH9BCA7nc0lZZ320v3ogD.GRbxXZoA-~A
date
Fri, 12 Nov 2021 03:37:46 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
um
u-ams02.e-planning.net/ Frame 060E
Redirect Chain
  • https://cs.admanmedia.com/sync/eplanning?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D227acb3d18564968%26fi%3D679a98072152b165%26uid%3D%7B%24UID%7D
  • https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=679a98072152b165&uid=8905320fd96316601b5036f2c7ff5ee29069c9b4
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=679a98072152b165&uid=8905320fd96316601b5036f2c7ff5ee29069c9b4
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:47 GMT
server
openresty
content-type
image/gif

Redirect headers

Location
https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=679a98072152b165&uid=8905320fd96316601b5036f2c7ff5ee29069c9b4
Date
Fri, 12 Nov 2021 03:37:47 GMT
Transfer-Encoding
chunked
Server
nginx
Connection
keep-alive
X-Frame-Options
DENY
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
cors
data.ad-score.com/data/ Frame FBAC 		1 B
268 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=WtWkRBGawuvUoCKATHoeLBQpGKgyQFjo-FE7fPshldVrkKDQb03rJEkLJ-E0zCOstiaVbkPg==&pm_ct=08b7edc9f5b6a57154868ea7&pm_pl=1636688265850&pm_td=523&pid=1000152&en=1.1&callback=__pm_glbl_mT6xxTkZjiY8zJ5wiiHRGts6._gc3&v=bf28c17
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000152
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.oann.com
Date
Fri, 12 Nov 2021 03:37:47 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
cds-pips.js
cdn.taboola.com/scripts/ Frame 132F 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211110-1-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
iYtYacMlAb7PnD4NbVgysKvLj2fov4iK
content-encoding
gzip
etag
"3aa74dbf5cd656dbb65deda2d238ddbd"
age
3489
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
911
x-amz-id-2
qQheTKeQES6bMdCZ/EuMmRskbiEN65W4DOuEKpUxChRbjEcyJKpTEG2fJKFHmn2GKELuYHBGLWM=
x-served-by
cache-fra19166-FRA
last-modified
Wed, 14 Jul 2021 05:06:01 GMT
server
AmazonS3
x-timer
S1636688267.778084,VS0,VE0
date
Fri, 12 Nov 2021 03:37:46 GMT
vary
Accept-Encoding
x-amz-request-id
X0T5G34XC8D2QGE8
via
1.1 varnish
cache-control
private, max-age=3600
accept-ranges
bytes
content-type
application/javascript
abp
92
x-cache-hits
2854
usync.html
eus.rubiconproject.com/ Frame 3D91
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40019-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 12 Nov 2021 03:37:46 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Date
Fri, 12 Nov 2021 03:37:46 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 669E 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D679a98072152b165%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-175.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=68224
expires
Fri, 12 Nov 2021 22:34:50 GMT
date
Fri, 12 Nov 2021 03:37:46 GMT
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame BAF2
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d
  • https://eus.rubiconproject.com/usync.html?p=17184-d
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17184-d
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40019-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 12 Nov 2021 03:37:46 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=17184-d
Date
Fri, 12 Nov 2021 03:37:46 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E805 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-175.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=68224
expires
Fri, 12 Nov 2021 22:34:50 GMT
date
Fri, 12 Nov 2021 03:37:46 GMT
vary
Accept-Encoding
csync
sync.adtelligent.com/ Frame 7D7B
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189529&cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D323546%26extuid%3D
  • https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=YY3hh-hBgT.uGKmO4CBSjQAA%261130
0
0
csync
sync.adtelligent.com/ Frame 7D7B 		0
0
truncated
/ Frame BA05 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame BA05 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
Roboto-Bold.woff
res-a.akamaihd.net/__media__/fonts/Roboto-Bold/ Frame BA05 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://res-a.akamaihd.net/__media__/fonts/Roboto-Bold/Roboto-Bold.woff
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-43.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
c8a7ea184c79a6f61c400968314d03aae7c327f03efc03603f6a3cbada7bfb9a

Request headers

Referer
https://www.oann.com/
Origin
https://www.oann.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:37:46 GMT
Last-Modified
Mon, 16 May 2016 10:39:41 GMT
Server
nginx
ETag
"5739a36d-60f0"
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24816
vevent
fra1-ib.adnxs.com/ Frame 3B5A 		0
822 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/&e=wqT_3QLXBfBM1wIAAAMA1gAFAQiJw7eMBhC0i-zu_-7km1YYoOrzuvz2ys5wKjYJ8tJNYhBYuT8RKNpVSPlJtT8ZAAAAgD0K_z8hKNpVSPlJtT8p8tIJJNgxAAAAwPUovD8w07OeCTjRGECVCUhgUMSDvpEBWIqfigFgAGjb7qEBeNrVBYABAYoBA1VTRJIBAQb0SAKYAawCoAH6AagBAbABALgBAcABBcgBAtABCdgBAOABAPABANgC50PgAsPLWeoCgQFodHRwczovL3d3dy5vYW5uLmNvbS9mZWRlcmFsLWNvdXJ0LW9yZGVycy1iaWRlbnMtZG9qLXRvLXN0b3AtZXh0cmFjdGluZy1kYXRhLWZyb20tcGhvbmVzLW9mLXByb2plY3QtdmVyaXRhcy1mb3VuZGVyLWphbWVzLW9rZWVmZS-AAwCIAwGQAwCYAxSgAwGqA0ESGDQ5MzM4NDE3NDgzODg0NjkxNDhfc2JpZBoTNjIxMjU5NjM1NDU1MDI2OTM2NCIJMzA1MTAzMzAwKgVNMTE3M8ADrALIAwDYA53IpwHgAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBA05MS4xOTkuMTE4Ljc0qAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBADwBMSDvpEB-gQSCQAAAOA0D0lAEQAAAKBcXiFAiAUBmAUAoAWcs7-1392hvESqBRAzOUI2ODM1QkIzNTRGMzk3wAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF9aQJ-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBq_xAdoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwgAEAAYACAAMAA4ugZAAMgH2tUF0gcNCQAAAAAAAAAAEAAYANoHBggAEAAYAOAHAOoHAggA8Ae66wM.&s=3f2b5502f38eebcb358d1eb01d0608c155925156&type=nv&nvt=5&jm=1003&px=1016&py=1494&bw=300&bh=250&sid=8079944991538015388&vd=ct~0|rr~0&sv=221&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=19372499&sw=1600&sh=1200&pw=1600&ph=4098&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/221/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:46 GMT
X-Proxy-Origin
91.199.118.74; 91.199.118.74; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
2f142e10-685d-4ac1-9aa6-bbc924643814
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.oann.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
csync
sync.console.adtarget.com.tr/ Frame 9B2B
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=admatic
  • https://creativecdn.com/cm-notify?pi=admatic&tc=1
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=9g0j12fACH6DwS0AE7Em&pi=admatic&tc=1
0
0
/
ads.us.e-planning.net/uspd/1/ Frame FF0A 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 Aalsmeer, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
3f485a122de319ec8a3a203958f96f6002aceb4fbb3fc90112ed5d89c33dd453

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

server
openresty
date
Fri, 12 Nov 2021 03:37:46 GMT
content-type
text/html
cache-control
max-age=0, no-cache
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
expires
Fri, 12 Nov 2021 03:37:46 GMT
x-sid
AMS-731
content-encoding
gzip
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C4BC 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-175.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=68224
expires
Fri, 12 Nov 2021 22:34:50 GMT
date
Fri, 12 Nov 2021 03:37:46 GMT
vary
Accept-Encoding
pbsync.html
js.adscale.de/ Frame BC22 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:8600:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ecde72bc5d9fd5bc5150218535ae8f75ad9161924b91e64b7995c495fc90c246

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

content-type
text/html
last-modified
Thu, 11 Nov 2021 06:45:10 GMT
x-amz-version-id
RYuv7OHkGyBGhruGqt.WyYPuQOUx_v1g
server
AmazonS3
content-encoding
gzip
date
Fri, 12 Nov 2021 02:45:11 GMT
cache-control
max-age=7200
etag
W/"5550fca00caf055568d6ced373f2721f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 5297df6326448099cefed6e96fd7b00b.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
4NHmH9XpaINiX_FvN56EyOjKaxcXdTeXg-LWap6rq3LeTaL7sS4f7Q==
age
3155
cookie
cm.adform.net/ Frame AE14 		43 B
106 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

server
nginx
date
Fri, 12 Nov 2021 03:37:46 GMT
content-type
image/gif
content-length
43
user
cdn.admatic.com.tr/ Frame A5F9 		251 B
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admatic.com.tr/user
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
62b58b017cf4d54dc404dbc48e49b0429cbbb46678a868a95bf17664cc6340fd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

date
Fri, 12 Nov 2021 03:37:46 GMT
content-type
text/html
vary
Accept-Encoding
server
BunnyCDN-DE1-756
cdn-pullzone
266102
cdn-uid
bea626e5-d007-4073-8941-73ce8dd2f81c
cdn-requestcountrycode
GB
cdn-edgestorageid
756
cdn-storageserver
DE-51
cache-control
public, max-age=3600
cdn-fileserver
141
last-modified
Thu, 11 Feb 2021 13:30:42 GMT
cdn-cachedat
2021-08-10 09:24:38
cdn-requestpullsuccess
True
cdn-requestpullcode
206
cdn-requestid
e45651a925419059481fb54fe5a60968
cdn-status
200
cdn-cache
HIT
content-encoding
gzip
csync
sync.console.adtarget.com.tr/ Frame 4AC9 		0
0
csync
sync.console.adtarget.com.tr/ Frame 1D8D 		0
0
log
c21lg-d.media.net/ Frame 3422 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&del=2&vsid=2796898669860212000V10&origin=1&flt=0
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CU6M287B&prvid=99,77,3018,4,246,10000,9,2033&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=APPNEXUS
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:47 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Fri, 12 Nov 2021 03:37:47 GMT
log
c21lg-d.media.net/ Frame 258C 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&del=2&vsid=2796898669860212000V10&origin=1&flt=0
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CU6M287B&prvid=99,77,3018,4,246,10000,9,2033&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=APPNEXUS
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:47 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Fri, 12 Nov 2021 03:37:47 GMT
async_usersync
ib.adnxs.com/ Frame 440D 		0
731 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=3153&pub_id=1798592&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=3153&pub_id=1798592
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:46 GMT
X-Proxy-Origin
91.199.118.74; 91.199.118.74; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
ae3042ef-9dcf-4601-a2cf-ba2abffa910a
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
campaign
ads57.adtelligent.com/tracking/ Frame FBAC 		43 B
414 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads57.adtelligent.com/tracking/campaign?code=2003&nested=1&adid=39B6835BB354F397&cmpId=529070&aid=500592&i_top_domain=https%3A%2F%2Fwww.oann.com&event=1
Requested by
Host: ads57.adtelligent.com
URL: https://ads57.adtelligent.com/display/?adid=39B6835BB354F397&aid=500592&cb=1684978975
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5147::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.oann.com
Date
Fri, 12 Nov 2021 03:37:46 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
x.html
js.ad-score.com/ Frame 5C63 		0
565 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://js.ad-score.com/x.html?pid=1000152
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/x.html?pid=1000152
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:ce00:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.ad-score.com/x.html?pid=1000152
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 11 Nov 2021 17:41:08 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Thu, 11 Nov 2021 17:12:59 GMT
Age
35798
Access-Control-Allow-Methods
GET
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400
Access-Control-Allow-Credentials
true
X-Cache
Hit from cloudfront
X-Amz-Cf-Pop
FRA60-P2
Accept-Ranges
bytes
X-Amz-Cf-Id
lEhUtMiynXipOUIJEgLGypBUZvd1LDbz3if8tp8RJwDwaJGOyhWpQA==
Via
1.1 615f944336054ae07b8e7c415ddbad45.cloudfront.net (CloudFront)
sync.php
pixel.rubiconproject.com/exchange/ Frame 64F4 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=15414&gdpr=1&us_privacy=1---&gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Content-Type
image/gif
cors
data.ad-score.com/data/ Frame FBAC 		1 B
268 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=WtWkRBGawuvUoCKATHoeLBQpGKgyQFjo-FE7fPshldVrkKDQb03rJEkLJ-E0zCOstiaVbkPg==&pm_ct=08b7edc9f5b6a57154868ea7&pm_pl=1636688265850&pm_td=722&pid=1000152&en=1.1&callback=__pm_glbl_mT6xxTkZjiY8zJ5wiiHRGts6._gc4&v=bf28c17
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000152
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.oann.com
Date
Fri, 12 Nov 2021 03:37:47 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
pd
eu-u.openx.net/w/1.0/ Frame E2E5 		668 B
731 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
14b1cedf41b79647670c249f9d36bf7542bf00123f37e386b2b6cf4357bf2a0e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/16.218.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Fri, 12 Nov 2021 03:37:47 GMT
content-type
text/html
content-length
420
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
usersync.html
ad-cdn.technoratimedia.com/html/ Frame 744E 		17 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_5.9.0-pre
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.191 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frd/E2F8) /
Resource Hash
62f3a786e694b5c0ea068b3267e019ec7de62fb98fbebffdfbd425f1cd99a86e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/

Response headers

content-encoding
gzip
accept-ranges
bytes
access-control-allow-origin
*
age
882
cache-control
max-age=900
content-type
text/html; charset=UTF-8
date
Fri, 12 Nov 2021 03:37:47 GMT
etag
"450f-5c7a90520f640"
expires
Fri, 12 Nov 2021 03:52:47 GMT
last-modified
Wed, 21 Jul 2021 21:40:33 GMT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
server
ECAcc (frd/E2F8)
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-varnish
620897773
content-length
5566
async_usersync.html
acdn.adnxs.com/dmp/ Frame E491 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-148.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Content-Type
text/html
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Sat, 13 Nov 2021 03:37:48 GMT
Date
Fri, 12 Nov 2021 03:37:46 GMT
Connection
keep-alive
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame EEC9 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-175.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=68223
expires
Fri, 12 Nov 2021 22:34:50 GMT
date
Fri, 12 Nov 2021 03:37:47 GMT
vary
Accept-Encoding
sync.html
s.console.adtarget.com.tr/ Frame E928 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=609096
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5139::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
8374538d37b7f0bd9b60b4088b2e6aa893e5bc763d6e738acdaef83df8ffec91

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/

Response headers

Server
VertaMedia 1.0
Date
Fri, 12 Nov 2021 03:37:46 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
876
Access-Control-Allow-Origin
https://www.oann.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
usync.html
eus.rubiconproject.com/ Frame 4FC3 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40019-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 12 Nov 2021 03:37:47 GMT
Connection
keep-alive
Vary
Accept-Encoding
csync
sync.adtelligent.com/ Frame CF89
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D
  • https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=0726f4b9-e46b-4137-a1a7-ad37aab9b12d
0
0
/
onetag-sys.com/usync/ Frame 054C 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
d
ic.tynt.com/r/ Frame 9CF7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ic.tynt.com/r/d?m=xch&rt=html&gdpr={gdpr}gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.186 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip186.208-100-17.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/

Response headers

server
nginx/1.16.1
date
Fri, 12 Nov 2021 03:37:47 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
checksync.php
contextual.media.net/ Frame C998 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIUMTP7&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2029%2C2028%2C2027%2C236%2C237%2C2025%2C238%2C117%2C97%2C99%2C3012%2C3011%2C3010%2C3007%2C201%2C4%2C246%2C2037%2C203%2C9%2C2011%2C3022%2C3020%2C251%2C175%2C2009%2C255%2C178%2C3018%2C3017%2C3016%2C214%2C3014%2C70%2C77%2C38%2C182%2C261%2C141%2C222%2C301%2C225%2C80%2C10000%2C108&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a6d8b4fd932c77f091df092303087ebc50c0200922e2af2cc61c45b6194e486b
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/

Response headers

server
Apache
content-type
text/html; charset=UTF-8
x-mnet-hl2
E
strict-transport-security
max-age=604800
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=172800
expires
Sun, 14 Nov 2021 03:37:47 GMT
date
Fri, 12 Nov 2021 03:37:47 GMT
content-length
8178
/
ads.us.e-planning.net/uspd/1/ Frame 34E1 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 Aalsmeer, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
e64fdd9ff113af56f4c6fdcc6ee3c4492d6ad8ca3444f42b582209796c3fec12

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/

Response headers

server
openresty
date
Fri, 12 Nov 2021 03:37:47 GMT
content-type
text/html
cache-control
max-age=0, no-cache
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
expires
Fri, 12 Nov 2021 03:37:47 GMT
x-sid
AMS-731
content-encoding
gzip
check.html
biddr.brealtime.com/ Frame D94B 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.120.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/

Response headers

Date
Fri, 12 Nov 2021 03:37:47 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
x-amz-id-2
iThDOqIsDS8Lc8XERmO4THti/L0TNokZlU7KZ5ydViHoGsz8wSrXydQlClxKzw+8VZ9YuulUJ7s=
x-amz-request-id
5S3T1K5V2G9VMX3D
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status
HIT
Age
7091
Expires
Fri, 12 Nov 2021 03:38:47 GMT
Cache-Control
public, max-age=60
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
6accb94508f1695e-FRA
Content-Encoding
gzip
beacon
ap.lijit.com/ Frame D47B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13480300
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/

Response headers

Server
nginx
Date
Fri, 12 Nov 2021 03:37:47 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap4ams1
/
ssc-cms.33across.com/ps/ Frame E999 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=azC7qard4r6OkMaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.177 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip177.208-100-17.static.steadfastdns.net
Software
33XP003 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/

Response headers

x-33x-status
2000208
server
33XP003
date
Fri, 12 Nov 2021 03:37:46 GMT
sync.html
s.adtelligent.com/ Frame 4833 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=651796
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5139::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
373d499fc663925468122681df40e34455d7883c2c1ebba57aa22990fc38853c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/

Response headers

Server
VertaMedia 1.0
Date
Fri, 12 Nov 2021 03:37:46 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
786
Access-Control-Allow-Origin
https://www.oann.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
csync
sync.adtelligent.com/ Frame 3239
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=f84f02358cfc80548d3f33c7
0
0
csync
sync.adtelligent.com/ Frame 3239
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=59aa3052-ff19-4751-90ca-53cfef66db91
0
0
csync
sync.adtelligent.com/ Frame 3239
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=7051991869510472897
0
0
csync
sync.adtelligent.com/ Frame 3239 		0
0
csync
sync.adtelligent.com/ Frame 3239
Redirect Chain
  • https://ad.360yield.com/server_match?gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D
  • https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=869d1979-d4d7-48b6-8296-b1c99ad5eb73
0
0
prebidserver
lockerdome.com/usync/ Frame 3239 		43 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lockerdome.com/usync/prebidserver?pid=11201047612067584&gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D285400%26extuid%3D%7B%7Buid%7D%7D
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.142.154.104.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:37:47 GMT
Cache-Control
no-cache, max-age=0, must-revalidate, no-store
Content-Type
image/gif
ETag
W/"2b-J5MV1QeFXGpDUeHiwvOd2c0vzNg"
Content-Length
43
P3P
CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
bql.php
lg3.media.net/ Frame BA05 		15 B
216 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?&&vgd_l2type=sca&v=1&gdpr=1&geo=50.11%7C8.68&dlper=20&lper=100&lpid=&tsid=1&q=&prv=&type=&ps=&hint=&td=&cc=DE&wsip=170721352&bca=0&ugd=4&vgd_chost=&vgd_fcic=0&vgde_setid=Nfu&ksu=243&fdkt=391&kwd[]=Die+besten+Aktien+kaufen&kwt[]=391&kbc[]=1204722244&kwp[]=1&kid[]=326670668&kbc2[]=rps%3D0.15%7C%7Cps%3D0.628%7C%7Crpc%3D0.78%7C%7Clvl%3D5.00&ktd[]=274894815488&ktrkt[]=Die+besten+Aktien+kaufen&kwd[]=Strom-Tarife+im+Vergleich&kwt[]=391&kbc[]=1204722244&kwp[]=2&kid[]=326676410&kbc2[]=rps%3D0.00%7C%7Cps%3D0.628%7C%7Crpc%3D0.53%7C%7Clvl%3D4.58&ktd[]=274894815488&ktrkt[]=Strom-Tarife+im+Vergleich&kwd[]=Aktien+mit+Zukunft&kwt[]=391&kbc[]=1204722244&kwp[]=3&kid[]=329464240&kbc2[]=rps%3D0.18%7C%7Cps%3D0.628%7C%7Crpc%3D0.51%7C%7Clvl%3D4.70&ktd[]=274894815488&ktrkt[]=Aktien+mit+Zukunft&kwd[]=Sch%C3%B6ne+Hochzeitseinladungen&kwt[]=391&kbc[]=1204722244&kwp[]=4&kid[]=154593889&kbc2[]=rps%3D0.76%7C%7Cps%3D0.628%7C%7Crpc%3D0.39%7C%7Clvl%3D5.00&ktd[]=274894815488&ktrkt[]=Sch%C3%B6ne+Hochzeitseinladungen&kwd[]=Spuckschutz+aus+Plexiglas&kwt[]=391&kbc[]=1204722244&kwp[]=5&kid[]=330236268&kbc2[]=rps%3D0.62%7C%7Cps%3D0.628%7C%7Crpc%3D0.42%7C%7Clvl%3D5.00&ktd[]=274894815488&ktrkt[]=Spuckschutz+aus+Plexiglas&cid=8CUL2446F&vwid=1636688266572666372&vi=1636688266572666372&tdAdd[]=ib%3D0&vsid=2796898669860212000V10&kbbq=asn%3D62240%26&tdAdd[]=asnum%3D62240&vgd_l3_sc=he&vgd_hb_audit_1=8CU6M287B&vgd_hb_audit_2=856004011&vgd_katbid=-103&vgd_pdtid=1&vgd_implt=3&vgd_l2wsip=170721352&vgd_nrrv=88671&vgd_nrrmf=1c80a&vgd_nrrsf=scrr&vgd_cty=frankfurt+am+main&&tdAdd[]=%7C%40%7Cabp%3A1%3A2&vgd_ifrmode=10&vgd_l1rakh=1636688265119662145&sttm=1636688265731&upk=1636688266.2609&hvsid=00001636688265731015397985285324&verid=3111299&sbdrId=99&vgd_ecrid=305103300&vgd_isiolc=1&vgd_fcm_enc_mis=1&pid=8PO15FLE3&&abpl=2&&vgd_vstrid=EEA0000&vgde_bdata=ONvyNEoJxoBJQ7uoG~NUMkjv9~GwEv9~~QJjjJLM71yM8OvuiAhfHii~Q7OvuiAhfHii~875EJvK00I4tPb~e8Q8G8j875v9~N875vaR4Db_raDs~LJkMNz7vu~LM8Eviu.uii.uuW.9~LMQNvR3~LGmvXMA~G-M1uv9~OYYMOuv_~OYYMOfv_~OYYMOAv9~OYYMOHvu9~OYYMOXv9~OYYMOFv9~OYYMOhv9~OYYMOWv9~OYYMOiv9~OYYMOu9v9~OYYMOuAv99999u~OYYMOuHv9~OYYMOuXvu~OYYMOuFv9~OYYMOuhv9~OYYMOuWvA9~OYYMOuiv%3D~OYYMOfuvu~OYYMOffv9.9u~OYYMOfAv9~OYYMOfHvX~OYYMOfXv9~OYYMOfFv999~OYYMOfhv9~OYYMOfWvu~OYYMOfivu.H9~OYYMOA9vA.999~OYYMOAfvD~OYYMOAAv9~OYYMOAFvIK~OYYMOAhv9~OYYMOH9v9~OYYMOHfv9~OYYMOHAv9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~wNv9~OYYMOXuv9~OYYMOXfv9~OYYMOXAv99~OYYMjv9.9uf~OYYMLvf.9hH~JMLEYv9.fAi~OYYMYuv9.fAi~OYYMYfv9.99W~OYYMYAvu.999~OYYMYhvu.X9W~OYYMYu9vu.999~OYYMYuuv9.iFf~OYYMYufvu.X9W~OYYMYuAvF~OYYMYuHvfh~OYYMYuFvf.9hH~OYYMYfuvu.999~OYYMYfWvu.999~OYYMYA9vu.999~OYYMYAfv9.9FF~OYYMYAAvu.999~OYYMYAivuu99.999~OYYMYH9vuu99.999~JLEYv9.fAi~eGLv9~~G8Ov9.ui~OYYMOAivof~OYYMOXXvzxjj~G-M5GzJzevELmO~QxEEj5M71yM8OvuiAhfHii~e8JB1G8j875v9.AffHWh~NGOEv9.9ii~OYYvw1LYmz5~8zQjv9~O7NvJxMGJ~-8OvAuXA~LJkMNz7vu~O1jyvOJk1xj7~5QEvou~Gkj1yv9~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9FF~myG8Ov9.ui9~QJjjJLM71yM8OvuiAhfHii~N1LL8JLVOv9~ONx7vX9~OmyGv9ou~8GNvu~&vgd_optout=0&vgd_cfud=200610&vgd_l2ch=0&vgd_rensize=300_250&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_dtc=eu_be&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=1&&tdAdd[]=uiparams%3D%3Brend_w%3A300%3Brend_h%3A250%3Bwin_w%3A1600%3Bwin_h%3A1200&&vgd_uspa=0&vgd_sc=HE&vgd_l1rhst=contextual.media.net&hvsid=00001636688265731015397985285324&subBdr=99&bdrid=9&fp=RAbKfEACcTaid-c3CoQz_4WBOdB8fIslw0Ii8DdGY7JiI7Sen35Pyr7UhSGviiJXj1onYQD_siZfWa4jprzkZQHc9z4NPqryZWHaqeO0ivpurtWk1_asPpapwfmFlUAO&cme=oFh1FKHwjI5Y3yqAH4kH0klR9DbZ1RHR4cdSPYTq4zzrMCEZ3Y8b5lPTuqZFilKrWTZeS5XbxxLp5UdQLObbLYHpBmKC8mtZohCr82avM4_e5zRs_txfkpb9-1_q_6QlJ83Dix_ikbeH8z5nt4HHK92Ayr_O4AxUSF9mNBJTaD_CXKjGJFEzg0nqmd_kxA9XLejcKE9SlD-qab8GKnHiDaYmadX68j5cKSx_Y-cjsVY%3D%7C%7CqfinVeo8Q8FvnHtL_K8hcvDjvusl-iSIRhNskV5wHGsYt0k66wmO5J3PbEy78r27p6DJ0RZg8csHsPS1ituKBo6f2xU__6ksruB0HN1hdM4yikLpMCQho3wAv7lsVplm2SMZcpYTTHSayz6RDT6xIQ%3D%3D%7CMhSffBRfuCOyCp4u_bjS9Q%3D%3D%7CBfXmDjuObL3TShMgPs2QNnSySOOV0pjFFaIfT5CfSPXwL4Y21Kc0GzmdJIHDLmqi9D-W8B9xDyB1vcSKbDEVC7BV2k8kNhdKOdzRyE18wzqqjmY_pxnYVYZyx9B7Ks20TuDhIZVvCm5WZbDvURA1ojkPc5N6JB9v-NN4nvVfV6JN3L12OBr-mHg3_bdKsoQVd19H9FoFDIxjWLi3kiJrvWO1wqFdx2Wa1LGe66s2s7w%3D%7CECZQquDAdXO219s_zvdUcg%3D%3D%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7Cu8A6SM53vAeDX2gxB2l7q9coRgBZkbzd%7CqW9EDLQjNmyfD_o5UlKraJFN-uy2dHlb%7CgNTUc7MBYV04UVzmztpDDQ%3D%3D%7C&rc=0&rand=1636688266410&acid=4933841748388469148_6212596354550269364&matm=1636688266410&requrl=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&vgd_x_pos=1016&vgd_y_pos=1494&vgd_ren_page_h=4098&vgd_ltime=1080&vgd_ltimesrc=1&vgd_l1hcsd=A32%7C7519&vgd_l1ch=1&vgd_lhl=2540&vgd_pgid=p1389283522t202111120337&vgd_csip=rtb-common-5b7d448845-km5n8.BE&vgd_sbSup=1&vgd_nrrs=88671&vgd_cntrdt=SL%7CDIV%7CBODY&oRurl=adomain%3Dhttps%253A%252F%252Fcontent.businessinfoline.com%26adt1%3D8CU6M287B%26adt2%3D856004011%26bdrId%3D9%26cb%3Dwindow._mNDetails.initAd%26cc%3DDE%26chnm%3DHARMONY%26cid%3D8CUL2446F%26cpcd%3DXwoV-NCuQXHq_FbmS-SljQ%253D%253D%26crid%3D421632617%26gdpr%3D1%26https%3D1%26katbid%3D-103%26katpre%3D1%26lw%3D1%26matchstring%3D%26nb%3D1%26nse%3D5%26ntv%3D0%26pid%3D8PO15FLE3%26requrl%3Dhttps%253A%252F%252Fwww.oann.com%252Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%252F%26size%3D300x250%26tpid%3DT92M8NE%26ugd%3D4%26vif%3D1&vgd_end=1
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.140.74 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-140-74.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
server
Apache
date
Fri, 12 Nov 2021 03:37:47 GMT
ntcoent-length
15
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
15
expires
Fri, 12 Nov 2021 03:37:47 GMT
/
pips.taboola.com/ Frame 132F 		64 B
238 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
03029f972fd23e76501c39218d0397ce49c8a304199e1c7577c28b7143dd3c16

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:47 GMT
via
1.1 varnish
server
Varnish
x-served-by
cache-fra19150-FRA
access-control-allow-methods
GET
access-control-allow-origin
https://www.oann.com
cache-control
no-store
x-cache
HIT
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
jot
syndication.twitter.com/i/ Frame C1E4 		43 B
169 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1636688266691%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22FCP%22%2C%22component%22%3A%22performance%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%22f001879%3A1634581029404%22%2C%22dnt%22%3Atrue%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%222b31904%3A1636484198898%22%2C%22item_ids%22%3A%5B%221458904181540995079%22%5D%2C%22item_details%22%3A%7B%221458904181540995079%22%3A%7B%22item_type%22%3A0%7D%7D%2C%22duration_ms%22%3A1508.7000045776367%7D&dnt=1
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.72 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
108
pragma
no-cache
last-modified
Fri, 12 Nov 2021 03:37:47 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
fdba8230757dc1ad4d70aaabb8a5a1377237a3bf93f0bd55217fc7cd7ad2b466
x-transaction
a92ccd0400a01495
expires
Tue, 31 Mar 1981 05:00:00 GMT
usermatch
ssum.casalemedia.com/ Frame 245D 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D679a98072152b165%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
348ee38cb62aba4eb75d387a79fc0a7bbb28db6bf01f5e2ee45face1dd843656

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
46|73|4|130|230|218|123|88
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1584
Expires
Fri, 12 Nov 2021 03:37:47 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:47 GMT
Connection
keep-alive
/
onetag-sys.com/usync/ Frame B7FA 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame 659F 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c68188eac99450ac0c0d867b1253b2da1ac0cd4748cb79adc18177c8cd11eb6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

date
Fri, 12 Nov 2021 03:37:47 GMT
content-type
text/html
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6accb945ac8a5c68-FRA
content-encoding
br
cors
data.ad-score.com/data/ Frame FBAC 		1 B
268 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=WtWkRBGawuvUoCKATHoeLBQpGKgyQFjo-FE7fPshldVrkKDQb03rJEkLJ-E0zCOstiaVbkPg==&pm_ct=08b7edc9f5b6a57154868ea7&pm_pl=1636688265850&pm_td=902&pid=1000152&en=1.1&callback=__pm_glbl_mT6xxTkZjiY8zJ5wiiHRGts6._gc5&v=bf28c17
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000152
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.oann.com
Date
Fri, 12 Nov 2021 03:37:47 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
usync.js
eus.rubiconproject.com/ Frame BAF2 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0ab97734a7744ba95b6c3a25f32fc74029cae9a8b0e65b0f7bdeb4d1ba7b2d70

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17184-d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:37:47 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Nov 2021 00:01:00 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=12168
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9510
Expires
Fri, 12 Nov 2021 07:00:35 GMT
usync.js
eus.rubiconproject.com/ Frame 3D91 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0ab97734a7744ba95b6c3a25f32fc74029cae9a8b0e65b0f7bdeb4d1ba7b2d70

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:37:47 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Nov 2021 00:01:00 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=12168
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9510
Expires
Fri, 12 Nov 2021 07:00:35 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame 64F4 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon?gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:47 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
v1
ads.yahoo.com/cms/ Frame 64F4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594&gdpr=1&us_privacy=1---
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KVVTXO0H-1B-H0V7&sigv=1&esig=2~636630f6d9679d95a3ff6e31b6d1554ed50f1ea7&gdpr=1&us_privacy=1---
0
616 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KVVTXO0H-1B-H0V7&sigv=1&esig=2~636630f6d9679d95a3ff6e31b6d1554ed50f1ea7&gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol
H2
Server
2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:47 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KVVTXO0H-1B-H0V7&sigv=1&esig=2~636630f6d9679d95a3ff6e31b6d1554ed50f1ea7&gdpr=1&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 64F4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=1&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjMzMjA3ZDdkNjg4NWE1YTNiM2Q4M2Y4YmU0ZjE5MjA3ZWQ1NGJjOA&gdpr=1&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjMzMjA3ZDdkNjg4NWE1YTNiM2Q4M2Y4YmU0ZjE5MjA3ZWQ1NGJjOA&gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjMzMjA3ZDdkNjg4NWE1YTNiM2Q4M2Y4YmU0ZjE5MjA3ZWQ1NGJjOA&gdpr=1&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 64F4
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&gdpr=1&us_privacy=1---
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&gdpr=1&us_privacy=1---&_test=YY3hiwAAAb...
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YY3hiwAAAbzr6wBG&gdpr=1&us_privacy=1---&_test=YY3hiwAAAbzr6wBG
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YY3hiwAAAbzr6wBG&gdpr=1&us_privacy=1---&_test=YY3hiwAAAbzr6wBG
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:47 GMT
via
1.1 varnish
server
Varnish
x-timer
S1636688267.421444,VS0,VE0
x-served-by
cache-fra19156-FRA
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YY3hiwAAAbzr6wBG&gdpr=1&us_privacy=1---&_test=YY3hiwAAAbzr6wBG
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
tap.php
pixel.rubiconproject.com/ Frame 64F4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=1&us_privacy=1---
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/hqg03KVIt8OYvtcA9AvRWMn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=1&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5559525931425139763
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5559525931425139763
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Content-Type
image/gif

Redirect headers

date
Fri, 12 Nov 2021 03:37:47 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5559525931425139763
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
tap.php
pixel.rubiconproject.com/ Frame 64F4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=1&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESEFpi3sl_-23es0lSAUf7ykw&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESEFpi3sl_-23es0lSAUf7ykw&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:47 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESEFpi3sl_-23es0lSAUf7ykw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 64F4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr=1&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZWVFhPMEgtMUItSDBWNw==&gdpr=1&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZWVFhPMEgtMUItSDBWNw==&gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZWVFhPMEgtMUItSDBWNw==&gdpr=1&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
709414.gif
id.rlcdn.com/ Frame 64F4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif?gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
/
cds.taboola.com/ Frame 132F 		0
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=a284015e-a03f-4bac-8837-21742109eac8-tuct8876708&uad=e8d0b91c9842d0172f2e6db812bc67d15e4542ea5607449633373aa261d4e6b1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 12 Nov 2021 03:37:47 GMT
Cache-Control
no-store
Server
nginx
Connection
close
um
u-ams02.e-planning.net/ Frame FF0A
Redirect Chain
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D679a98072152b165
  • https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=679a98072152b165
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=679a98072152b165
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:47 GMT
server
openresty
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:47 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=679a98072152b165
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
um
sync.e-planning.net/ Frame FF0A
Redirect Chain
  • https://sync.1rx.io/usersync2/eplanning
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-d09719eb-9e0b-4fa7-b0cf-b78a75f3cf54-003&rndcb=3566980764
  • https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=adconductor&bds_param=ca55ffaf-b038-4845-a074-417fa5b634be
  • https://x.bidswitch.net/sync?dsp_id=340&user_id=fe0ddc46-6c7a-4dd8-a657-5157ab353f6f&expires=10&ssp=adconductor&bsw_param=ca55ffaf-b038-4845-a074-417fa5b634be
  • https://sync.1rx.io/usersync/bidswitch/ca55ffaf-b038-4845-a074-417fa5b634be?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-d09719eb-9e0b-4fa7-b0cf-b78a75f3cf54-003?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3DRX-d09719eb-9e0b-4fa7-b0cf-b78a75f3cf54-003%26dc%3D1079...
  • https://sync.e-planning.net/um?uid=RX-d09719eb-9e0b-4fa7-b0cf-b78a75f3cf54-003&dc=1079cc634ca638f8&iss=1
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?uid=RX-d09719eb-9e0b-4fa7-b0cf-b78a75f3cf54-003&dc=1079cc634ca638f8&iss=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
46.249.52.248 Aalsmeer, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:48 GMT
server
openresty
content-type
image/gif

Redirect headers

location
https://sync.e-planning.net/um?uid=RX-d09719eb-9e0b-4fa7-b0cf-b78a75f3cf54-003&dc=1079cc634ca638f8&iss=1
date
Fri, 12 Nov 2021 03:37:47 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXd09719eb9e0b4fa7b0cfb78a75f3cf54003
content-type
text/html
dataxpand_28122020.js
s.e-planning.net/esb/4/1/3fb8/8a4272ba9ae263fe/ Frame FF0A 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/8a4272ba9ae263fe/dataxpand_28122020.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
792e8d90eda8320b9bad0aa1aa9b98cb609ac3a72a642e6d370f40131c88ebe4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:47 GMT
content-encoding
gzip
last-modified
Mon, 28 Dec 2020 16:45:03 GMT
server
openresty
etag
W/"5fea0b8f-9a72"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Wed, 11 Nov 2026 03:37:47 GMT
retargetly_030920.js
s.e-planning.net/esb/4/1/3fb8/7bb4893a30d21aef/ Frame FF0A 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/7bb4893a30d21aef/retargetly_030920.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
18cbfcb608af5885f7916274b60578d32006c90e8fce3d98dbcc89a646707608

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:47 GMT
content-encoding
gzip
last-modified
Thu, 03 Sep 2020 18:45:03 GMT
server
openresty
etag
W/"5f5139af-857"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Wed, 11 Nov 2026 03:37:47 GMT
um
u-ams02.e-planning.net/ Frame FF0A
Redirect Chain
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D679a98072152b165%26uid%3D%24%7BUID%7D
  • https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=679a98072152b165&uid=59aa3052-ff19-4751-90ca-53cfef66db91
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=679a98072152b165&uid=59aa3052-ff19-4751-90ca-53cfef66db91
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:47 GMT
server
openresty
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:46 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=679a98072152b165&uid=59aa3052-ff19-4751-90ca-53cfef66db91
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
6042m0m3hsv6slvelosg91dkp1ahagpg
ptag
a.audrte.com/ Frame FF0A 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.28.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-28-97.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
7a349630f46773b993f243b2ef0f26a88304fde74466717161d74b09c6a9fd2f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:37:47 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1682
lotame.js
s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/ Frame FF0A 		266 B
415 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:47 GMT
content-encoding
gzip
last-modified
Thu, 19 Nov 2020 16:18:03 GMT
server
openresty
etag
W/"5fb69abb-10a"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Wed, 11 Nov 2026 03:37:47 GMT
current
prebid-match.dotomi.com/match/bounce/ Frame FF0A 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-match.dotomi.com/match/bounce/current?networkId=72582&version=1&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi%3D679a98072152b165%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:47 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame FF0A
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D679a98072152b165
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
95 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
162.55.233.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.233.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:47 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png

Redirect headers

location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
date
Fri, 12 Nov 2021 03:37:47 GMT
server
nginx/1.14.2
content-type
text/html; charset=UTF-8
um
u-ams02.e-planning.net/ Frame FF0A
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D679a98072152b165%26uid%3D%24UID
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=679a98072152b165&uid=7051991869510472897
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=679a98072152b165&uid=7051991869510472897
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:47 GMT
server
openresty
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:47 GMT
X-Proxy-Origin
91.199.118.74; 91.199.118.74; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
9489425e-ceab-4f53-8713-d56a7a3124a6
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=679a98072152b165&uid=7051991869510472897
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
us
sync.go.sonobi.com/ Frame FF0A 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3D679a98072152b165%26uid%3D%5BUID%5D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:47 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
um
sync.e-planning.net/ Frame FF0A
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58414/occ
  • https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-M2iu6oNE2uH9BCA7nc0lZZ320v3ogD.GRbxXZoA-~A
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-M2iu6oNE2uH9BCA7nc0lZZ320v3ogD.GRbxXZoA-~A
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
46.249.52.248 Aalsmeer, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:47 GMT
server
openresty
content-type
image/gif

Redirect headers

location
https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-M2iu6oNE2uH9BCA7nc0lZZ320v3ogD.GRbxXZoA-~A
date
Fri, 12 Nov 2021 03:37:47 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
um
u-ams02.e-planning.net/ Frame FF0A
Redirect Chain
  • https://cs.admanmedia.com/sync/eplanning?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D227acb3d18564968%26fi%3D679a98072152b165%26uid%3D%7B%24UID%7D
  • https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=679a98072152b165&uid=8905320fd96316601b5036f2c7ff5ee29069c9b4
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=679a98072152b165&uid=8905320fd96316601b5036f2c7ff5ee29069c9b4
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:47 GMT
server
openresty
content-type
image/gif

Redirect headers

Location
https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=679a98072152b165&uid=8905320fd96316601b5036f2c7ff5ee29069c9b4
Date
Fri, 12 Nov 2021 03:37:47 GMT
Transfer-Encoding
chunked
Server
nginx
Connection
keep-alive
X-Frame-Options
DENY
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
bundle.js
cdn.admatic.com.tr/user/ Frame A5F9 		54 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admatic.com.tr/user/bundle.js
Requested by
Host: cdn.admatic.com.tr
URL: https://cdn.admatic.com.tr/user
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
8b5cbe512fbb056de7aa42963d3bac7e38adb05e32fbe6f502b4fad3cabf57fc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/user
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:47 GMT
content-encoding
br
cdn-edgestorageid
756
cdn-fileserver
141
cdn-storageserver
DE-51
cdn-cachedat
2021-08-12 13:48:34
cdn-pullzone
266102
last-modified
Fri, 12 Mar 2021 04:24:48 GMT
server
BunnyCDN-DE1-756
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
bea626e5-d007-4073-8941-73ce8dd2f81c
cache-control
public, max-age=3600
cdn-requestid
3417d7a4766144a478a4a674fe41092c
cdn-requestcountrycode
GB
cdn-status
200
cdn-requestpullsuccess
True
PugMaster
image6.pubmatic.com/AdServer/ Frame 669E 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=58399507&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D679a98072152b165%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
308120494d42a2dacd0acb8afae08f28abade21a9e73c382339db07b0a001418

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:46 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usync.js
eus.rubiconproject.com/ Frame 4FC3 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0ab97734a7744ba95b6c3a25f32fc74029cae9a8b0e65b0f7bdeb4d1ba7b2d70

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:37:47 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Nov 2021 00:01:00 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=12168
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9510
Expires
Fri, 12 Nov 2021 07:00:35 GMT
sd
eu-u.openx.net/w/1.0/ Frame E2E5
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=e626618d-e18b-4900-b346-8a6c848cdf60
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=e626618d-e18b-4900-b346-8a6c848cdf60
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:47 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Fri, 12 Nov 2021 03:37:47 GMT
Server
MT3 4067 88cc6bf master cdg-pixel-x31 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=e626618d-e18b-4900-b346-8a6c848cdf60
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 12 Nov 2021 03:37:46 GMT
p-25CIknq_eSg16.gif
pixel.quantserve.com/pixel/ Frame E2E5 		0
0
sd
eu-u.openx.net/w/1.0/ Frame E2E5
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1034124019680978443
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1034124019680978443
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:47 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:47 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1034124019680978443
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame E2E5 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=6074bf9d-4686-74b8-fb46-93da6e3d191c&gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:47 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame E2E5 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NGMxYjZjNTctOGZmMS0yYTFjLWVlYTYtYzk2M2E0ZGZkNzdj
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame E2E5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJB1mb1oPALXrKxC97MUQ5w&google_cver=1
43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJB1mb1oPALXrKxC97MUQ5w&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:47 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:47 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJB1mb1oPALXrKxC97MUQ5w&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
u-ams02.e-planning.net/ Frame 34E1
Redirect Chain
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D13da9cbf695e00d3
  • https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=13da9cbf695e00d3
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=13da9cbf695e00d3
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:47 GMT
server
openresty
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:46 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=13da9cbf695e00d3
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
um
sync.e-planning.net/ Frame 34E1
Redirect Chain
  • https://sync.1rx.io/usersync2/eplanning
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=110&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fcentro%2F2095%2F%7BuserId%7D%3Fzcc%3D0%26sspret%3D1&rndcb=5218368145
  • https://sync.1rx.io/usersync3/centro/2095/no-consent?zcc=0&sspret=1&rndcb=5218368145
  • https://sync.targeting.unrulymedia.com/csync/RX-d09719eb-9e0b-4fa7-b0cf-b78a75f3cf54-003?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3DRX-d09719eb-9e0b-4fa7-b0cf-b78a75f3cf54-003%26dc%3D1079...
  • https://sync.e-planning.net/um?uid=RX-d09719eb-9e0b-4fa7-b0cf-b78a75f3cf54-003&dc=1079cc634ca638f8&iss=1
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?uid=RX-d09719eb-9e0b-4fa7-b0cf-b78a75f3cf54-003&dc=1079cc634ca638f8&iss=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
46.249.52.248 Aalsmeer, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:47 GMT
server
openresty
content-type
image/gif

Redirect headers

location
https://sync.e-planning.net/um?uid=RX-d09719eb-9e0b-4fa7-b0cf-b78a75f3cf54-003&dc=1079cc634ca638f8&iss=1
date
Fri, 12 Nov 2021 03:37:47 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXd09719eb9e0b4fa7b0cfb78a75f3cf54003
content-type
text/html
dataxpand_28122020.js
s.e-planning.net/esb/4/1/3fb8/8a4272ba9ae263fe/ Frame 34E1 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/8a4272ba9ae263fe/dataxpand_28122020.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
792e8d90eda8320b9bad0aa1aa9b98cb609ac3a72a642e6d370f40131c88ebe4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:47 GMT
content-encoding
gzip
last-modified
Mon, 28 Dec 2020 16:45:03 GMT
server
openresty
etag
W/"5fea0b8f-9a72"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Wed, 11 Nov 2026 03:37:47 GMT
retargetly_030920.js
s.e-planning.net/esb/4/1/3fb8/7bb4893a30d21aef/ Frame 34E1 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/7bb4893a30d21aef/retargetly_030920.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
18cbfcb608af5885f7916274b60578d32006c90e8fce3d98dbcc89a646707608

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:47 GMT
content-encoding
gzip
last-modified
Thu, 03 Sep 2020 18:45:03 GMT
server
openresty
etag
W/"5f5139af-857"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Wed, 11 Nov 2026 03:37:47 GMT
um
u-ams02.e-planning.net/ Frame 34E1
Redirect Chain
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D13da9cbf695e00d3%26uid%3D%24%7BUID%7D
  • https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=13da9cbf695e00d3&uid=59aa3052-ff19-4751-90ca-53cfef66db91
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=13da9cbf695e00d3&uid=59aa3052-ff19-4751-90ca-53cfef66db91
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:47 GMT
server
openresty
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:46 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=13da9cbf695e00d3&uid=59aa3052-ff19-4751-90ca-53cfef66db91
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
a1orim6jt8757pi0iutdm0sdhsggtoh7
ptag
a.audrte.com/ Frame 34E1 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.28.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-28-97.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
7a349630f46773b993f243b2ef0f26a88304fde74466717161d74b09c6a9fd2f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:37:47 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1682
lotame.js
s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/ Frame 34E1 		266 B
415 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:47 GMT
content-encoding
gzip
last-modified
Thu, 19 Nov 2020 16:18:03 GMT
server
openresty
etag
W/"5fb69abb-10a"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Wed, 11 Nov 2026 03:37:47 GMT
current
prebid-match.dotomi.com/match/bounce/ Frame 34E1 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-match.dotomi.com/match/bounce/current?networkId=72582&version=1&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi%3D13da9cbf695e00d3%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:47 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame 34E1
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D13da9cbf695e00d3
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
95 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
162.55.233.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.233.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:47 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png

Redirect headers

location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
date
Fri, 12 Nov 2021 03:37:47 GMT
server
nginx/1.14.2
content-type
text/html; charset=UTF-8
um
u-ams02.e-planning.net/ Frame 34E1
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D13da9cbf695e00d3%26uid%3D%24UID
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=13da9cbf695e00d3&uid=7051991869510472897
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=13da9cbf695e00d3&uid=7051991869510472897
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:47 GMT
server
openresty
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:47 GMT
X-Proxy-Origin
91.199.118.74; 91.199.118.74; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
d7e53729-d06a-4442-8440-1a967716e2cd
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=13da9cbf695e00d3&uid=7051991869510472897
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
us
sync.go.sonobi.com/ Frame 34E1 		0
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3D13da9cbf695e00d3%26uid%3D%5BUID%5D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:47 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
um
sync.e-planning.net/ Frame 34E1
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58414/occ
  • https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-M2iu6oNE2uH9BCA7nc0lZZ320v3ogD.GRbxXZoA-~A
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-M2iu6oNE2uH9BCA7nc0lZZ320v3ogD.GRbxXZoA-~A
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
46.249.52.248 Aalsmeer, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:47 GMT
server
openresty
content-type
image/gif

Redirect headers

location
https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-M2iu6oNE2uH9BCA7nc0lZZ320v3ogD.GRbxXZoA-~A
date
Fri, 12 Nov 2021 03:37:47 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
um
u-ams02.e-planning.net/ Frame 34E1
Redirect Chain
  • https://cs.admanmedia.com/sync/eplanning?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D227acb3d18564968%26fi%3D13da9cbf695e00d3%26uid%3D%7B%24UID%7D
  • https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=13da9cbf695e00d3&uid=8905320fd96316601b5036f2c7ff5ee29069c9b4
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=13da9cbf695e00d3&uid=8905320fd96316601b5036f2c7ff5ee29069c9b4
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:47 GMT
server
openresty
content-type
image/gif

Redirect headers

Location
https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=13da9cbf695e00d3&uid=8905320fd96316601b5036f2c7ff5ee29069c9b4
Date
Fri, 12 Nov 2021 03:37:47 GMT
Transfer-Encoding
chunked
Server
nginx
Connection
keep-alive
X-Frame-Options
DENY
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
usync.html
eus.rubiconproject.com/ Frame 649D
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40019-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 12 Nov 2021 03:37:47 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Date
Fri, 12 Nov 2021 03:37:47 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4DB0 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D679a98072152b165%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-175.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=68223
expires
Fri, 12 Nov 2021 22:34:50 GMT
date
Fri, 12 Nov 2021 03:37:47 GMT
vary
Accept-Encoding
cc.js
tags.crwdcntrl.net/c/15238/ Frame 060E 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-128.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 16:20:14 GMT
content-encoding
gzip
etag
W/"2b2f816f40499d384e118ce88a266e02"
last-modified
Thu, 02 Jul 2020 15:35:12 GMT
server
AmazonS3
age
40654
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
via
1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
YtfisSxLZU4dQPY4uOMrQsVty9O5Y0ZnwZi9Qlk9V5VbZYRuJrqFyw==
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame CEED 		636 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

server
openresty
date
Fri, 12 Nov 2021 03:37:47 GMT
content-type
text/html
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
etag
W/"601b131c-27c"
expires
Wed, 11 Nov 2026 03:37:47 GMT
cache-control
max-age=157680000
access-control-allow-origin
*
content-encoding
gzip
e-planning
sync.quantumdex.io/usersync/ Frame 457A 		3 KB
970 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/e-planning
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc4331ba98f21b5e91c42f93623eac7feff7ef8ce546e3c15cebfd4af4c26d37

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

date
Fri, 12 Nov 2021 03:37:47 GMT
content-type
text/html
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6accb946ef174de8-FRA
content-encoding
gzip
csync
sync.adtelligent.com/ Frame 8873 		0
0
sync.php
pixel.rubiconproject.com/exchange/ Frame BAF2 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=17184-d
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Content-Type
image/gif
uu
ih.adscale.de/ Frame BC22
Redirect Chain
  • https://ih.adscale.de/uu?cbfn=receive&t=1636688266
  • https://ih.adscale.de/uu?cbfn=receive&t=1636688266&nut&uu=b0dee3192cad4487afdc03251ae66aa7
44 B
213 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/uu?cbfn=receive&t=1636688266&nut&uu=b0dee3192cad4487afdc03251ae66aa7
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
H2
Server
35.157.138.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-138-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
86094af8d89a39d87451398f387cf6d59bf48e032492c1b27c3489ed9b2d42f9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:47 GMT
content-length
44
content-type
text/javascript;charset=ISO-8859-1

Redirect headers

location
https://ih.adscale.de/uu?cbfn=receive&t=1636688266&nut&uu=b0dee3192cad4487afdc03251ae66aa7
date
Fri, 12 Nov 2021 03:37:47 GMT
content-length
0
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 3D91 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=12186
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Content-Type
image/gif
async_usersync
ib.adnxs.com/ Frame E491 		0
731 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:47 GMT
X-Proxy-Origin
91.199.118.74; 91.199.118.74; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
be344b8a-d42b-4813-933d-6a36e0a6cd27
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
ads.us.e-planning.net/uspd/1/ Frame 7585 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 Aalsmeer, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
e2c00e8c51ba79b5cd736fec373f82e5f3394d2ceedad43ba267e7bcc661b034

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

server
openresty
date
Fri, 12 Nov 2021 03:37:47 GMT
content-type
text/html
cache-control
max-age=0, no-cache
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
expires
Fri, 12 Nov 2021 03:37:47 GMT
x-sid
AMS-731
content-encoding
gzip
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A371 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-175.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=68223
expires
Fri, 12 Nov 2021 22:34:50 GMT
date
Fri, 12 Nov 2021 03:37:47 GMT
vary
Accept-Encoding
pbsync.html
js.adscale.de/ Frame 534D 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:8600:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ecde72bc5d9fd5bc5150218535ae8f75ad9161924b91e64b7995c495fc90c246

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

content-type
text/html
last-modified
Thu, 11 Nov 2021 06:45:10 GMT
x-amz-version-id
RYuv7OHkGyBGhruGqt.WyYPuQOUx_v1g
server
AmazonS3
content-encoding
gzip
date
Fri, 12 Nov 2021 02:45:11 GMT
cache-control
max-age=7200
etag
W/"5550fca00caf055568d6ced373f2721f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 5297df6326448099cefed6e96fd7b00b.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
Rj54pzsZt0l9av-9XwmmfPLLCCD7irVbj3WEyVLE3lueI9byNVkbtw==
age
3156
cookie
cm.adform.net/ Frame 1A83 		43 B
105 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

server
nginx
date
Fri, 12 Nov 2021 03:37:47 GMT
content-type
image/gif
content-length
43
user
cdn.admatic.com.tr/ Frame 2262 		251 B
641 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admatic.com.tr/user
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
62b58b017cf4d54dc404dbc48e49b0429cbbb46678a868a95bf17664cc6340fd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

date
Fri, 12 Nov 2021 03:37:47 GMT
content-type
text/html
vary
Accept-Encoding
server
BunnyCDN-DE1-756
cdn-pullzone
266102
cdn-uid
bea626e5-d007-4073-8941-73ce8dd2f81c
cdn-requestcountrycode
GB
cdn-edgestorageid
756
cdn-storageserver
DE-51
cache-control
public, max-age=3600
cdn-fileserver
141
last-modified
Thu, 11 Feb 2021 13:30:42 GMT
cdn-cachedat
2021-08-10 09:24:38
cdn-requestpullsuccess
True
cdn-requestpullcode
206
cdn-requestid
7f42b125819ea3b0aff2a063f7ccd0a2
cdn-status
200
cdn-cache
HIT
content-encoding
gzip
csync
sync.console.adtarget.com.tr/ Frame A9E8 		0
0
csync
sync.console.adtarget.com.tr/ Frame 24CC
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=admatic
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=9g0j12fACH6DwS0AE7Em&pi=admatic
0
0
csync
sync.console.adtarget.com.tr/ Frame E928 		0
0
usync.html
eus.rubiconproject.com/ Frame DAF8
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40019-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 12 Nov 2021 03:37:47 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Date
Fri, 12 Nov 2021 03:37:47 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame ACAD 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D13da9cbf695e00d3%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-175.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=68223
expires
Fri, 12 Nov 2021 22:34:50 GMT
date
Fri, 12 Nov 2021 03:37:47 GMT
vary
Accept-Encoding
log
c21lg-d.media.net/ Frame C998 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&del=2&vsid=2796898669860212000V10&origin=1&flt=0
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIUMTP7&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2029%2C2028%2C2027%2C236%2C237%2C2025%2C238%2C117%2C97%2C99%2C3012%2C3011%2C3010%2C3007%2C201%2C4%2C246%2C2037%2C203%2C9%2C2011%2C3022%2C3020%2C251%2C175%2C2009%2C255%2C178%2C3018%2C3017%2C3016%2C214%2C3014%2C70%2C77%2C38%2C182%2C261%2C141%2C222%2C301%2C225%2C80%2C10000%2C108&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:47 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Fri, 12 Nov 2021 03:37:47 GMT
getuid
secure.adnxs.com/ Frame 245D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D679a98072152b165%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
YY3hh_hBgT-uGKmO4CBSjQAABGoAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 245D 		43 B
874 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YY3hh_hBgT-uGKmO4CBSjQAABGoAAAAB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D679a98072152b165%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:dc78:e42b:b41a:32a0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:47 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
rum
dsum-sec.casalemedia.com/ Frame 245D
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2365734668697577057
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2365734668697577057
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D679a98072152b165%26uid%3D
Protocol
HTTP/1.1
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:47 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 12 Nov 2021 03:37:47 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2365734668697577057
pragma
no-cache
date
Fri, 12 Nov 2021 03:37:47 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
ie
match.prod.bidr.io/cookie-sync/ Frame 245D 		43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D679a98072152b165%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.206.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-206-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:47 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 245D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YY3hh_hBgT-uGKmO4CBSjQAABGoAAAAB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEC0kTo4DOTi5Y4M5VfsuE0M&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEC0kTo4DOTi5Y4M5VfsuE0M&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D679a98072152b165%26uid%3D
Protocol
HTTP/1.1
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:47 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Fri, 12 Nov 2021 03:37:47 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:47 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEC0kTo4DOTi5Y4M5VfsuE0M&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ibs:dpid=23728&dpuuid=YY3hh-hBgT.uGKmO4CBSjQAA%261130
dpm.demdex.net/ Frame 245D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YY3hh-hBgT.uGKmO4CBSjQAA%261130?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D679a98072152b165%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.44.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-44-171.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
rum
dsum-sec.casalemedia.com/ Frame 245D
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=JTTjVY0qS5JtcVusoecQ11vHdko
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=JTTjVY0qS5JtcVusoecQ11vHdko
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D679a98072152b165%26uid%3D
Protocol
HTTP/1.1
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 12 Nov 2021 03:37:48 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=JTTjVY0qS5JtcVusoecQ11vHdko
Date
Fri, 12 Nov 2021 03:37:47 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame 245D 		85 B
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D679a98072152b165%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:47 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1636688268.533515,VS0,VE89
x-served-by
cache-fra19156-FRA
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-type
image/png
content-length
85
x-cache-hits
0
um
u-ams02.e-planning.net/ Frame 245D 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=99e41df815fd80b4&fi=679a98072152b165&uid=YY3hh-hBgT.uGKmO4CBSjQAA%261130
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D679a98072152b165%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:47 GMT
server
openresty
content-type
image/gif
usync.html
eus.rubiconproject.com/ Frame AA6F
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d
  • https://eus.rubiconproject.com/usync.html?p=17184-d
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17184-d
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40019-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 12 Nov 2021 03:37:47 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=17184-d
Date
Fri, 12 Nov 2021 03:37:47 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 06DC 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-175.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=68223
expires
Fri, 12 Nov 2021 22:34:50 GMT
date
Fri, 12 Nov 2021 03:37:47 GMT
vary
Accept-Encoding
csync
sync.adtelligent.com/ Frame 4833
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189529&cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D323546%26extuid%3D
  • https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=YY3hh-hBgT.uGKmO4CBSjQAA%261130
0
0
csync
sync.adtelligent.com/ Frame 4833 		0
0
getuid
ib.adnxs.com/ Frame 659F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=7a93850a-2288-44dc-46b8-44a249f537ec&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
mw
mwzeom.zeotap.com/ Frame 659F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=7a93850a-2288-44dc-46...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEMFKG54kWtDOuI1jusWWZYg&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=7a9385...
95 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEMFKG54kWtDOuI1jusWWZYg&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=7a93850a-2288-44dc-46b8-44a249f537ec&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:47 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6accb9485fa25c68-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:47 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEMFKG54kWtDOuI1jusWWZYg&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=7a93850a-2288-44dc-46b8-44a249f537ec&zdid=1361
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
470
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 659F
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=ec120d2c-953c-4462-a438-5fad45f00277&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=7a93850a-2288-44dc...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=ec120d2c-953c-4462-a438-5fad45f00277&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=7a93850a-2288-44dc-46b8-44a249f537ec&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:47 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6accb94999255c68-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=ec120d2c-953c-4462-a438-5fad45f00277&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=7a93850a-2288-44dc-46b8-44a249f537ec&zdid=1361
date
Fri, 12 Nov 2021 03:37:47 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
/
dmp.adform.net/serving/cookie/match/ Frame 659F 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=7a93850a-2288-44dc-46b8-44a249f537ec&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:47 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
mw
mwzeom.zeotap.com/ Frame 659F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D74fce569-a1fb-458a-4d4b-310e90dafe31%26reqId%3D7...
  • https://mwzeom.zeotap.com/mw?cid=c6f7b90a-8be6-489e-aed8-3443d34fbebe&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=7a93850a-2288-44dc...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=c6f7b90a-8be6-489e-aed8-3443d34fbebe&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=7a93850a-2288-44dc-46b8-44a249f537ec&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:47 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6accb948b80f5c68-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:47 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://mwzeom.zeotap.com/mw?cid=c6f7b90a-8be6-489e-aed8-3443d34fbebe&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=7a93850a-2288-44dc-46b8-44a249f537ec&zdid=1361
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
481
cm
trc.taboola.com/sg/zeotap/1/ Frame 659F 		0
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=7a93850a-2288-44dc-46b8-44a249f537ec&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Fri, 12 Nov 2021 03:37:47 GMT
via
1.1 varnish
server
nginx
x-timer
S1636688268.558158,VS0,VE9
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19166-FRA
u
dmp.v.fwmrm.net/ad/ Frame 659F 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:6593:f606:b0c3:6468:eab1:934c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:48 GMT
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Content-Type
text/html
Keep-Alive
timeout=300
Content-Length
0
Expires
0
mw
mwzeom.zeotap.com/ Frame 659F
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=F7758E58-A6FE-4EE5-A3E4-8A9A780B336D&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=7a9385...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=F7758E58-A6FE-4EE5-A3E4-8A9A780B336D&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=7a93850a-2288-44dc-46b8-44a249f537ec&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:47 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6accb948b80d5c68-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=F7758E58-A6FE-4EE5-A3E4-8A9A780B336D&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=7a93850a-2288-44dc-46b8-44a249f537ec&zdid=1361
date
Fri, 12 Nov 2021 03:37:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
mw
mwzeom.zeotap.com/ Frame 659F
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=7a93850a-2288-44dc-46b8-44a249f537ec&zdid=1361
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=7a93850a-2288-44dc-46b8-44a249f537ec&zdid=136...
  • https://mwzeom.zeotap.com/mw?cid=bde59542-35d0-4d0b-9379-d1802b89ac9e&zpartnerid=317&gdpr=1&gdpr_consent=
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=bde59542-35d0-4d0b-9379-d1802b89ac9e&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:48 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6accb94b0abe5c68-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:47 GMT
server
Apache-Coyote/1.1
location
https://mwzeom.zeotap.com/mw?cid=bde59542-35d0-4d0b-9379-d1802b89ac9e&zpartnerid=317&gdpr=1&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
mw
mwzeom.zeotap.com/ Frame 659F
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=74fce569-a1fb-458a-4d4b-310e90dafe31&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=74fce569-a1fb-458a-4d4b-310e90dafe31&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=37127328274913860432154452890004927553&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=7a93850a-2288-...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=37127328274913860432154452890004927553&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=7a93850a-2288-44dc-46b8-44a249f537ec&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:48 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6accb94b8ba25c68-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

DCS
dcs-prod-irl1-1-v019-092dc6a27.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
1aom1Z69RUY=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=37127328274913860432154452890004927553&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=7a93850a-2288-44dc-46b8-44a249f537ec&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
loadeu.exelator.com/load/ Frame 659F 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=7a93850a-2288-44dc-46b8-44a249f537ec&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:47 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
mw
mwzeom.zeotap.com/ Frame 659F
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=7029522580518533270&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=7a93850a-2288-44dc-46b8-...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=7029522580518533270&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=7a93850a-2288-44dc-46b8-44a249f537ec&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:47 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6accb94948ad5c68-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=7029522580518533270&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=7a93850a-2288-44dc-46b8-44a249f537ec&zdid=1361
Date
Fri, 12 Nov 2021 03:37:47 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
check
pixel.tapad.com/idsync/ex/receive/ Frame 659F
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=74fce569-a1fb-458a-4d4b-310e90dafe31
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=74fce569-a1fb-458a-4d4b-310e90dafe31
95 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=74fce569-a1fb-458a-4d4b-310e90dafe31
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:47 GMT
via
1.1 google
content-type
image/png
alt-svc
clear
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=74fce569-a1fb-458a-4d4b-310e90dafe31
date
Fri, 12 Nov 2021 03:37:47 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
mw
mwzeom.zeotap.com/ Frame 659F
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=74fce569-a1fb-458a-4d4b-310e90dafe31&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=74fce569-a1fb-458a-4d4b-310e90dafe31&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://mwzeom.zeotap.com/mw?webouuid=zhRhOAKg8qKfMbHn1FEzCO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=7a93850a-2288-44...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?webouuid=zhRhOAKg8qKfMbHn1FEzCO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=7a93850a-2288-44dc-46b8-44a249f537ec&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:47 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6accb94aaa4f5c68-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:47 GMT
via
1.1 google
last-modified
Fri, 12 Nov 2021 03:37:47 GMT
server
nginx/1.12.0
location
https://mwzeom.zeotap.com/mw?webouuid=zhRhOAKg8qKfMbHn1FEzCO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=7a93850a-2288-44dc-46b8-44a249f537ec&zdid=1361
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
clear
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 659F
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D[sas_uid]%26zpartnerid%3D592%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%...
  • https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https://mwzeom.zeotap.com/mw?cid=[sas_uid]&zpartnerid=592&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b...
  • https://mwzeom.zeotap.com/mw?cid=1193297337061439951
95 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=1193297337061439951
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:48 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6accb94b0ab45c68-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=1193297337061439951
pragma
no-cache
date
Fri, 12 Nov 2021 03:37:47 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
mw
mwzeom.zeotap.com/ Frame 659F
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=74fce569-a1fb-458a-4d4b-310e90dafe31?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=74fce569-a1fb-458a-4d4b-310e90dafe31?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdp...
  • https://mwzeom.zeotap.com/mw?pid=ae1ef9dbcc63b13a6494acd785836c22&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=7a93850a-22...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?pid=ae1ef9dbcc63b13a6494acd785836c22&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=7a93850a-2288-44dc-46b8-44a249f537ec&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:48 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6accb94ced475c68-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:47 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=ae1ef9dbcc63b13a6494acd785836c22&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=7a93850a-2288-44dc-46b8-44a249f537ec&zdid=1361
cache-control
no-cache
x-server
10.45.1.21
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame 659F
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-ul53ELFE2orvH.TafnYScOx.jRyprbgI5w--~A&zpartnerid=570&env=mWeb
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=y-ul53ELFE2orvH.TafnYScOx.jRyprbgI5w--~A&zpartnerid=570&env=mWeb
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:48 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6accb94c7cc95c68-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

date
Fri, 12 Nov 2021 03:37:47 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
text/html;charset=utf-8
location
https://mwzeom.zeotap.com/mw?cid=y-ul53ELFE2orvH.TafnYScOx.jRyprbgI5w--~A&zpartnerid=570&env=mWeb
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
mw
mwzeom.zeotap.com/ Frame 659F
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=GBR&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=7a93850a-2288-44dc-46b8-44a249f537ec&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=Fie5FP7nbpvjSRlws2MxHFyCtAKRMIm3%2BS41iYitP1U%3D
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=Fie5FP7nbpvjSRlws2MxHFyCtAKRMIm3%2BS41iYitP1U%3D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:47 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6accb948affc5c68-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:47 GMT
server
AAWebServer
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=Fie5FP7nbpvjSRlws2MxHFyCtAKRMIm3%2BS41iYitP1U%3D
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
v2
odr.mookie1.com/t/ Frame 659F 		43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=74fce569-a1fb-458a-4d4b-310e90dafe31&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=7a93850a-2288-44dc-46b8-44a249f537ec&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:47 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame 659F 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=7a93850a-2288-44dc-46b8-44a249f537ec&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.73.26 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-73-26.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:47 GMT
cache-control
private, no-cache, no-store
x-request-time
D=35 t=1636688267
x-served-by
beacon-n024-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 659F 		95 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=74fce569-a1fb-458a-4d4b-310e90dafe31&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=7a93850a-2288-44dc-46b8-44a249f537ec&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.55.233.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.233.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:47 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png
mw
mwzeom.zeotap.com/ Frame 659F
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YY3hiwAAAbzr6wBG&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=7a93850a-2288-44dc-46b8-44a...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YY3hiwAAAbzr6wBG&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=7a93850a-2288-44dc-46b8-44a249f537ec&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:47 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6accb94999225c68-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:47 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1636688268.558284,VS0,VE89
x-served-by
cache-fra19156-FRA
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YY3hiwAAAbzr6wBG&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=7a93850a-2288-44dc-46b8-44a249f537ec&zdid=1361
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
mw
mwzeom.zeotap.com/ Frame 659F
Redirect Chain
  • https://engine.widespace.com/map/ext/api/trackingcallback/v1?accessToken=zeotap-user-sync&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=7a93850a-22...
  • https://mwzeom.zeotap.com/mw?zpartnerid=395&ws_uid=ck.69ffbecc-47a9-47b3-a781-36976525f45f&zdid=1361
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=395&ws_uid=ck.69ffbecc-47a9-47b3-a781-36976525f45f&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:48 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6accb94c7cc65c68-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=395&ws_uid=ck.69ffbecc-47a9-47b3-a781-36976525f45f&zdid=1361
pragma
no-cache
date
Fri, 12 Nov 2021 03:37:47 GMT
cache-control
must-revalidate, no-store, no-cache
server
nginx/1.20.1
content-length
0
expires
-1
usermatch.gif
beacon.krxd.net/ Frame 659F
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=7a93850a-2288-44dc-46b8-44a249f537ec&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=7a93850a-2288-44dc-46b8-44a249f5...
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=7a93850a-2288-44dc-46b8-44a249f537ec&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
34.251.73.26 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-73-26.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:48 GMT
cache-control
private, no-cache, no-store
x-request-time
D=38 t=1636688268
x-served-by
beacon-n017-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=7a93850a-2288-44dc-46b8-44a249f537ec&zdid=1361
date
Fri, 12 Nov 2021 03:37:48 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a004-ash-prod.krxd.net
dcm
aax-eu.amazon-adsystem.com/s/ Frame 659F
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=74fce569-a1fb-458a-4d4b-310e90dafe31&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=74fce569-a1fb-458a-4d4b-310e90dafe31&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4...
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=74fce569-a1fb-458a-4d4b-310e90dafe31&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=7a93850a-2288-44dc-46b8-44a249f537ec&zdid=1361&dcc=t
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Server
52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:48 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
KV79MXAAC9NYZ2M1Y71R
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:47 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
17NWC6TRFQ47ATWD4FWM
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=74fce569-a1fb-458a-4d4b-310e90dafe31&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=7a93850a-2288-44dc-46b8-44a249f537ec&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 659F
Redirect Chain
  • https://tags.bluekai.com/site/87734?id=74fce569-a1fb-458a-4d4b-310e90dafe31&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
95 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:48 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6accb94d1d8a5c68-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Date
Fri, 12 Nov 2021 03:37:48 GMT
Connection
keep-alive
Content-Length
0
BK-Server
491f
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
mw
mwzeom.zeotap.com/ Frame 659F
Redirect Chain
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D74fce...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=7a93850a-2288-44dc-46b8-44a249f537ec&zdid=1361
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=7a93850a-2288-44dc-46b8-44a249f537ec&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:48 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6accb94d5dcf5c68-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=7a93850a-2288-44dc-46b8-44a249f537ec&zdid=1361
date
Fri, 12 Nov 2021 03:37:48 GMT
cross-origin-resource-policy
cross-origin
content-length
0
cors
data.ad-score.com/data/ Frame FBAC 		1 B
268 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=WtWkRBGawuvUoCKATHoeLBQpGKgyQFjo-FE7fPshldVrkKDQb03rJEkLJ-E0zCOstiaVbkPg==&pm_ct=08b7edc9f5b6a57154868ea7&pm_pl=1636688265850&pm_td=1185&pid=1000152&en=1.1&callback=__pm_glbl_mT6xxTkZjiY8zJ5wiiHRGts6._gc6&v=bf28c17
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000152
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.oann.com
Date
Fri, 12 Nov 2021 03:37:47 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
user
ads3.admatic.com.tr/ Frame A5F9 		75 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads3.admatic.com.tr/user
Requested by
Host: cdn.admatic.com.tr
URL: https://cdn.admatic.com.tr/user/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.132.147.235 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-235-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
82cf013cb80335ea02233a8e96ca1b56f5fe18e0e9cdcc375249f775f103097e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Nov 2021 03:37:47 GMT
content-encoding
br
server
AdMatic
x-powered-by
AdMatic
vary
Origin,Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
79
usermatch
ssum.casalemedia.com/ Frame A930 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D679a98072152b165%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a79955973f6f386e4e317ec831b9580352ba8ca9a29303f1d6b6a50cd98d0740

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
3|65|64|81|191|196|88|156
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1600
Expires
Fri, 12 Nov 2021 03:37:47 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:47 GMT
Connection
keep-alive
usermatch
ssum.casalemedia.com/ Frame E452 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D13da9cbf695e00d3%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ae733b9a5011dd7716f6275ac04b36ad3914ab17ce7db3d478b7a3086aa70114

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
90|41|176|47|65|57|73|13
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1600
Expires
Fri, 12 Nov 2021 03:37:47 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:47 GMT
Connection
keep-alive
usync.js
eus.rubiconproject.com/ Frame 649D 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0ab97734a7744ba95b6c3a25f32fc74029cae9a8b0e65b0f7bdeb4d1ba7b2d70

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:37:47 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Nov 2021 00:01:00 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=12168
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9510
Expires
Fri, 12 Nov 2021 07:00:35 GMT
match
c1.adform.net/serving/cookie/ Frame E240 		35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=F7758E58-A6FE-4EE5-A3E4-8A9A780B336D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D679a98072152b165%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 12 Nov 2021 03:37:47 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 5D01
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4178678748820002827
42 B
210 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4178678748820002827
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D679a98072152b165%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 12 Nov 2021 03:37:47 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug020:0:451
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4178678748820002827
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 91BC 		43 B
334 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D679a98072152b165%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Fri, 12 Nov 2021 03:37:47 GMT
content-type
image/gif
server
Kestrel
cache-control
no-cache
pragma
no-cache
expires
Fri, 12 Nov 2021 00:00:00 GMT
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
652304
Pug
simage2.pubmatic.com/AdServer/ Frame 30EC
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7029522580518533270
42 B
228 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7029522580518533270
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D679a98072152b165%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 12 Nov 2021 03:37:47 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug014:0:316
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Fri, 12 Nov 2021 03:37:47 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7029522580518533270
Pug
simage2.pubmatic.com/AdServer/ Frame F9D0
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YY3hiwAAAbzr6wBG&gdpr=0&gdpr_consent=
1 B
391 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YY3hiwAAAbzr6wBG&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D679a98072152b165%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 12 Nov 2021 03:37:47 GMT
content-type
text/html; charset=utf-8
content-length
1
x-lat
lhrpug001:0:452
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Varnish
retry-after
0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YY3hiwAAAbzr6wBG&gdpr=0&gdpr_consent=
accept-ranges
bytes
date
Fri, 12 Nov 2021 03:37:47 GMT
via
1.1 varnish
x-served-by
cache-fra19156-FRA
x-cache
HIT
x-cache-hits
0
x-timer
S1636688268.664159,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
adx
match.prod.bidr.io/cookie-sync/ Frame BF5E
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFUckRrN0RHOE1BQUQwRWZ5dW1Mdw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
43 B
430 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D679a98072152b165%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.206.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-206-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache, must-revalidate
content-type
image/gif
Date
Fri, 12 Nov 2021 03:37:47 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma
no-cache
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
43
Connection
keep-alive

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
date
Fri, 12 Nov 2021 03:37:47 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
content-length
355
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Pug
simage2.pubmatic.com/AdServer/ Frame 6E5C
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
0
107 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D679a98072152b165%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 12 Nov 2021 03:37:47 GMT
content-type
text/html; charset=utf-8
x-lat
lhrpug016:2:223
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private
content-encoding
gzip

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
content-length
0
date
Fri, 12 Nov 2021 03:37:47 GMT
server
_
dpe
ad4m.at/ad/ Frame 68DA 		15 B
915 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D679a98072152b165%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c057 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6420ab9ec6ebff1cd61333dade6ba9ac879d3617a59334148672dee6af12fec
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Fri, 12 Nov 2021 03:37:47 GMT
content-type
text/plain; charset=utf-8
content-length
15
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6accb9493b8f6916-FRA
bridge
cm.adgrx.com/ Frame 49AF 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D679a98072152b165%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.180.197 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Date
Fri, 12 Nov 2021 03:37:47 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-1
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Pug
simage2.pubmatic.com/AdServer/ Frame 12E1
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fappnexus%2F1508%2F%24UID%3Fzcc%3D0%26sspret%3D1&rndcb=3166776546
  • https://sync.1rx.io/usersync3/appnexus/1508/7051991869510472897?zcc=0&sspret=1&rndcb=3166776546
  • https://sync.targeting.unrulymedia.com/csync/RX-d09719eb-9e0b-4fa7-b0cf-b78a75f3cf54-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-d09719eb-9e0b-4fa7-b0cf-b78a75f3cf54-003
42 B
229 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-d09719eb-9e0b-4fa7-b0cf-b78a75f3cf54-003
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D679a98072152b165%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 12 Nov 2021 03:37:47 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug003:0:434
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Tengine
date
Fri, 12 Nov 2021 03:37:47 GMT
content-type
text/html
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-d09719eb-9e0b-4fa7-b0cf-b78a75f3cf54-003
etag
RXd09719eb9e0b4fa7b0cfb78a75f3cf54003
Pug
image2.pubmatic.com/AdServer/ Frame A729
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=5EUJvoksFrJIRubrTtzNXzX5
42 B
217 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=5EUJvoksFrJIRubrTtzNXzX5
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D679a98072152b165%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 12 Nov 2021 03:37:47 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug012:0:470
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
openresty
date
Fri, 12 Nov 2021 03:37:47 GMT
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=5EUJvoksFrJIRubrTtzNXzX5
strict-transport-security
max-age=0; includeSubDomains;
Pug
simage2.pubmatic.com/AdServer/ Frame 894F
Redirect Chain
  • https://core.iprom.net/cookiesync
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzcmdGw9ODY0MDA=&piggybackCookie=188361944838372
42 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzcmdGw9ODY0MDA=&piggybackCookie=188361944838372
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D679a98072152b165%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 12 Nov 2021 03:37:47 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug019:0:407
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Vary
Accept-Encoding
X-adserver-worker
avatar-3f8808c0af71@version_1.344
Connection
close
X-server-arch
v2
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzcmdGw9ODY0MDA=&piggybackCookie=188361944838372
Content-Type
text/html; charset=utf-8
Content-Length
279
X-core-time
1ms
Date
Fri, 12 Nov 2021 03:37:47 GMT
i.match
s.tribalfusion.com/z/ Frame 6339
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
442 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D679a98072152b165%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Fri, 12 Nov 2021 03:37:48 GMT
content-type
image/gif; charset=utf-8
content-length
43
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6accb94a5db668ef-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Fri, 12 Nov 2021 03:37:47 GMT
content-type
text/html
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
390
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6accb9494c9568ef-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
141
match.deepintent.com/usersync/ Frame 88B5 		0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D679a98072152b165%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

content-length
0
date
Fri, 12 Nov 2021 03:37:48 GMT
server
c
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 5119
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=99df2d6b-f89a-491a-82d2-cd98d43c0b1a-tuct8876709&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
52 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=99df2d6b-f89a-491a-82d2-cd98d43c0b1a-tuct8876709&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D679a98072152b165%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
accept-ranges
bytes
date
Fri, 12 Nov 2021 03:37:47 GMT
via
1.1 varnish
x-served-by
cache-fra19166-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1636688268.727705,VS0,VE8
content-length
0

Redirect headers

server
nginx
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=99df2d6b-f89a-491a-82d2-cd98d43c0b1a-tuct8876709&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Fri, 12 Nov 2021 03:37:47 GMT
via
1.1 varnish
x-served-by
cache-fra19166-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1636688268.682274,VS0,VE9
x-vcl-time-ms
9
content-length
0
um
u-ams02.e-planning.net/ Frame C387 		42 B
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u-ams02.e-planning.net/um?dc=a208d9366469aa64&fi=679a98072152b165&uid=F7758E58-A6FE-4EE5-A3E4-8A9A780B336D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D679a98072152b165%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
openresty
date
Fri, 12 Nov 2021 03:37:47 GMT
content-type
image/gif
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 669E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=93WOWKb-TuWj5IqaeAszbQ%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D679a98072152b165%26uid%3D
Protocol
H2
Server
2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-175.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:47 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=68223
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Fri, 12 Nov 2021 22:34:50 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:47 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 669E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=e626618d-e18b-4900-b346-8a6c848cdf60
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=e626618d-e18b-4900-b346-8a6c848cdf60
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D679a98072152b165%26uid%3D
Protocol
H2
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:46 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Fri, 12 Nov 2021 03:37:47 GMT
Server
MT3 4067 88cc6bf master cdg-pixel-x15 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=e626618d-e18b-4900-b346-8a6c848cdf60
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 12 Nov 2021 03:37:46 GMT
/
spl.zeotap.com/ Frame 669E
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=F7758E58-A6FE-4EE5-A3E4-8A9A780B336D
  • https://spl.zeotap.com/?zdid=1332&zcluid=791808e36d706488
95 B
539 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://spl.zeotap.com/?zdid=1332&zcluid=791808e36d706488
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D679a98072152b165%26uid%3D
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:47 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
6accb94aaa505c68-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://spl.zeotap.com?zdid=1332&zcluid=791808e36d706488
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame 669E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGlm5kMxiRmVI3zl98Nic6c&google_cver=1
42 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGlm5kMxiRmVI3zl98Nic6c&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D679a98072152b165%26uid%3D
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:47 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug017:0:445
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:47 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGlm5kMxiRmVI3zl98Nic6c&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 669E 		43 B
618 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D679a98072152b165%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.182 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b6.89.32a9.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:47 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Thu, 11 Nov 2021 03:37:47 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 669E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:e626618d-e18b-4900-b346-8a6c848cdf60&gdpr=0&gdpr_consent=
42 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:e626618d-e18b-4900-b346-8a6c848cdf60&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D679a98072152b165%26uid%3D
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:47 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug016:0:414
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Fri, 12 Nov 2021 03:37:47 GMT
Server
MT3 4067 88cc6bf master cdg-pixel-x26 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:e626618d-e18b-4900-b346-8a6c848cdf60&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 12 Nov 2021 03:37:46 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 669E
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1034124019680978443
42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1034124019680978443
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D679a98072152b165%26uid%3D
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:47 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug006:0:431
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:47 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1034124019680978443
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 669E
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=c6f7b90a-8be6-489e-aed8-3443d34fbebe
42 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=c6f7b90a-8be6-489e-aed8-3443d34fbebe
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D679a98072152b165%26uid%3D
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:47 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug014:0:386
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:47 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=c6f7b90a-8be6-489e-aed8-3443d34fbebe
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame 669E
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7051991869510472897&gdpr=0&gdpr_consent=
42 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7051991869510472897&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D679a98072152b165%26uid%3D
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:47 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug021:0:444
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:47 GMT
X-Proxy-Origin
91.199.118.74; 91.199.118.74; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
4d7d694d-8e14-4013-a44e-6a98d0816c54
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7051991869510472897&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
p-5aWVS_roA1dVM.gif
pixel.quantserve.com/pixel/ Frame 669E 		0
0
SPug
image4.pubmatic.com/AdServer/ Frame 669E
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=F7758E58-A6FE-4EE5-A3E4-8A9A780B336D&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Iwmnct5E2uUnxSno.1ZVd.orTrKhw7Q-~A&gdpr=0&gdpr_consent=
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Iwmnct5E2uUnxSno.1ZVd.orTrKhw7Q-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D679a98072152b165%26uid%3D
Protocol
H2
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:46 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Iwmnct5E2uUnxSno.1ZVd.orTrKhw7Q-~A&gdpr=0&gdpr_consent=
date
Fri, 12 Nov 2021 03:37:47 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
F7758E58-A6FE-4EE5-A3E4-8A9A780B336D
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 669E 		43 B
874 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/F7758E58-A6FE-4EE5-A3E4-8A9A780B336D?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D679a98072152b165%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:dc78:e42b:b41a:32a0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:47 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
Pug
simage2.pubmatic.com/AdServer/ Frame 669E
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ws.rqtrk.eu/pull?redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=p...
  • https://x.bidswitch.net/sync?dsp_id=193&user_id=&expires=1&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ca55ffaf-b038-4845-a074-417fa5b634be&gdpr=&gdpr_consent=&gdpr_pd=
1 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ca55ffaf-b038-4845-a074-417fa5b634be&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D679a98072152b165%26uid%3D
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:48 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug003:0:470
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ca55ffaf-b038-4845-a074-417fa5b634be&gdpr=&gdpr_consent=&gdpr_pd=
Date
Fri, 12 Nov 2021 03:37:48 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
current
pubmatic-match.dotomi.com/match/bounce/ Frame 669E 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=F7758E58-A6FE-4EE5-A3E4-8A9A780B336D&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D679a98072152b165%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:47 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 669E
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2365734668697577057&gdpr=0&gdpr_consent=&us_privacy=
1 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2365734668697577057&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D679a98072152b165%26uid%3D
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:47 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug011:0:387
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2365734668697577057&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Fri, 12 Nov 2021 03:37:47 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
image2.pubmatic.com/AdServer/ Frame 669E
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
42 B
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D679a98072152b165%26uid%3D
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:47 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug001:0:531
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:47 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 669E
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:4be53025-df31-49af-be1a-b56284350068&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:4be53025-df31-49af-be1a-b56284350068&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D679a98072152b165%26uid%3D
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:48 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug009:0:397
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:4be53025-df31-49af-be1a-b56284350068&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Fri, 12 Nov 2021 03:37:47 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
simage2.pubmatic.com/AdServer/ Frame 669E
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7051991869510472897
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7051991869510472897
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D679a98072152b165%26uid%3D
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:48 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug014:0:227
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:47 GMT
X-Proxy-Origin
91.199.118.74; 91.199.118.74; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
c5ee8e86-b3ff-4c46-9ddc-37812bbd1219
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7051991869510472897
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
d1ba4609
rtb.gumgum.com/getuid/ Frame 669E 		35 B
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D679a98072152b165%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.52.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-52-99.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:47 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0
bundle.js
cdn.admatic.com.tr/user/ Frame 2262 		54 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admatic.com.tr/user/bundle.js
Requested by
Host: cdn.admatic.com.tr
URL: https://cdn.admatic.com.tr/user
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
8b5cbe512fbb056de7aa42963d3bac7e38adb05e32fbe6f502b4fad3cabf57fc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/user
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:47 GMT
content-encoding
br
cdn-edgestorageid
756
cdn-fileserver
141
cdn-storageserver
DE-51
cdn-cachedat
2021-08-12 13:48:34
cdn-pullzone
266102
last-modified
Fri, 12 Mar 2021 04:24:48 GMT
server
BunnyCDN-DE1-756
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
bea626e5-d007-4073-8941-73ce8dd2f81c
cache-control
public, max-age=3600
cdn-requestid
37b3bb740836a5ccdfdd5e1e499fd349
cdn-requestcountrycode
GB
cdn-status
200
cdn-requestpullsuccess
True
um
sync.e-planning.net/ Frame 7585
Redirect Chain
  • https://sync.1rx.io/usersync2/eplanning
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fappnexus%2F2095%2F%24UID%3Fzcc%3D0%26sspret%3D1&rndcb=7237156327
  • https://sync.1rx.io/usersync3/appnexus/2095/7051991869510472897?zcc=0&sspret=1&rndcb=7237156327
  • https://sync.targeting.unrulymedia.com/csync/RX-d09719eb-9e0b-4fa7-b0cf-b78a75f3cf54-003?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3DRX-d09719eb-9e0b-4fa7-b0cf-b78a75f3cf54-003%26dc%3D1079...
  • https://sync.e-planning.net/um?uid=RX-d09719eb-9e0b-4fa7-b0cf-b78a75f3cf54-003&dc=1079cc634ca638f8&iss=1
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?uid=RX-d09719eb-9e0b-4fa7-b0cf-b78a75f3cf54-003&dc=1079cc634ca638f8&iss=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
46.249.52.248 Aalsmeer, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:48 GMT
server
openresty
content-type
image/gif

Redirect headers

location
https://sync.e-planning.net/um?uid=RX-d09719eb-9e0b-4fa7-b0cf-b78a75f3cf54-003&dc=1079cc634ca638f8&iss=1
date
Fri, 12 Nov 2021 03:37:48 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXd09719eb9e0b4fa7b0cfb78a75f3cf54003
content-type
text/html
dataxpand_28122020.js
s.e-planning.net/esb/4/1/3fb8/8a4272ba9ae263fe/ Frame 7585 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/8a4272ba9ae263fe/dataxpand_28122020.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
792e8d90eda8320b9bad0aa1aa9b98cb609ac3a72a642e6d370f40131c88ebe4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:47 GMT
content-encoding
gzip
last-modified
Mon, 28 Dec 2020 16:45:03 GMT
server
openresty
etag
W/"5fea0b8f-9a72"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Wed, 11 Nov 2026 03:37:47 GMT
retargetly_030920.js
s.e-planning.net/esb/4/1/3fb8/7bb4893a30d21aef/ Frame 7585 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/7bb4893a30d21aef/retargetly_030920.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
18cbfcb608af5885f7916274b60578d32006c90e8fce3d98dbcc89a646707608

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:47 GMT
content-encoding
gzip
last-modified
Thu, 03 Sep 2020 18:45:03 GMT
server
openresty
etag
W/"5f5139af-857"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Wed, 11 Nov 2026 03:37:47 GMT
ptag
a.audrte.com/ Frame 7585 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.28.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-28-97.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
7a349630f46773b993f243b2ef0f26a88304fde74466717161d74b09c6a9fd2f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:37:47 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1682
lotame.js
s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/ Frame 7585 		266 B
415 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:47 GMT
content-encoding
gzip
last-modified
Thu, 19 Nov 2020 16:18:03 GMT
server
openresty
etag
W/"5fb69abb-10a"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Wed, 11 Nov 2026 03:37:47 GMT
current
prebid-match.dotomi.com/match/bounce/ Frame 7585 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-match.dotomi.com/match/bounce/current?networkId=72582&version=1&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi%3D13da9cbf695e00d3%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:47 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame 7585
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D13da9cbf695e00d3
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
95 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
162.55.233.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.233.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:48 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png

Redirect headers

location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
date
Fri, 12 Nov 2021 03:37:47 GMT
server
nginx/1.14.2
content-type
text/html; charset=UTF-8
us
sync.go.sonobi.com/ Frame 7585 		0
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3D13da9cbf695e00d3%26uid%3D%5BUID%5D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:47 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
um
sync.e-planning.net/ Frame 7585
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58414/occ
  • https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-M2iu6oNE2uH9BCA7nc0lZZ320v3ogD.GRbxXZoA-~A
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-M2iu6oNE2uH9BCA7nc0lZZ320v3ogD.GRbxXZoA-~A
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
46.249.52.248 Aalsmeer, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:48 GMT
server
openresty
content-type
image/gif

Redirect headers

location
https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-M2iu6oNE2uH9BCA7nc0lZZ320v3ogD.GRbxXZoA-~A
date
Fri, 12 Nov 2021 03:37:47 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
um
u-ams02.e-planning.net/ Frame 7585
Redirect Chain
  • https://cs.admanmedia.com/sync/eplanning?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D227acb3d18564968%26fi%3D13da9cbf695e00d3%26uid%3D%7B%24UID%7D
  • https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=13da9cbf695e00d3&uid=8905320fd96316601b5036f2c7ff5ee29069c9b4
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=13da9cbf695e00d3&uid=8905320fd96316601b5036f2c7ff5ee29069c9b4
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:48 GMT
server
openresty
content-type
image/gif

Redirect headers

Location
https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=13da9cbf695e00d3&uid=8905320fd96316601b5036f2c7ff5ee29069c9b4
Date
Fri, 12 Nov 2021 03:37:47 GMT
Transfer-Encoding
chunked
Server
nginx
Connection
keep-alive
X-Frame-Options
DENY
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
/
onetag-sys.com/usync/ Frame 6515 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame 702E 		322 B
662 B 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5666efd9a26f31d299ff0215a2cda39e0130ef2b365b5a18661cbe7ec69bd82

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

date
Fri, 12 Nov 2021 03:37:47 GMT
content-type
text/html
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6accb94958c95c68-FRA
content-encoding
br
cc.js
tags.crwdcntrl.net/c/15238/ Frame FF0A 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-128.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 16:20:14 GMT
content-encoding
gzip
etag
W/"2b2f816f40499d384e118ce88a266e02"
last-modified
Thu, 02 Jul 2020 15:35:12 GMT
server
AmazonS3
age
40654
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
via
1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
xQUutXMHkr0KgQk3WuDOUNJkvisngK3MRdQierxxMAg5bWbYy8gudQ==
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame D457 		636 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

server
openresty
date
Fri, 12 Nov 2021 03:37:47 GMT
content-type
text/html
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
etag
W/"601b131c-27c"
expires
Wed, 11 Nov 2026 03:37:47 GMT
cache-control
max-age=157680000
access-control-allow-origin
*
content-encoding
gzip
e-planning
sync.quantumdex.io/usersync/ Frame 3BA6 		3 KB
771 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/e-planning
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
635a679e77bd1aff2de028aeacf8fee3186d3a8fb5cadca8f47323280eb28958

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

date
Fri, 12 Nov 2021 03:37:47 GMT
content-type
text/html
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6accb94969024de8-FRA
content-encoding
gzip
csync
sync.console.adtarget.com.tr/ Frame 357D 		0
0
usync.js
eus.rubiconproject.com/ Frame DAF8 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0ab97734a7744ba95b6c3a25f32fc74029cae9a8b0e65b0f7bdeb4d1ba7b2d70

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:37:47 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Nov 2021 00:01:00 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=12168
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9510
Expires
Fri, 12 Nov 2021 07:00:35 GMT
usync.js
eus.rubiconproject.com/ Frame AA6F 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0ab97734a7744ba95b6c3a25f32fc74029cae9a8b0e65b0f7bdeb4d1ba7b2d70

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17184-d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:37:47 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Nov 2021 00:01:00 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=12168
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9510
Expires
Fri, 12 Nov 2021 07:00:35 GMT
GS.d
js.cookieless-data.com/ Frame CEED 		0
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1636688267360
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.15.145.115 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
51-15-145-115.rev.poneytelecom.eu
Software
nginx/1.11.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:47 GMT
Server
nginx/1.11.3
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
/
onetag-sys.com/usync/ Frame 9345 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame 8786 		322 B
669 B 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7409f3121e09f9154aea54dcb9f50fce06993c9af4f8fc13bc314cca4a6b7a8e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

date
Fri, 12 Nov 2021 03:37:47 GMT
content-type
text/html
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6accb949a9345c68-FRA
content-encoding
br
cc.js
tags.crwdcntrl.net/c/15238/ Frame 34E1 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-128.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 16:20:14 GMT
content-encoding
gzip
etag
W/"2b2f816f40499d384e118ce88a266e02"
last-modified
Thu, 02 Jul 2020 15:35:12 GMT
server
AmazonS3
age
40654
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
via
1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
4klfnZJZyvCUOLRveS9_TrlhzOwFOuwSE4EHBLw3TdnEd-YKBfFpAg==
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame 9812 		636 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

server
openresty
date
Fri, 12 Nov 2021 03:37:47 GMT
content-type
text/html
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
etag
W/"601b131c-27c"
expires
Wed, 11 Nov 2026 03:37:47 GMT
cache-control
max-age=157680000
access-control-allow-origin
*
content-encoding
gzip
e-planning
sync.quantumdex.io/usersync/ Frame AB43 		3 KB
748 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/e-planning
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ffd50cc01f20a5a0968fc9f6e8d12e41e19579de86b0f5efd5e12d72b37a94e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

date
Fri, 12 Nov 2021 03:37:47 GMT
content-type
text/html
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6accb949b94c4de8-FRA
content-encoding
gzip
csync
sync.adtelligent.com/ Frame 9946 		0
0
1.gif
id5-sync.com/c/495/0/0/ Frame 457A
Redirect Chain
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
HTTP/1.1
Server
54.36.109.48 , France, ASN16276 (OVH, FR),
Reverse DNS
p03.id5-sync.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:36:40 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"

Redirect headers

Location
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Date
Fri, 12 Nov 2021 03:36:40 GMT
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"
setuid
sync.quantumdex.io/ Frame 457A
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=7051991869510472897
43 B
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=7051991869510472897
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Server
2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6accb94aea3e4de8-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:47 GMT
X-Proxy-Origin
91.199.118.74; 91.199.118.74; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
55dd63dd-e68e-4aa2-ab5f-8084fb96cba3
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=7051991869510472897
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 457A
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7051991869510472897
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7051991869510472897
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Server
2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6accb94ccbf74de8-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:47 GMT
X-Proxy-Origin
91.199.118.74; 91.199.118.74; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
25667739-660c-4479-821f-8b9c17cfc2a3
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7051991869510472897
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 457A
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-M2iu6oNE2uH9BCA7nc0lZZ320v3ogD.GRbxXZoA-~A
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-M2iu6oNE2uH9BCA7nc0lZZ320v3ogD.GRbxXZoA-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Server
2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6accb94ccbf44de8-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-M2iu6oNE2uH9BCA7nc0lZZ320v3ogD.GRbxXZoA-~A
date
Fri, 12 Nov 2021 03:37:47 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
us
sync.go.sonobi.com/ Frame 457A 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:47 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
setuid
sync.quantumdex.io/ Frame 457A
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=5ee363ec-65cc-449b-b60a-7f7f20c864da
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=5ee363ec-65cc-449b-b60a-7f7f20c864da
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Server
2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6accb94cfc244de8-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=5ee363ec-65cc-449b-b60a-7f7f20c864da
date
Fri, 12 Nov 2021 03:37:48 GMT
content-length
0
um
sync.e-planning.net/ Frame 457A 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?dc=bcf310d1654d268f&iss=1&uid=f5da6221-280f-4c52-ae01-77e4f57e7ed5
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 Aalsmeer, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:47 GMT
server
openresty
content-type
image/gif
userconnect.js
js.adscale.de/ Frame 534D 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/userconnect.js
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:8600:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
58ed344732766704ee535508e3dcd8d4a8ec0c9c79d16adf02293adde110926c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
e4aoS_wI4Xx4CR.MbR6sut3AyCIgCWfz
content-encoding
br
last-modified
Thu, 11 Nov 2021 06:45:10 GMT
server
AmazonS3
age
3156
etag
W/"98f37b242862929d9aef4bde91abc8ad"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 5297df6326448099cefed6e96fd7b00b.cloudfront.net (CloudFront)
cache-control
max-age=7200
date
Fri, 12 Nov 2021 02:45:11 GMT
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
JuVfSYOxMK2ECnG-S9isw_ZSP4tGAzhAUoCyH9OO6O8H9gWqxT0XcQ==
csync
sync.console.adtarget.com.tr/ Frame 534D 		0
0
csync
sync.console.adtarget.com.tr/ Frame BC22 		0
0
userconnect.js
js.adscale.de/ Frame BC22 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/userconnect.js
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:8600:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
58ed344732766704ee535508e3dcd8d4a8ec0c9c79d16adf02293adde110926c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
e4aoS_wI4Xx4CR.MbR6sut3AyCIgCWfz
content-encoding
br
last-modified
Thu, 11 Nov 2021 06:45:10 GMT
server
AmazonS3
age
3156
etag
W/"98f37b242862929d9aef4bde91abc8ad"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 5297df6326448099cefed6e96fd7b00b.cloudfront.net (CloudFront)
cache-control
max-age=7200
date
Fri, 12 Nov 2021 02:45:11 GMT
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
sbV_ALCRF47XPVJpKiUwImjrYVf4dIyzQ8TFX9OKryKLrxx3VTuskA==
usync.html
eus.rubiconproject.com/ Frame B93D
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40019-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 12 Nov 2021 03:37:47 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Date
Fri, 12 Nov 2021 03:37:47 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 07B4 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D13da9cbf695e00d3%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-175.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=68223
expires
Fri, 12 Nov 2021 22:34:50 GMT
date
Fri, 12 Nov 2021 03:37:47 GMT
vary
Accept-Encoding
new
ads3.admatic.com.tr/user/ Frame A5F9 		169 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads3.admatic.com.tr/user/new
Requested by
Host: cdn.admatic.com.tr
URL: https://cdn.admatic.com.tr/user/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.132.147.235 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-235-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
d032d6b09e7fa595cb942c8ef3f80cea401618adb42195e60e5726dd31ba2c2a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Nov 2021 03:37:47 GMT
content-encoding
br
etag
sdbf5SiIfs3k4y8W3nq7cH4OFwFtp3GQFjDcjQdV7vM1j-1B3-eM9h7js_Va8adOYIu08EP3I5M-_JC05n3HKQ
last-modified
Fri, 12 Nov 2021 04:37:47 GMT
server
AdMatic
x-powered-by
AdMatic
vary
Origin,Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
173
pbsync
usermatch.targeting.unrulymedia.com/ Frame 75A9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=&consent=&us_privacy=&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.44 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

server
Tengine
date
Fri, 12 Nov 2021 03:37:47 GMT
uc.html
sync.go.sonobi.com/ Frame 8D10 		43 B
551 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

Date
Fri, 12 Nov 2021 03:37:47 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
X-Xss-Protection
0
Content-Encoding
gzip
Server
sonobi-go
usermatch
ssum-sec.casalemedia.com/ Frame 5650 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
86753168014c73316c076268cd4f9859f3240a193ab2334b2839f1f741a7245e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
105|188|31|10|65|218|8|191
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1377
Expires
Fri, 12 Nov 2021 03:37:47 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:47 GMT
Connection
keep-alive
/
onetag-sys.com/usync/ Frame 8B1F 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
crum
dsum-sec.casalemedia.com/ Frame A930
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=e626618d-e18b-4900-b346-8a6c848cdf60&gdpr=1&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=e626618d-e18b-4900-b346-8a6c848cdf60&gdpr=1&gdpr_consent=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D679a98072152b165%26uid%3D
Protocol
HTTP/1.1
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 12 Nov 2021 03:37:48 GMT

Redirect headers

Date
Fri, 12 Nov 2021 03:37:47 GMT
Server
MT3 4067 88cc6bf master cdg-pixel-x30 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=e626618d-e18b-4900-b346-8a6c848cdf60&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 12 Nov 2021 03:37:46 GMT
rum
dsum.casalemedia.com/ Frame A930
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1636774668&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1636774668&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D679a98072152b165%26uid%3D
Protocol
HTTP/1.1
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Fri, 12 Nov 2021 03:37:48 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1636774668&gdpr=1
pragma
no-cache
date
Fri, 12 Nov 2021 03:37:48 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame A930
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1639280268
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1639280268
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D679a98072152b165%26uid%3D
Protocol
HTTP/1.1
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 12 Nov 2021 03:37:48 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:47 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1639280268
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
p-Z8PuJEk6U7Hyq.gif
pixel.quantserve.com/pixel/ Frame A930 		0
0
index
dmp.brand-display.com/cm/api/ Frame A930 		43 B
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D679a98072152b165%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.40.233 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
233.40.241.35.bc.googleusercontent.com
Software
nginx/1.21.4 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:49 GMT
via
1.1 google
last-modified
Fri, 12 Nov 2021 03:37:49 GMT
server
nginx/1.21.4
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc
clear
content-length
43
expires
Fri, 12 Nov 2021 03:37:50 GMT
us.php
gu.dyntrk.com/adx/ie/ Frame A930 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D679a98072152b165%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
135.125.160.160 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3198892.ip-135-125-160.eu
Software
proxy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate, no-transform
x-rc
10
server
proxy
content-length
0
content-type
text/plain
ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame A930 		85 B
169 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D679a98072152b165%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:48 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1636688268.278563,VS0,VE90
x-served-by
cache-fra19156-FRA
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-type
image/png
content-length
85
x-cache-hits
0
cookiesync
bttrack.com/pixel/ Frame A930 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D679a98072152b165%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

X-ServerName
Track001-dc3
Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:44 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
um
u-ams02.e-planning.net/ Frame A930 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=99e41df815fd80b4&fi=679a98072152b165&uid=YY3hh-hBgT.uGKmO4CBSjQAA%261130
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D679a98072152b165%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:48 GMT
server
openresty
content-type
image/gif
usermatch
ssum.casalemedia.com/ Frame 4226 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D13da9cbf695e00d3%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d78d4b74032cd48fef0edeb4703055cb67870a4288f2df561cbc049bab44901f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
5|152|195|238|130|88|90|46
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1611
Expires
Fri, 12 Nov 2021 03:37:48 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:48 GMT
Connection
keep-alive
async_usersync
ib.adnxs.com/ Frame 440D 		0
731 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=3153&pub_id=1798592&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=3153&pub_id=1798592
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:48 GMT
X-Proxy-Origin
91.199.118.74; 91.199.118.74; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
eda92f33-1e0b-4088-9c59-ef18b8528067
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
no_match_opted_out
um.simpli.fi/ Frame E452
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
  • https://um.simpli.fi/no_match_opted_out
0
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/no_match_opted_out
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D13da9cbf695e00d3%26uid%3D
Protocol
H2
Server
169.50.137.182 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b6.89.32a9.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 12 Nov 2021 03:37:48 GMT
x-content-type-options
nosniff
server
nginx
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS

Redirect headers

date
Fri, 12 Nov 2021 03:37:48 GMT
x-content-type-options
nosniff
server
nginx
location
/no_match_opted_out
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Thu, 11 Nov 2021 03:37:48 GMT
bridge
cm.adgrx.com/ Frame E452 		43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D13da9cbf695e00d3%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.180.197 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:48 GMT
server
Cowboy
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
ams-delivery-1
Content-Length
43
Expires
Thu, 23 Sep 2004 17:42:04 GMT
113
match.deepintent.com/usersync/ Frame E452 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/113
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D13da9cbf695e00d3%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:48 GMT
content-length
0
server
c
crum
dsum-sec.casalemedia.com/ Frame E452
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=LlpRG4f11MLnnS5&gdpr=1
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=LlpRG4f11MLnnS5&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D13da9cbf695e00d3%26uid%3D
Protocol
HTTP/1.1
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 12 Nov 2021 03:37:48 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:48 GMT
Server
PingMatch/v2.0.30-691-gbabbd08#rel-ec2-master i-09c412c5345d1bfc7@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=LlpRG4f11MLnnS5&gdpr=1
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum.casalemedia.com/ Frame E452
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1636774668&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1636774668&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D13da9cbf695e00d3%26uid%3D
Protocol
HTTP/1.1
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Fri, 12 Nov 2021 03:37:48 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1636774668&gdpr=1
pragma
no-cache
date
Fri, 12 Nov 2021 03:37:48 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
crum
dsum-sec.casalemedia.com/ Frame E452
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1991787311400296336
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1991787311400296336
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D13da9cbf695e00d3%26uid%3D
Protocol
HTTP/1.1
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 12 Nov 2021 03:37:48 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1991787311400296336
Date
Fri, 12 Nov 2021 03:37:48 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
YY3hh_hBgT-uGKmO4CBSjQAABGoAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame E452 		43 B
874 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YY3hh_hBgT-uGKmO4CBSjQAABGoAAAAB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D13da9cbf695e00d3%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:dc78:e42b:b41a:32a0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:48 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
crum
dsum-sec.casalemedia.com/ Frame E452
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D13da9cbf695e00d3%26uid%3D
Protocol
HTTP/1.1
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 12 Nov 2021 03:37:48 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
Date
Fri, 12 Nov 2021 03:37:48 GMT
Access-Control-Allow-Credentials
true
X-Powered-By
Express
Content-Length
0
Vary
Origin
Keep-Alive
timeout=5
um
u-ams02.e-planning.net/ Frame E452 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=99e41df815fd80b4&fi=13da9cbf695e00d3&uid=YY3hh-hBgT.uGKmO4CBSjQAA%261130
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D13da9cbf695e00d3%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:48 GMT
server
openresty
content-type
image/gif
user
ads3.admatic.com.tr/ Frame 2262 		75 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads3.admatic.com.tr/user
Requested by
Host: cdn.admatic.com.tr
URL: https://cdn.admatic.com.tr/user/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.132.147.235 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-235-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
82cf013cb80335ea02233a8e96ca1b56f5fe18e0e9cdcc375249f775f103097e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Nov 2021 03:37:48 GMT
content-encoding
br
server
AdMatic
x-powered-by
AdMatic
vary
Origin,Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
79
csync
sync.console.adtarget.com.tr/ Frame A5F9 		0
0
/
onetag-sys.com/usync/ Frame 7188 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame EC66 		322 B
942 B 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
323b6662d9788c619fc12a07918d99a2f0c43fe9913394b0f131bb42c6eef7b3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

date
Fri, 12 Nov 2021 03:37:48 GMT
content-type
text/html
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6accb94cfd665c68-FRA
content-encoding
br
cc.js
tags.crwdcntrl.net/c/15238/ Frame 7585 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-128.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 16:20:14 GMT
content-encoding
gzip
etag
W/"2b2f816f40499d384e118ce88a266e02"
last-modified
Thu, 02 Jul 2020 15:35:12 GMT
server
AmazonS3
age
40655
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
via
1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
3Cabu8pDBLUrHk4wZLjvxKvGUzx7TVBWijy-_MY5Q5c7T9hqR3jEDQ==
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame B2DF 		636 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

server
openresty
date
Fri, 12 Nov 2021 03:37:48 GMT
content-type
text/html
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
etag
W/"601b131c-27c"
expires
Wed, 11 Nov 2026 03:37:48 GMT
cache-control
max-age=157680000
access-control-allow-origin
*
content-encoding
gzip
e-planning
sync.quantumdex.io/usersync/ Frame CE49 		2 KB
720 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/e-planning
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83e252cab3c54193e9c6488bc6422c6c50ad10432db7029c171cf6257e1788c5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

date
Fri, 12 Nov 2021 03:37:48 GMT
content-type
text/html
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6accb94d3c4f4de8-FRA
content-encoding
gzip
csync
sync.console.adtarget.com.tr/ Frame 68F3 		0
0
mw
mwzeom.zeotap.com/ Frame 702E
Redirect Chain
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D74fce...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=f5d307ae-8714-473a-7892-d16ea52d38bb&zdid=1361
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=f5d307ae-8714-473a-7892-d16ea52d38bb&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:48 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6accb94dee4f5c68-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=f5d307ae-8714-473a-7892-d16ea52d38bb&zdid=1361
date
Fri, 12 Nov 2021 03:37:48 GMT
cross-origin-resource-policy
cross-origin
content-length
0
mw
mwzeom.zeotap.com/ Frame 8786
Redirect Chain
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D74fce...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=0682e9bb-0774-4bde-7509-63829b47b26d&zdid=1361
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=0682e9bb-0774-4bde-7509-63829b47b26d&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:48 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6accb94dee505c68-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=0682e9bb-0774-4bde-7509-63829b47b26d&zdid=1361
date
Fri, 12 Nov 2021 03:37:48 GMT
cross-origin-resource-policy
cross-origin
content-length
0
userconnect
ih.adscale.de/ Frame 534D 		149 B
224 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/userconnect?ssl=1&sid=0&cbfn=stroeerCoreConnect&ts=1636688267982&umd=false&gdpr=0&gdpr_version=2&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.138.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-138-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:48 GMT
content-length
149
content-type
application/javascript
userconnect
ih.adscale.de/ Frame BC22 		149 B
224 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/userconnect?ssl=1&sid=0&cbfn=stroeerCoreConnect&ts=1636688267985&umd=false&gdpr=0&gdpr_version=2&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.138.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-138-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:48 GMT
content-length
149
content-type
application/javascript
new
ads3.admatic.com.tr/user/ Frame 2262 		169 B
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads3.admatic.com.tr/user/new
Requested by
Host: cdn.admatic.com.tr
URL: https://cdn.admatic.com.tr/user/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.132.147.235 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-235-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
ee973cd8f7747455ef48e93aee97bd3cd8175ebb8b67594f7edd2018809ad120

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Nov 2021 03:37:48 GMT
content-encoding
br
etag
Wcn49K6rXx5FFBJoMt3ALirryGp4Spkl9lDYGEVtnB20g_Ls31CwpQNe5wibsYKfYEYo6v7lov1c4_1Q5zf-vg
last-modified
Fri, 12 Nov 2021 04:37:48 GMT
server
AdMatic
x-powered-by
AdMatic
vary
Origin,Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
173
usync.js
eus.rubiconproject.com/ Frame B93D 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0ab97734a7744ba95b6c3a25f32fc74029cae9a8b0e65b0f7bdeb4d1ba7b2d70

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:37:48 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Nov 2021 00:01:00 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=12167
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9510
Expires
Fri, 12 Nov 2021 07:00:35 GMT
setuid
sync.quantumdex.io/ Frame 3BA6
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=7051991869510472897
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=7051991869510472897
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Server
2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6accb94e1d334de8-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:48 GMT
X-Proxy-Origin
91.199.118.74; 91.199.118.74; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
cdd1cec5-54dc-4e74-95e4-3e7131bd2d9e
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=7051991869510472897
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 3BA6
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7051991869510472897
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7051991869510472897
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Server
2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6accb94e1d354de8-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:48 GMT
X-Proxy-Origin
91.199.118.74; 91.199.118.74; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
96fdbd1c-ffda-4e8f-878d-73d7dcc3545b
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7051991869510472897
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 3BA6
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-M2iu6oNE2uH9BCA7nc0lZZ320v3ogD.GRbxXZoA-~A
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-M2iu6oNE2uH9BCA7nc0lZZ320v3ogD.GRbxXZoA-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Server
2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6accb94e4d4d4de8-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-M2iu6oNE2uH9BCA7nc0lZZ320v3ogD.GRbxXZoA-~A
date
Fri, 12 Nov 2021 03:37:48 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
us
sync.go.sonobi.com/ Frame 3BA6 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:48 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
setuid
sync.quantumdex.io/ Frame 3BA6
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=5ee363ec-65cc-449b-b60a-7f7f20c864da
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=5ee363ec-65cc-449b-b60a-7f7f20c864da
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Server
2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6accb94e4d4b4de8-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=5ee363ec-65cc-449b-b60a-7f7f20c864da
date
Fri, 12 Nov 2021 03:37:48 GMT
content-length
0
0.gif
id5-sync.com/i/495/ Frame 3BA6 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.109.48 , France, ASN16276 (OVH, FR),
Reverse DNS
p03.id5-sync.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:36:41 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"
um
sync.e-planning.net/ Frame 3BA6 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?dc=bcf310d1654d268f&iss=1&uid=f5da6221-280f-4c52-ae01-77e4f57e7ed5
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 Aalsmeer, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:48 GMT
server
openresty
content-type
image/gif
async_usersync
ib.adnxs.com/ Frame E491 		0
731 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:48 GMT
X-Proxy-Origin
91.199.118.74; 91.199.118.74; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
84f6f125-7df6-41ce-8667-2c2f9df5abdf
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame AB43
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7051991869510472897
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7051991869510472897
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Server
2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6accb94e2d374de8-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:48 GMT
X-Proxy-Origin
91.199.118.74; 91.199.118.74; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
7c4a9d45-0681-4427-9e12-713148e1d2ad
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7051991869510472897
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame AB43
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=7051991869510472897
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=7051991869510472897
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Server
2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6accb94e2d394de8-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:48 GMT
X-Proxy-Origin
91.199.118.74; 91.199.118.74; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
606cd3aa-32d4-4424-a255-a84c243ff768
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=7051991869510472897
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame AB43
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-M2iu6oNE2uH9BCA7nc0lZZ320v3ogD.GRbxXZoA-~A
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-M2iu6oNE2uH9BCA7nc0lZZ320v3ogD.GRbxXZoA-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Server
2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6accb94e5d5b4de8-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-M2iu6oNE2uH9BCA7nc0lZZ320v3ogD.GRbxXZoA-~A
date
Fri, 12 Nov 2021 03:37:48 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
us
sync.go.sonobi.com/ Frame AB43 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:48 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
setuid
sync.quantumdex.io/ Frame AB43
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=5ee363ec-65cc-449b-b60a-7f7f20c864da
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=5ee363ec-65cc-449b-b60a-7f7f20c864da
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Server
2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6accb94e5d544de8-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=5ee363ec-65cc-449b-b60a-7f7f20c864da
date
Fri, 12 Nov 2021 03:37:48 GMT
content-length
0
0.gif
id5-sync.com/i/495/ Frame AB43 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.109.48 , France, ASN16276 (OVH, FR),
Reverse DNS
p03.id5-sync.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:36:41 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"
um
sync.e-planning.net/ Frame AB43 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?dc=bcf310d1654d268f&iss=1&uid=f5da6221-280f-4c52-ae01-77e4f57e7ed5
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 Aalsmeer, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:48 GMT
server
openresty
content-type
image/gif
GS.d
js.cookieless-data.com/ Frame D457 		0
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1636688268038
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.15.145.115 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
51-15-145-115.rev.poneytelecom.eu
Software
nginx/1.11.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:48 GMT
Server
nginx/1.11.3
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 5650
Redirect Chain
  • https://d.adroll.com/cm/index/ssp?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 12 Nov 2021 03:37:48 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Fri, 12 Nov 2021 03:37:48 GMT
server
nginx/1.20.0
content-length
76
CookieIndex
rtb.adentifi.com/ Frame 5650 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.236.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-236-90.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
noop
px.owneriq.net/ Frame 5650
Redirect Chain
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6899746681820172104&uid=Q6899746681820172104&ref=%2Feucm%2Fp%2Fcc
  • https://px.owneriq.net/noop?ct=image%2Fgif
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.owneriq.net/noop?ct=image%2Fgif
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-53.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:37:48 GMT
Server
Apache/2.2.15 (CentOS)
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By
PHP/5.3.3
Content-Length
0
Content-Type
image/gif

Redirect headers

Location
https://px.owneriq.net/noop?ct=image%2Fgif
Date
Fri, 12 Nov 2021 03:37:48 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
crum
dsum-sec.casalemedia.com/ Frame 5650
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=8
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=621636589522
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=621636589522
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 12 Nov 2021 03:37:48 GMT

Redirect headers

access-control-allow-origin
*
content-length
0
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=621636589522
rum
dsum.casalemedia.com/ Frame 5650
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1636774668&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1636774668&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Fri, 12 Nov 2021 03:37:48 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1636774668&gdpr=1
pragma
no-cache
date
Fri, 12 Nov 2021 03:37:48 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
ibs:dpid=23728&dpuuid=YY3hh-hBgT.uGKmO4CBSjQAA%261130
dpm.demdex.net/ Frame 5650 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YY3hh-hBgT.uGKmO4CBSjQAA%261130?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.44.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-44-171.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
crum
dsum-sec.casalemedia.com/ Frame 5650
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=485a810d-9b8f-4f0e-b9d0-5b5a9c7c902a&expiration=1668224268
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=485a810d-9b8f-4f0e-b9d0-5b5a9c7c902a&expiration=1668224268
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 12 Nov 2021 03:37:48 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=485a810d-9b8f-4f0e-b9d0-5b5a9c7c902a&expiration=1668224268
date
Fri, 12 Nov 2021 03:37:48 GMT
server
Kestrel
content-length
0
index
dmp.brand-display.com/cm/api/ Frame 5650 		43 B
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.40.233 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
233.40.241.35.bc.googleusercontent.com
Software
nginx/1.21.4 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:53 GMT
via
1.1 google
last-modified
Fri, 12 Nov 2021 03:37:51 GMT
server
nginx/1.21.4
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc
clear
content-length
43
expires
Fri, 12 Nov 2021 03:37:52 GMT
setuid
sync.quantumdex.io/ Frame 5650 		43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YY3hh_hBgT-uGKmO4CBSjQAABGoAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6accb94e2d364de8-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
GS.d
js.cookieless-data.com/ Frame 9812 		0
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1636688268051
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.15.145.115 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
51-15-145-115.rev.poneytelecom.eu
Software
nginx/1.11.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:48 GMT
Server
nginx/1.11.3
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
pbsync
usermatch.targeting.unrulymedia.com/ Frame AADD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=&consent=&us_privacy=&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.44 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

server
Tengine
date
Fri, 12 Nov 2021 03:37:48 GMT
uc.html
sync.go.sonobi.com/ Frame EDBA 		43 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

Date
Fri, 12 Nov 2021 03:37:48 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
X-Xss-Protection
0
Content-Encoding
gzip
Server
sonobi-go
usermatch
ssum-sec.casalemedia.com/ Frame 612C 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b0c27484f38fc3167519675628eb57247accdae03d07acae005b8988d0e916fa

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
109|190|221|13|206|81|90|191
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1658
Expires
Fri, 12 Nov 2021 03:37:48 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:48 GMT
Connection
keep-alive
/
onetag-sys.com/usync/ Frame D14A 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
ix
ad4m.at/ad/sim/ Frame 4226 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix?gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D13da9cbf695e00d3%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c057 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
crum
dsum-sec.casalemedia.com/ Frame 4226
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=fb11b811-7f6b-44fa-b783-950c97ba75f9
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=fb11b811-7f6b-44fa-b783-950c97ba75f9
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D13da9cbf695e00d3%26uid%3D
Protocol
HTTP/1.1
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 12 Nov 2021 03:37:48 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:48 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=fb11b811-7f6b-44fa-b783-950c97ba75f9
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 4226
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-100b4fc9-99f8-4b85-97b9-d02dd4a6b1c1
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-100b4fc9-99f8-4b85-97b9-d02dd4a6b1c1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D13da9cbf695e00d3%26uid%3D
Protocol
HTTP/1.1
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 12 Nov 2021 03:37:48 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-100b4fc9-99f8-4b85-97b9-d02dd4a6b1c1
date
Fri, 12 Nov 2021 03:37:48 GMT
server
Apache-Coyote/1.1
content-length
0
461886.gif
idsync.rlcdn.com/ Frame 4226 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/461886.gif?partner_uid=YY3hh-hBgT.uGKmO4CBSjQAA%261130&&gdpr_consent=&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D13da9cbf695e00d3%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
ie
match.prod.bidr.io/cookie-sync/ Frame 4226 		43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D13da9cbf695e00d3%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.206.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-206-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:48 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame 4226 		85 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D13da9cbf695e00d3%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:48 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1636688269.524162,VS0,VE90
x-served-by
cache-fra19156-FRA
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-type
image/png
content-length
85
x-cache-hits
0
no_match_opted_out
um.simpli.fi/ Frame 4226
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
  • https://um.simpli.fi/no_match_opted_out
0
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/no_match_opted_out
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D13da9cbf695e00d3%26uid%3D
Protocol
H2
Server
169.50.137.182 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b6.89.32a9.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 12 Nov 2021 03:37:48 GMT
x-content-type-options
nosniff
server
nginx
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS

Redirect headers

date
Fri, 12 Nov 2021 03:37:48 GMT
x-content-type-options
nosniff
server
nginx
location
/no_match_opted_out
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Thu, 11 Nov 2021 03:37:48 GMT
getuid
secure.adnxs.com/ Frame 4226 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D13da9cbf695e00d3%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
um
u-ams02.e-planning.net/ Frame 4226 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=99e41df815fd80b4&fi=13da9cbf695e00d3&uid=YY3hh-hBgT.uGKmO4CBSjQAA%261130
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D13da9cbf695e00d3%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:48 GMT
server
openresty
content-type
image/gif
pbsync
usermatch.targeting.unrulymedia.com/ Frame B59A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=&consent=&us_privacy=&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.44 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

server
Tengine
date
Fri, 12 Nov 2021 03:37:48 GMT
uc.html
sync.go.sonobi.com/ Frame F0C2 		43 B
551 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

Date
Fri, 12 Nov 2021 03:37:48 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
X-Xss-Protection
0
Content-Encoding
gzip
Server
sonobi-go
usermatch
ssum-sec.casalemedia.com/ Frame 3922 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6c0cdf727021e74378a034573724ec61f489e640d24073bbe3b69ee23081842d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
190|239|221|111|57|90|105|191
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1495
Expires
Fri, 12 Nov 2021 03:37:48 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:48 GMT
Connection
keep-alive
/
onetag-sys.com/usync/ Frame DCAD 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
mw
mwzeom.zeotap.com/ Frame EC66
Redirect Chain
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D74fce...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=f77a3882-07f9-4bd2-5051-3f418d40b33f&zdid=1361
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=f77a3882-07f9-4bd2-5051-3f418d40b33f&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:48 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6accb94ecf315c68-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=f77a3882-07f9-4bd2-5051-3f418d40b33f&zdid=1361
date
Fri, 12 Nov 2021 03:37:48 GMT
cross-origin-resource-policy
cross-origin
content-length
0
map
ih.adscale.de/ Frame CA46 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.138.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-138-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
b9a441f9dabed6feda1876c11a790ca636201a388128b3b987693568e87e3588

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/

Response headers

date
Fri, 12 Nov 2021 03:37:48 GMT
content-type
text/html;charset=ISO-8859-1
content-length
2442
map
ih.adscale.de/ Frame E7A5 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.138.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-138-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
c98f8e5ce9cd7e49eb8eeb510a7bac80e404a64f75d2897b76e34d5a24e43a25

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/

Response headers

date
Fri, 12 Nov 2021 03:37:48 GMT
content-type
text/html;charset=ISO-8859-1
content-length
2442
GS.d
js.cookieless-data.com/ Frame B2DF 		0
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1636688268195
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.15.145.115 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
51-15-145-115.rev.poneytelecom.eu
Software
nginx/1.11.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:48 GMT
Server
nginx/1.11.3
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
us
sync.go.sonobi.com/ Frame CE49 		0
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:48 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
0.gif
id5-sync.com/i/495/ Frame CE49 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.109.48 , France, ASN16276 (OVH, FR),
Reverse DNS
p03.id5-sync.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:36:41 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"
um
sync.e-planning.net/ Frame CE49 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?dc=bcf310d1654d268f&iss=1&uid=f5da6221-280f-4c52-ae01-77e4f57e7ed5
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 Aalsmeer, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:48 GMT
server
openresty
content-type
image/gif
crum
dsum-sec.casalemedia.com/ Frame 612C
Redirect Chain
  • https://cm.ctnsnet.com/int/cm?exc=19&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=85f7bf4f457c40a9be37d17b39dda0d9&expiration=1639280268
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=85f7bf4f457c40a9be37d17b39dda0d9&expiration=1639280268
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 12 Nov 2021 03:37:48 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:47 GMT
via
1.1 google
server
Apache-Coyote/1.1
status
302
p3p
CP="NOI DSP COR NID CUR OUR NOR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=85f7bf4f457c40a9be37d17b39dda0d9&expiration=1639280268
cache-control
no-cache, must-revalidate
content-type
text/html;charset=UTF-8
alt-svc
clear
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
getuid
ib.adnxs.com/ Frame 612C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
tpid=YY3hh-hBgT.uGKmO4CBSjQAA%261130
bcp.crwdcntrl.net/map/c=6725/tp=INDX/ Frame 612C 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YY3hh-hBgT.uGKmO4CBSjQAA%261130?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.84.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-84-146.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:48 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.18.232
content-type
image/gif
content-length
49
expires
0
crum
dsum-sec.casalemedia.com/ Frame 612C
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 12 Nov 2021 03:37:48 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
Date
Fri, 12 Nov 2021 03:37:48 GMT
Access-Control-Allow-Credentials
true
X-Powered-By
Express
Content-Length
0
Vary
Origin
Keep-Alive
timeout=5
sync
ups.analytics.yahoo.com/ups/55940/ Frame 612C 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YY3hh_hBgT-uGKmO4CBSjQAABGoAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:48 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
p-Z8PuJEk6U7Hyq.gif
pixel.quantserve.com/pixel/ Frame 612C 		0
0
no_match_opted_out
um.simpli.fi/ Frame 612C
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
  • https://um.simpli.fi/no_match_opted_out
0
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/no_match_opted_out
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Server
169.50.137.182 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b6.89.32a9.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 12 Nov 2021 03:37:48 GMT
x-content-type-options
nosniff
server
nginx
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS

Redirect headers

date
Fri, 12 Nov 2021 03:37:48 GMT
x-content-type-options
nosniff
server
nginx
location
/no_match_opted_out
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Thu, 11 Nov 2021 03:37:48 GMT
index
dmp.brand-display.com/cm/api/ Frame 612C 		43 B
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.40.233 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
233.40.241.35.bc.googleusercontent.com
Software
nginx/1.21.4 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:53 GMT
via
1.1 google
last-modified
Fri, 12 Nov 2021 03:37:53 GMT
server
nginx/1.21.4
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc
clear
content-length
43
expires
Fri, 12 Nov 2021 03:37:54 GMT
setuid
sync.quantumdex.io/ Frame 612C 		43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YY3hh_hBgT-uGKmO4CBSjQAABGoAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6accb94f1dea4de8-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
getuid
ib.adnxs.com/ Frame 3922 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
user-registering
ads.stickyadstv.com/ Frame 3922 		43 B
725 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=YY3hh-hBgT.uGKmO4CBSjQAA%261130&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:48 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1636688267982087-345
Expires
Fri, 12 Nov 2021 03:37:48 GMT
tpid=YY3hh-hBgT.uGKmO4CBSjQAA%261130
bcp.crwdcntrl.net/map/c=6725/tp=INDX/ Frame 3922 		49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YY3hh-hBgT.uGKmO4CBSjQAA%261130?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.84.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-84-146.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:48 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.25.8
content-type
image/gif
content-length
49
expires
0
match
c1.adform.net/serving/cookie/ Frame 3922 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:48 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
crum
dsum-sec.casalemedia.com/ Frame 3922
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1991787311400296336
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1991787311400296336
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 12 Nov 2021 03:37:48 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1991787311400296336
Date
Fri, 12 Nov 2021 03:37:48 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
no_match_opted_out
um.simpli.fi/ Frame 3922
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
  • https://um.simpli.fi/no_match_opted_out
0
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/no_match_opted_out
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Server
169.50.137.182 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b6.89.32a9.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 12 Nov 2021 03:37:48 GMT
x-content-type-options
nosniff
server
nginx
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS

Redirect headers

date
Fri, 12 Nov 2021 03:37:48 GMT
x-content-type-options
nosniff
server
nginx
location
/no_match_opted_out
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Thu, 11 Nov 2021 03:37:48 GMT
crum
dsum-sec.casalemedia.com/ Frame 3922
Redirect Chain
  • https://d.adroll.com/cm/index/ssp?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 12 Nov 2021 03:37:48 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Fri, 12 Nov 2021 03:37:48 GMT
server
nginx/1.20.0
content-length
76
index
dmp.brand-display.com/cm/api/ Frame 3922 		43 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.40.233 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
233.40.241.35.bc.googleusercontent.com
Software
nginx/1.21.4 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:53 GMT
via
1.1 google
last-modified
Fri, 12 Nov 2021 03:37:51 GMT
server
nginx/1.21.4
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc
clear
content-length
43
expires
Fri, 12 Nov 2021 03:37:52 GMT
setuid
sync.quantumdex.io/ Frame 3922 		43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YY3hh_hBgT-uGKmO4CBSjQAABGoAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6accb94f2df64de8-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
pbsync
usermatch.targeting.unrulymedia.com/ Frame 3B33 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=&consent=&us_privacy=&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.44 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

server
Tengine
date
Fri, 12 Nov 2021 03:37:48 GMT
uc.html
sync.go.sonobi.com/ Frame D531 		43 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

Date
Fri, 12 Nov 2021 03:37:48 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
X-Xss-Protection
0
Content-Encoding
gzip
Server
sonobi-go
usermatch
ssum-sec.casalemedia.com/ Frame 6F75 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9a9221ee8b4730f3592ab36f32fc1a10d849ba192e39e3dca5489c6c60a75b09

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
13|238|191|196|190|81|46|206
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1662
Expires
Fri, 12 Nov 2021 03:37:48 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:48 GMT
Connection
keep-alive
/
onetag-sys.com/usync/ Frame EBA7 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
match.js
js.adscale.de/ Frame CA46 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/match.js
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:8600:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
91b4eb09154d5ebef46352e922194ec6dbb9547b63f9776ae10133fe1ca66879

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
mwPXuZ0W9XDnivenXkp2GOvo7EpISEuC
content-encoding
br
last-modified
Thu, 11 Nov 2021 06:45:10 GMT
server
AmazonS3
age
3157
etag
W/"b75124846aec28a28b7a3441813682d5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 5297df6326448099cefed6e96fd7b00b.cloudfront.net (CloudFront)
cache-control
max-age=7200
date
Fri, 12 Nov 2021 02:45:12 GMT
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
0nkfcpMNHbuXZd2i_grMuosp-H4ePuCpBMrmPsD2QRiQvr8zAn09tg==
match.js
js.adscale.de/ Frame E7A5 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/match.js
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:8600:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
91b4eb09154d5ebef46352e922194ec6dbb9547b63f9776ae10133fe1ca66879

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
mwPXuZ0W9XDnivenXkp2GOvo7EpISEuC
content-encoding
br
last-modified
Thu, 11 Nov 2021 06:45:10 GMT
server
AmazonS3
age
3157
etag
W/"b75124846aec28a28b7a3441813682d5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 5297df6326448099cefed6e96fd7b00b.cloudfront.net (CloudFront)
cache-control
max-age=7200
date
Fri, 12 Nov 2021 02:45:12 GMT
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
9LuTkPTLxgZ4YwVFtAootqpjSARtduurNzdEhNtqOh_uyyL0pVIaJw==
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame CA46
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D108%26tpuid%3D%5BMM_UUID%5D&uid=8390b67cef88dc4e4a7a570...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=e626618d-e18b-4900-b346-8a6c848cdf60&gdpr=0&gdpr_consent=
49 B
540 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=e626618d-e18b-4900-b346-8a6c848cdf60&gdpr=0&gdpr_consent=
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
35.157.138.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-138-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:48 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Fri, 12 Nov 2021 03:37:48 GMT
Server
MT3 4067 88cc6bf master cdg-pixel-x24 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=e626618d-e18b-4900-b346-8a6c848cdf60&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 12 Nov 2021 03:37:47 GMT
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame E7A5
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D108%26tpuid%3D%5BMM_UUID%5D&uid=8390b67cef88dc4e4a7a570...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=e626618d-e18b-4900-b346-8a6c848cdf60&gdpr=0&gdpr_consent=
49 B
540 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=e626618d-e18b-4900-b346-8a6c848cdf60&gdpr=0&gdpr_consent=
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
35.157.138.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-138-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:48 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Fri, 12 Nov 2021 03:37:48 GMT
Server
MT3 4067 88cc6bf master cdg-pixel-x16 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=e626618d-e18b-4900-b346-8a6c848cdf60&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 12 Nov 2021 03:37:47 GMT
crum
dsum-sec.casalemedia.com/ Frame 6F75
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 12 Nov 2021 03:37:48 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
Date
Fri, 12 Nov 2021 03:37:48 GMT
Access-Control-Allow-Credentials
true
X-Powered-By
Express
Content-Length
0
Vary
Origin
Keep-Alive
timeout=5
461886.gif
idsync.rlcdn.com/ Frame 6F75 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/461886.gif?partner_uid=YY3hh-hBgT.uGKmO4CBSjQAA%261130&&gdpr_consent=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
index
dmp.brand-display.com/cm/api/ Frame 6F75 		43 B
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.40.233 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
233.40.241.35.bc.googleusercontent.com
Software
nginx/1.21.4 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:48 GMT
via
1.1 google
last-modified
Fri, 12 Nov 2021 03:37:48 GMT
server
nginx/1.21.4
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc
clear
content-length
43
expires
Fri, 12 Nov 2021 03:37:49 GMT
us.php
gu.dyntrk.com/adx/ie/ Frame 6F75 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
135.125.160.160 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3198892.ip-135-125-160.eu
Software
proxy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate, no-transform
x-rc
10
server
proxy
content-length
0
content-type
text/plain
getuid
ib.adnxs.com/ Frame 6F75 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
p-Z8PuJEk6U7Hyq.gif
pixel.quantserve.com/pixel/ Frame 6F75 		0
0
getuid
secure.adnxs.com/ Frame 6F75 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
sync
ups.analytics.yahoo.com/ups/55940/ Frame 6F75 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YY3hh_hBgT-uGKmO4CBSjQAABGoAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:48 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
sync.quantumdex.io/ Frame 6F75 		43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YY3hh_hBgT-uGKmO4CBSjQAABGoAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6accb94f8e394de8-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
img
ih.adscale.de/sium/a1dd7e88ad694af18f8d3a690545701a/1636688268543/0/ Frame E7A5
Redirect Chain
  • https://adscale-emea.adnxs.com/getuid?https%3A%2F%2Fih.adscale.de%2Fsium%2Fa1dd7e88ad694af18f8d3a690545701a%2F1636688268543%2F0%2Fimg%3Ftpid%3D75%26tpuid%3D%24UID&gdpr=0
  • https://ih.adscale.de/sium/a1dd7e88ad694af18f8d3a690545701a/1636688268543/0/img?tpid=75&tpuid=7051991869510472897&gdpr=0
49 B
550 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/a1dd7e88ad694af18f8d3a690545701a/1636688268543/0/img?tpid=75&tpuid=7051991869510472897&gdpr=0
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
35.157.138.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-138-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:48 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:48 GMT
X-Proxy-Origin
91.199.118.74; 91.199.118.74; 882.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
e6277bb4-b78b-49bf-8415-303f8b6a07ec
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ih.adscale.de/sium/a1dd7e88ad694af18f8d3a690545701a/1636688268543/0/img?tpid=75&tpuid=7051991869510472897&gdpr=0
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
img
ih.adscale.de/sium/a758d1bfa8fd4387b40e47b5fac0cc5e/1636688268533/0/ Frame CA46
Redirect Chain
  • https://adscale-emea.adnxs.com/getuid?https%3A%2F%2Fih.adscale.de%2Fsium%2Fa758d1bfa8fd4387b40e47b5fac0cc5e%2F1636688268533%2F0%2Fimg%3Ftpid%3D75%26tpuid%3D%24UID&gdpr=0
  • https://ih.adscale.de/sium/a758d1bfa8fd4387b40e47b5fac0cc5e/1636688268533/0/img?tpid=75&tpuid=7051991869510472897&gdpr=0
49 B
550 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/a758d1bfa8fd4387b40e47b5fac0cc5e/1636688268533/0/img?tpid=75&tpuid=7051991869510472897&gdpr=0
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
35.157.138.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-138-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:48 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:48 GMT
X-Proxy-Origin
91.199.118.74; 91.199.118.74; 882.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
c390fe8a-9be2-48db-b3b5-d05991346adb
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ih.adscale.de/sium/a758d1bfa8fd4387b40e47b5fac0cc5e/1636688268533/0/img?tpid=75&tpuid=7051991869510472897&gdpr=0
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame CA46
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=5cd3337f0618da2ddc6d13956...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YY3hh-hBgT.uGKmO4CBSjQAA%261130
49 B
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YY3hh-hBgT.uGKmO4CBSjQAA%261130
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
35.157.138.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-138-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:48 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:48 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YY3hh-hBgT.uGKmO4CBSjQAA%261130
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
310
Expires
Fri, 12 Nov 2021 03:37:48 GMT
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame E7A5
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=5cd3337f0618da2ddc6d13956...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YY3hh-hBgT.uGKmO4CBSjQAA%261130
49 B
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YY3hh-hBgT.uGKmO4CBSjQAA%261130
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
35.157.138.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-138-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:48 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:48 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YY3hh-hBgT.uGKmO4CBSjQAA%261130
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
310
Expires
Fri, 12 Nov 2021 03:37:48 GMT
img
ih.adscale.de/sium/a758d1bfa8fd4387b40e47b5fac0cc5e/1636688268533/0/ Frame CA46
Redirect Chain
  • https://track.adform.net/serving/cookie/match/?party=9&uid=c009877ffd9dfdb2e79ad3036efb547fa7b5aae5d92eb2ebe65939fa2cc659ef&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fa758d1bfa8fd4387b40e47...
  • https://ih.adscale.de/sium/a758d1bfa8fd4387b40e47b5fac0cc5e/1636688268533/0/img?tpid=42&gdpr=0&tpuid=1034124019680978443
49 B
579 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/a758d1bfa8fd4387b40e47b5fac0cc5e/1636688268533/0/img?tpid=42&gdpr=0&tpuid=1034124019680978443
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
35.157.138.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-138-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:49 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:48 GMT
server
nginx
location
https://ih.adscale.de/sium/a758d1bfa8fd4387b40e47b5fac0cc5e/1636688268533/0/img?tpid=42&gdpr=0&tpuid=1034124019680978443
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
img
ih.adscale.de/sium/a1dd7e88ad694af18f8d3a690545701a/1636688268543/0/ Frame E7A5
Redirect Chain
  • https://track.adform.net/serving/cookie/match/?party=9&uid=c009877ffd9dfdb2e79ad3036efb547fa7b5aae5d92eb2ebe65939fa2cc659ef&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fa1dd7e88ad694af18f8d3a...
  • https://ih.adscale.de/sium/a1dd7e88ad694af18f8d3a690545701a/1636688268543/0/img?tpid=42&gdpr=0&tpuid=1034124019680978443
49 B
579 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/a1dd7e88ad694af18f8d3a690545701a/1636688268543/0/img?tpid=42&gdpr=0&tpuid=1034124019680978443
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
35.157.138.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-138-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:49 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:48 GMT
server
nginx
location
https://ih.adscale.de/sium/a1dd7e88ad694af18f8d3a690545701a/1636688268543/0/img?tpid=42&gdpr=0&tpuid=1034124019680978443
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
user
ads3.admatic.com.tr/ Frame A5F9
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=admatic
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=admatic
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=admatic
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=250d99ff-4f19-41bf-9933-7171b6bc8197&ssp=admatic
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=ca55ffaf-b038-4845-a074-417fa5b634be&dsp_uuid=&dsp_id=
  • https://ads3.admatic.com.tr/user?bsw_uuid=ca55ffaf-b038-4845-a074-417fa5b634be&dsp_uuid=&dsp_id=
35 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads3.admatic.com.tr/user?bsw_uuid=ca55ffaf-b038-4845-a074-417fa5b634be&dsp_uuid=&dsp_id=
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
H2
Server
188.132.147.235 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-235-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:49 GMT
server
AdMatic
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
x-powered-by
AdMatic
content-type
image/gif
cache-control
no-cache
timing-allow-origin
*
content-length
35

Redirect headers

timing-allow-origin
*
date
Fri, 12 Nov 2021 03:37:49 GMT
location
https://ads3.admatic.com.tr/user?bsw_uuid=ca55ffaf-b038-4845-a074-417fa5b634be&dsp_uuid=&dsp_id=
x-powered-by
AdMatic
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
221
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame CA46
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&u...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=31d44fb5-0c7c-4188-943c-82c74cd5d61c&gdpr=0
49 B
599 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=31d44fb5-0c7c-4188-943c-82c74cd5d61c&gdpr=0
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
35.157.138.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-138-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:49 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:48 GMT
server
Kestrel
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=31d44fb5-0c7c-4188-943c-82c74cd5d61c&gdpr=0
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1882072
content-length
0
expires
Fri, 12 Nov 2021 00:00:00 GMT
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame E7A5
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&u...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=59a0fd47-78f2-4211-9c1f-b57eb8662cd2&gdpr=0
49 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=59a0fd47-78f2-4211-9c1f-b57eb8662cd2&gdpr=0
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
35.157.138.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-138-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:49 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:48 GMT
server
Kestrel
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=59a0fd47-78f2-4211-9c1f-b57eb8662cd2&gdpr=0
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1392378
content-length
0
expires
Fri, 12 Nov 2021 00:00:00 GMT
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame CA46
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=2c486f051a2318194d9ff357...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=e626618d-e18b-4900-b346-8a6c848cdf60&gdpr=0&gdpr_consent=
49 B
622 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=e626618d-e18b-4900-b346-8a6c848cdf60&gdpr=0&gdpr_consent=
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
35.157.138.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-138-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:49 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Fri, 12 Nov 2021 03:37:49 GMT
Server
MT3 4067 88cc6bf master cdg-pixel-x31 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=e626618d-e18b-4900-b346-8a6c848cdf60&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 12 Nov 2021 03:37:48 GMT
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame E7A5
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=2c486f051a2318194d9ff357...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=e626618d-e18b-4900-b346-8a6c848cdf60&gdpr=0&gdpr_consent=
49 B
622 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=e626618d-e18b-4900-b346-8a6c848cdf60&gdpr=0&gdpr_consent=
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
35.157.138.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-138-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:49 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Fri, 12 Nov 2021 03:37:49 GMT
Server
MT3 4067 88cc6bf master cdg-pixel-x26 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=e626618d-e18b-4900-b346-8a6c848cdf60&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 12 Nov 2021 03:37:48 GMT
js
ih.adscale.de/sium/a1dd7e88ad694af18f8d3a690545701a/1636688268543/0/ Frame E7A5
Redirect Chain
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=46bb711739252dc3baf9960db855293727d4a028fba723ec09a7b6f3c0c02df3&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fa1dd7e88ad694a...
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=46bb711739252dc3baf9960db855293727d4a028fba723ec09a7b6f3c0c02df3&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fa1dd7e88ad694a...
  • https://ih.adscale.de/sium/a1dd7e88ad694af18f8d3a690545701a/1636688268543/0/js?tpid=48&tpuid=04c4e7fa811ab4a9976792abbb0dc1e6
44 B
568 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/sium/a1dd7e88ad694af18f8d3a690545701a/1636688268543/0/js?tpid=48&tpuid=04c4e7fa811ab4a9976792abbb0dc1e6
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
35.157.138.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-138-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
8976261e1c09e6901543f013c604e2e327d4ca2ff3fa2c91b47de824b50233da

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:49 GMT
p3p
CP=NOI PSA OUR
content-length
44
content-type
text/javascript

Redirect headers

Date
Fri, 12 Nov 2021 03:37:49 GMT
Server
nginx
Vary
Accept
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://ih.adscale.de/sium/a1dd7e88ad694af18f8d3a690545701a/1636688268543/0/js?tpid=48&tpuid=04c4e7fa811ab4a9976792abbb0dc1e6
Connection
close
Content-Type
text/plain; charset=utf-8
Content-Length
147
js
ih.adscale.de/sium/a758d1bfa8fd4387b40e47b5fac0cc5e/1636688268533/0/ Frame CA46
Redirect Chain
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=46bb711739252dc3baf9960db855293727d4a028fba723ec09a7b6f3c0c02df3&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fa758d1bfa8fd43...
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=46bb711739252dc3baf9960db855293727d4a028fba723ec09a7b6f3c0c02df3&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fa758d1bfa8fd43...
  • https://ih.adscale.de/sium/a758d1bfa8fd4387b40e47b5fac0cc5e/1636688268533/0/js?tpid=48&tpuid=899f3c3b84c10e6d41f9e31b5561f7fd
44 B
569 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/sium/a758d1bfa8fd4387b40e47b5fac0cc5e/1636688268533/0/js?tpid=48&tpuid=899f3c3b84c10e6d41f9e31b5561f7fd
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
35.157.138.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-138-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e64e67c256798fb5beb64f3e6a7237f9bfa4033995d2094bec58a3887c97086d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:49 GMT
p3p
CP=NOI PSA OUR
content-length
44
content-type
text/javascript

Redirect headers

Date
Fri, 12 Nov 2021 03:37:49 GMT
Server
nginx
Vary
Accept
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://ih.adscale.de/sium/a758d1bfa8fd4387b40e47b5fac0cc5e/1636688268533/0/js?tpid=48&tpuid=899f3c3b84c10e6d41f9e31b5561f7fd
Connection
close
Content-Type
text/plain; charset=utf-8
Content-Length
147
sium
ih.adscale.de/ Frame CA46 		0
190 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/sium
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/match.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.138.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-138-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ih.adscale.de
date
Fri, 12 Nov 2021 03:37:49 GMT
access-control-allow-credentials
true
access-control-allow-headers
x-openrtb-version
content-length
0
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
sium
ih.adscale.de/ Frame E7A5 		0
190 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/sium
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/match.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.138.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-138-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ih.adscale.de
date
Fri, 12 Nov 2021 03:37:49 GMT
access-control-allow-credentials
true
access-control-allow-headers
x-openrtb-version
content-length
0
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
user
ads3.admatic.com.tr/ Frame A5F9
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=admatic
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=admatic&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=93&user_id=c6f7b90a-8be6-489e-aed8-3443d34fbebe&expires=30&ssp=admatic&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21}
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=ca55ffaf-b038-4845-a074-417fa5b634be&dsp_uuid=&dsp_id=
  • https://ads3.admatic.com.tr/user?bsw_uuid=ca55ffaf-b038-4845-a074-417fa5b634be&dsp_uuid=&dsp_id=
35 B
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads3.admatic.com.tr/user?bsw_uuid=ca55ffaf-b038-4845-a074-417fa5b634be&dsp_uuid=&dsp_id=
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
H2
Server
188.132.147.235 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-235-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:49 GMT
server
AdMatic
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
x-powered-by
AdMatic
content-type
image/gif
cache-control
no-cache
timing-allow-origin
*
content-length
35

Redirect headers

timing-allow-origin
*
date
Fri, 12 Nov 2021 03:37:49 GMT
location
https://ads3.admatic.com.tr/user?bsw_uuid=ca55ffaf-b038-4845-a074-417fa5b634be&dsp_uuid=&dsp_id=
x-powered-by
AdMatic
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
221
user
ads3.admatic.com.tr/ Frame 2262
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=admatic
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=admatic&bsw_custom_parameter=ca55ffaf-b038-4845-a074-417fa5b634be
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=admatic&bsw_custom_parameter=ca55ffaf-b038-4845-a074-417fa5b634be
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=ea42f397-30e5-42ff-b633-a265db3204f7&ssp=admatic&expires=30&user_group=5&bsw_param=ca55ffaf-b038-4845-a074-417fa5b634be
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=ca55ffaf-b038-4845-a074-417fa5b634be&dsp_uuid=&dsp_id=
  • https://ads3.admatic.com.tr/user?bsw_uuid=ca55ffaf-b038-4845-a074-417fa5b634be&dsp_uuid=&dsp_id=
35 B
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads3.admatic.com.tr/user?bsw_uuid=ca55ffaf-b038-4845-a074-417fa5b634be&dsp_uuid=&dsp_id=
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
H2
Server
188.132.147.235 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-235-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:49 GMT
server
AdMatic
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
x-powered-by
AdMatic
content-type
image/gif
cache-control
no-cache
timing-allow-origin
*
content-length
35

Redirect headers

timing-allow-origin
*
date
Fri, 12 Nov 2021 03:37:49 GMT
location
https://ads3.admatic.com.tr/user?bsw_uuid=ca55ffaf-b038-4845-a074-417fa5b634be&dsp_uuid=&dsp_id=
x-powered-by
AdMatic
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
221
cw_ad.js
cdn.pixfuture.com/cw/ 		41 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pixfuture.com/cw/cw_ad.js
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/cw/load-widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cabf86a102a56ab21cb1993bb7af697f8a53e0f462032c970b01603b9d206ee6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:49 GMT
cf-cache-status
HIT
last-modified
Mon, 08 Nov 2021 20:42:05 GMT
server
cloudflare
age
111222
etag
W/"61898b9d-a2c1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zXx8bEY2FNdBpX3xQ%2FQHzkATt%2FrSf%2F4298EIek6bO2BqespbZD4svnY4Fwo2aQLyLlzK7j5pZ0tCUZFM%2BKPDbcX16H0ocX2ig7PzPHbQnNtpRyp4L%2BkuKFqyMXcvBNtkJShJ4AjMpWRAKMSUJX2K"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
expires
Fri, 12 Nov 2021 20:43:19 GMT
cache-control
public, max-age=2678400, no-transform
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6accb9541b490609-FRA
cf-bgj
minify
jquery.min.js
cdn.pixfuture.com/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pixfuture.com/jquery.min.js
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/cw/cw_ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:49 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 12 Aug 2020 19:49:59 GMT
server
cloudflare
age
39983
etag
W/"5f3447e7-1538f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3wjzAhn9SeIUP4kuY9dFgR0zfQgTS4iQfsPVrAM8xyUpV9OE%2FXY4VVYL3bxeB%2Bh4pA2d0SBh7sty1Ve7Wlm405gkGpS29bQg1le%2BFq24ccMmbQ4erPQH5OXRXMO6dj584fWd83jUhUhNZcqIb7sL"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2678400, no-transform
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6accb9546b7e0609-FRA
expires
Sat, 13 Nov 2021 16:31:07 GMT
r.js
aa.agkn.com/adscores/ 		0
184 B 		Script
General
Check archive.org
Download Go to
Full URL
https://aa.agkn.com/adscores/r.js?sid=9112309848
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/cw/cw_ad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.154.132 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-154-132.eu-central-1.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:49 GMT
server
AAWebServer
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
cache-control
no-cache, no-store, must-revalidate
content-type
application/javascript
content-length
0
expires
0
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		368 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/cw/cw_ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
014f2fb8d253cee4da7966e085bf836310d85793e5ab4291489a6add2b123e6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125138
x-xss-protection
0
expires
Fri, 12 Nov 2021 03:37:49 GMT
pbixcw.js
cdn.pixfuture.com/ 		444 KB
445 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pixfuture.com/pbixcw.js
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/cw/cw_ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c5f344eb440a1e901820708b5cae5266fa6733f9b94b61f2b42fb680866553e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
43241
cf-polished
origSize=454973
cf-bgj
minify
last-modified
Fri, 24 Sep 2021 13:21:30 GMT
server
cloudflare
etag
W/"614dd0da-6f13d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RGH0wRrpt07u7%2Bgz2lhoPkP4vYIcgxvPhYpfUdQj8br1t4forhRlhi1rtRLswFNONWPOIi94jg85PNrGeFOQTLGqZ6pN4XLfxoDy4OyAsDZIwBeNGY%2FkNTonNa83iZFzYwi35kM0xNfOmQGmbdU3"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2678400, no-transform
cf-ray
6accb9553c5b0609-FRA
expires
Sat, 13 Nov 2021 15:35:59 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 669E 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156631&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D679a98072152b165%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:49 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cwc.php
served-by.pixfuture.com/www/delivery/ 		16 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/delivery/cwc.php?d=4195x73&keywords=federal,court,orders,bidens,doj,stop,extracting,data,phones,project,veritas,founder,james,okeefe,one,america,news,network&refUrl=&refresh=false&innerWidth=1600&w=374&h=278
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/cw/cw_ad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
017c24c0a041dd849371f5f5729cd2f4d0924367580ae9ecdb55df31a37c91cc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:49 GMT
server
nginx/1.10.3 (Ubuntu)
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=172800, public, no-transform
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Sun, 14 Nov 2021 03:37:49 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.oann.com%2F&domain=www.oann.com&bundle=Zi2TqV9CSFg1Znp5WnBYVGd3NkFRNlkxZmJBeU9kQnNhSmNLTXU5WEQyN3lZJTJCVEEyWW5yVnJtT1BmdEFadk1rWDFxMUMlMkJuRGFaNFFlZ21MaGRRRmRMWno3MklOeDF1TnEyVGdKeFJQbHZXSEJ3ZGclMkZVJTJGaUN1RXM1UXZHdmRpZjFRcWp2&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.oann.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://www.oann.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1697
date
Fri, 12 Nov 2021 03:37:49 GMT
content-encoding
gzip
vary
Accept-Encoding
cw_pr_req.php
served-by.pixfuture.com/www/headerbid/library/tracking/ 		0
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/headerbid/library/tracking/cw_pr_req.php?
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/cw/cw_ad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:49 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
max-age=172800
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Sun, 14 Nov 2021 03:37:49 GMT
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.oann.com%2F&domain=www.oann.com&bundle=Zi2TqV9CSFg1Znp5WnBYVGd3NkFRNlkxZmJBeU9kQnNhSmNLTXU5WEQyN3lZJTJCVEEyWW5yVnJtT1BmdEFadk1...
  • https://mug.criteo.com/sid?cpp=42b2FXw0V2xDQ3hBODFLRm9uaWxRY1ovNUpuZHhtNjZadWdiOTBMRHRHMUVTOGdFem9NdXhDWFZKMlhwOFY0TldlUDdicC9oVnRmSDRCclk5MFNJM0Npcm1tc09UdnhLWHNBSjduRnRXaWJtYlhwa3JOOHdKZ3YrZmdSZm...
417 B
655 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=42b2FXw0V2xDQ3hBODFLRm9uaWxRY1ovNUpuZHhtNjZadWdiOTBMRHRHMUVTOGdFem9NdXhDWFZKMlhwOFY0TldlUDdicC9oVnRmSDRCclk5MFNJM0Npcm1tc09UdnhLWHNBSjduRnRXaWJtYlhwa3JOOHdKZ3YrZmdSZmo1dnREdXFFbVh5Zk5Hc3RXaVIrb1ViNlVQUjBZY2xOczlKVkVkNndocVQxeFlENWN6aU4yZFFoaWRISmhnNThJSExIRDFVKzhCclczNDIwZCtVTXhXSy82RnFGT051U1RDOFdrSjdNTVhBbkZhamp1bXpRaFBkVjhQTXB4ekpBRkRFbDFISFh5Ym1YcnptSVJybWVhL2pXRlp3MndZSjVQclVJM0FaU283c2djTG9DYkVFZz18&cppv=2
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
b3f1f93859a2104ef47ed5748dd9ffb8ac68f057689bc07646cfeb9900b77620
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Fri, 12 Nov 2021 03:37:49 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2180
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 12 Nov 2021 03:37:49 GMT
location
https://mug.criteo.com/sid?cpp=42b2FXw0V2xDQ3hBODFLRm9uaWxRY1ovNUpuZHhtNjZadWdiOTBMRHRHMUVTOGdFem9NdXhDWFZKMlhwOFY0TldlUDdicC9oVnRmSDRCclk5MFNJM0Npcm1tc09UdnhLWHNBSjduRnRXaWJtYlhwa3JOOHdKZ3YrZmdSZmo1dnREdXFFbVh5Zk5Hc3RXaVIrb1ViNlVQUjBZY2xOczlKVkVkNndocVQxeFlENWN6aU4yZFFoaWRISmhnNThJSExIRDFVKzhCclczNDIwZCtVTXhXSy82RnFGT051U1RDOFdrSjdNTVhBbkZhamp1bXpRaFBkVjhQTXB4ekpBRkRFbDFISFh5Ym1YcnptSVJybWVhL2pXRlp3MndZSjVQclVJM0FaU283c2djTG9DYkVFZz18&cppv=2
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.oann.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2006
content-length
567
expires
0
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=42b2FXw0V2xDQ3hBODFLRm9uaWxRY1ovNUpuZHhtNjZadWdiOTBMRHRHMUVTOGdFem9NdXhDWFZKMlhwOFY0TldlUDdicC9oVnRmSDRCclk5MFNJM0Npcm1tc09UdnhLWHNBSjduRnRXaWJtYlhwa3JOOHdKZ3YrZmdSZmo1dnREdXFFbVh5Zk5Hc3RXaVIrb1ViNlVQUjBZY2xOczlKVkVkNndocVQxeFlENWN6aU4yZFFoaWRISmhnNThJSExIRDFVKzhCclczNDIwZCtVTXhXSy82RnFGT051U1RDOFdrSjdNTVhBbkZhamp1bXpRaFBkVjhQTXB4ekpBRkRFbDFISFh5Ym1YcnptSVJybWVhL2pXRlp3MndZSjVQclVJM0FaU283c2djTG9DYkVFZz18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
2360
date
Fri, 12 Nov 2021 03:37:49 GMT
content-encoding
gzip
vary
Accept-Encoding
pixfuture
pixfuture.technoratimedia.com/openrtb/bids/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pixfuture.technoratimedia.com/openrtb/bids/pixfuture?src=prebid_prebid_5.9.0-pre
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
132.226.41.106 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.oann.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Fri, 12 Nov 2021 03:37:50 GMT
access-control-allow-headers
content-type
access-control-allow-origin
https://www.oann.com
access-control-allow-credentials
true
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
113709976
age
0
via
1.1 varnish
pub5644548548544
s.adx.opera.com/ortb/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://s.adx.opera.com/ortb/v2/pub5644548548544?ep=ep5644764124224
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS
n-sysadmin-jumpbox-03.feednews.opera.technology
Software
Tengine /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-openrtb-version
Origin
https://www.oann.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
Tengine
date
Fri, 12 Nov 2021 03:37:50 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin,Content-Length,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST
access-control-allow-origin
https://www.oann.com
access-control-max-age
604800
content-encoding
gzip
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
auction
prebid-server.rubiconproject.com/openrtb2/ 		173 B
382 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.69.177.113 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-177-113.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
3728eb45dd0faa881ad853be38741e331181cf409e599c6879c847c55b71fb66

Request headers

Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:50 GMT
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.oann.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
169
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		13 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23564&site_id=377488&zone_id=2082578&size_id=15&alt_size_ids=7%2C13%2C14%2C43%2C117&p_pos=atf&rp_schain=1.0,1!pixfuture.com,4195,1,,,&eid_criteo.com=vqPIY19samNMNlplJTJGYTJKZUxUSWVxMnIlMkZZRTJoY0pkMVdqeTlGb1liVm5SNFJob0c1ZXVPSDBsSmNQdlglMkZaOHloTnZQRk1oaCUyQjZZRWJUQ1IwMGhsczhpUEV3JTNEJTNE%5E1&eid_id5-sync.com=0%5E1%5E&eid_pubcid.org=5ae18910-b3eb-416a-bfbf-9c59cd227aa4%5E1&tpid_tdid=c6f7b90a-8be6-489e-aed8-3443d34fbebe&eid_adserver.org=c6f7b90a-8be6-489e-aed8-3443d34fbebe&rf=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&tk_flint=pbjs_lite_v5.9.0-pre&x_source.tid=a505fdda-f73c-47b6-afe2-b327df479444&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3913276672859356
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
b140c537a223b755f3a45d701e25f2557d89dca616066708638c5400c0f3043f

Request headers

Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:50 GMT
Content-Encoding
gzip
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.oann.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
7404
Expires
Wed, 17 Sep 1975 21:32:10 GMT
/
ghb.adtelligent.com/v2/auction/ 		2 KB
984 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.173.210 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e701021368721bd45df75ad78eda197dc778c25c50fbafec6e261e81d4114e0d

Request headers

Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 12 Nov 2021 03:37:49 GMT
Content-Encoding
gzip
Server
VertaMedia 1.0
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.oann.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Length
697
t_pbjs_2.json
i.e-planning.net/layers/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.e-planning.net/layers/t_pbjs_2.json?
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
0aac4439e169aeac5ee124b32c7911e6ddcc1f449f1feb5cce5a0c9b74ea5b27

Request headers

Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 12 Nov 2021 03:37:50 GMT
x-cf3
H
cf4ttl
86400.000
x-cf1
29080:fB.fra2:co:1585621119:cacheN.fra2-01:M
content-length
1827
x-cf-tsc
1636663136
x-cf2
H
last-modified
Mon, 22 Jan 2018 13:28:47 GMT
server
CFS 0215
x-cff
B
etag
"5a65e70f-723"
content-type
application/json
access-control-allow-origin
https://www.oann.com
cache-control
max-age=86400
access-control-allow-credentials
true
cf4age
6071
accept-ranges
bytes
expires
Fri, 12 Nov 2021 18:57:44 GMT
mvo
tag.1rx.io/rmp/236373/0/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/236373/0/mvo?z=1r&hbv=5.9.0-pre,2.1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.oann.com
pragma
no-cache
date
Fri, 12 Nov 2021 03:37:50 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
bid
ap.lijit.com/rtb/ 		93 B
741 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_5.9.0-pre
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
924ac8f37c4dfc21e89fc7c2a3ce3c56a82366510c9f14edcef590b0ef05affb

Request headers

Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 12 Nov 2021 03:37:50 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.oann.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
97
hb
ssc.33across.com/api/v1/ 		66 B
149 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=azC7qard4r6OkMaKlId8sQ
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
e9ee435bb558cce6a9456b7eab8a24c6606aea5453f092d2c82e67346d3f43eb

Request headers

Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 12 Nov 2021 03:37:50 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.oann.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
v1
prg.smartadserver.com/prebid/ 		171 B
563 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:50 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
6%3b18%3b84
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.oann.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
v1
prg.smartadserver.com/prebid/ 		171 B
563 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:49 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
6%3b18%3b59
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.oann.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
v1
prg.smartadserver.com/prebid/ 		171 B
564 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:49 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
6%3b18%3b116
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.oann.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
v1
prg.smartadserver.com/prebid/ 		171 B
563 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:49 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
6%3b18%3b90
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.oann.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
prebid
ib.adnxs.com/ut/v3/ 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
8090af20104c50526a349e51793e49b7137541702b1a88e30a204d04e40b394b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:50 GMT
X-Proxy-Origin
91.199.118.74; 91.199.118.74; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
ebe71789-4fd3-4a84-a02c-9bbcd6d420cb
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.oann.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixfuture
pixfuture.technoratimedia.com/openrtb/bids/ 		0
291 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixfuture.technoratimedia.com/openrtb/bids/pixfuture?src=prebid_prebid_5.9.0-pre
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
132.226.41.106 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 12 Nov 2021 03:37:50 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
129830816
access-control-allow-origin
https://www.oann.com
access-control-allow-credentials
true
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
290 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969105017575db4f32dc2eda5c0067&pos=pixfuture_network_news_300x250&cmd=bid&eidcriteo.com=vqPIY19samNMNlplJTJGYTJKZUxUSWVxMnIlMkZZRTJoY0pkMVdqeTlGb1liVm5SNFJob0c1ZXVPSDBsSmNQdlglMkZaOHloTnZQRk1oaCUyQjZZRWJUQ1IwMGhsczhpUEV3JTNEJTNE&eidid5-sync.com=0&eidadserver.org=c6f7b90a-8be6-489e-aed8-3443d34fbebe&secure=1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
2677df61dcb4f4fe66f3ff2485e53c25c463545841c02470b418b84ac0f927d6

Request headers

Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 12 Nov 2021 03:37:50 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.oann.com
access-control-allow-credentials
true
content-length
62
trinity.json
apex.go.sonobi.com/ 		116 B
752 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2226e0c9addb5420d%22%3A%2251e399ebad38231f3a23%7C%22%2C%2227a3dea99831ce3%22%3A%22833199e4bd4003904bc3%7C%22%7D&ref=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&s=bb76bb8c-f4e3-439e-abd0-6eb4e89dfbcb&pv=ece91135-626a-43fe-9778-7912dffb9afb&vp=desktop&lib_name=prebid&lib_v=5.9.0-pre&us=0&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22pixfuture.com%22%2C%22sid%22%3A%224195%22%2C%22hp%22%3A1%7D%5D%7D&userid=%7B%22criteoId%22%3A%22vqPIY19samNMNlplJTJGYTJKZUxUSWVxMnIlMkZZRTJoY0pkMVdqeTlGb1liVm5SNFJob0c1ZXVPSDBsSmNQdlglMkZaOHloTnZQRk1oaCUyQjZZRWJUQ1IwMGhsczhpUEV3JTNEJTNE%22%2C%22id5id%22%3A%220%22%2C%22pubcid%22%3A%225ae18910-b3eb-416a-bfbf-9c59cd227aa4%22%2C%22tdid%22%3A%22c6f7b90a-8be6-489e-aed8-3443d34fbebe%22%7D&eids=%5B%7B%22source%22%3A%22criteo.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22vqPIY19samNMNlplJTJGYTJKZUxUSWVxMnIlMkZZRTJoY0pkMVdqeTlGb1liVm5SNFJob0c1ZXVPSDBsSmNQdlglMkZaOHloTnZQRk1oaCUyQjZZRWJUQ1IwMGhsczhpUEV3JTNEJTNE%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%225ae18910-b3eb-416a-bfbf-9c59cd227aa4%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22c6f7b90a-8be6-489e-aed8-3443d34fbebe%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%5D%7D%5D&kw=federal%2Ccourt%2Corders%2Cbidens%2Cdoj%2Cstop%2Cextracting%2Cdata%2Cphones%2Cproject%2Cveritas%2Cfounder%2Cjames%2Cokeefe%2Cone%2Camerica%2Cnews%2Cnetwork&coppa=0
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
6c3ac5f04e3df9fde31ea8ee0b6f72ead168d628a18411272637ae86f127aade
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:50 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-132
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.oann.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
141
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
arj
pixfuture2-d.openx.net/w/1.0/ 		172 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixfuture2-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=a505fdda-f73c-47b6-afe2-b327df479444%2Ca505fdda-f73c-47b6-afe2-b327df479444&nocache=1636688269677&criteoid=vqPIY19samNMNlplJTJGYTJKZUxUSWVxMnIlMkZZRTJoY0pkMVdqeTlGb1liVm5SNFJob0c1ZXVPSDBsSmNQdlglMkZaOHloTnZQRk1oaCUyQjZZRWJUQ1IwMGhsczhpUEV3JTNEJTNE&id5id=0&pubcid=aad7b0e3-a10e-4df7-ad25-b4d27f46934b&ttduuid=c6f7b90a-8be6-489e-aed8-3443d34fbebe&schain=1.0%2C1!pixfuture.com%2C4195%2C1%2C%2C%2C&aus=300x250%2C320x50%2C200x200%2C250x250%2C120x240%2C234x60%2C180x150%2C125x125%2C320x100%7C300x250%2C320x50%2C200x200%2C250x250%2C120x240%2C234x60%2C180x150%2C125x125%2C320x100&divids=4195x73%2C4195x73&aucs=%2C&auid=542528368%2C540580839&tps=bXlrZXl3b3JkPWZlZGVyYWwsY291cnQsb3JkZXJzLGJpZGVucyxkb2osc3RvcCxleHRyYWN0aW5nLGRhdGEscGhvbmVzLHByb2plY3QsdmVyaXRhcyxmb3VuZGVyLGphbWVzLG9rZWVmZSxvbmUsYW1lcmljYSxuZXdzLG5ldHdvcmsmbXlvdGhlcmtleXdvcmQ9ZmVkZXJhbCxjb3VydCxvcmRlcnMsYmlkZW5zLGRvaixzdG9wLGV4dHJhY3RpbmcsZGF0YSxwaG9uZXMscHJvamVjdCx2ZXJpdGFzLGZvdW5kZXIsamFtZXMsb2tlZWZlLG9uZSxhbWVyaWNhLG5ld3MsbmV0d29yaw%3D%3D%2CbXlrZXl3b3JkPWZlZGVyYWwsY291cnQsb3JkZXJzLGJpZGVucyxkb2osc3RvcCxleHRyYWN0aW5nLGRhdGEscGhvbmVzLHByb2plY3QsdmVyaXRhcyxmb3VuZGVyLGphbWVzLG9rZWVmZSxvbmUsYW1lcmljYSxuZXdzLG5ldHdvcmsmbXlvdGhlcmtleXdvcmQ9ZmVkZXJhbCxjb3VydCxvcmRlcnMsYmlkZW5zLGRvaixzdG9wLGV4dHJhY3RpbmcsZGF0YSxwaG9uZXMscHJvamVjdCx2ZXJpdGFzLGZvdW5kZXIsamFtZXMsb2tlZWZlLG9uZSxhbWVyaWNhLG5ld3MsbmV0d29yaw%3D%3D
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4d99030f4ae0496cab5c7cdad10c76e87f764fab489fccf954d6c94ce8e68faf

Request headers

Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:50 GMT
content-encoding
gzip
server
OXGW/16.218.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.oann.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.oann.com
date
Fri, 12 Nov 2021 03:37:48 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
/
hb.emxdgt.com/ 		0
156 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=3000&ts=1636688269680&src=pbjs
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.25.241 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-25-241.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.oann.com
date
Fri, 12 Nov 2021 03:37:50 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
pub5644548548544
s.adx.opera.com/ortb/v2/ 		0
0
imp
g2.gumgum.com/hbid/ 		450 B
990 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?criteoId=vqPIY19samNMNlplJTJGYTJKZUxUSWVxMnIlMkZZRTJoY0pkMVdqeTlGb1liVm5SNFJob0c1ZXVPSDBsSmNQdlglMkZaOHloTnZQRk1oaCUyQjZZRWJUQ1IwMGhsczhpUEV3JTNEJTNE&id5id=0&pubcid=5ae18910-b3eb-416a-bfbf-9c59cd227aa4&tdid=c6f7b90a-8be6-489e-aed8-3443d34fbebe&t=ticcez29&pi=3&si=28489&bf=300x250%2C320x50%2C200x200%2C250x250%2C120x240%2C234x60%2C180x150%2C125x125%2C320x100&schain=1.0%2C1!pixfuture.com%2C4195%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%225.9.0-pre%22%7D&ogu=null&ns=10240
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
661c7e52ab729827d1197b6dbcc2354e0502dbc43d707821d7bca06e55e3b611

Request headers

Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:50 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.oann.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
openrtb
ads.adaptv.advertising.com/rtb/ 		0
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=PixFutureMediaExchange
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.156.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-156-223.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.oann.com
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
prebid
prebid.media.net/rtb/ 		1 KB
682 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUIUMTP7
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
c005bebeb5195e82ff1b44a0fa077fa5caf64c65d6f3b273b44eef2ce156213c

Request headers

Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:50 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.oann.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
VideoBidRequestHandlerServlet
wf.taboola.com/ Frame 132F 		1 KB
827 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=462&height=259&pubid=169497&tagid=953497&crid=4711345&noaop=3&sortOrderType=0&cb=1636688270245&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1295&pt=1358769458&tz=0&viewable=true&ddast=V7uckCFgNjSzY4k9p6fwRjSzY4k9p6fwUAAAAGBuIHG7AajngjBoW12012m8VuMhmslrPBYLDaDWEDVsMRb8SgsHa7yW6z2C0Wk9lmNhnNdsspBCLuReR3O5x2i3QgEZpOh891r9f9fne9w263a_xui1ggURkPL8vT7bKbLtKBRO4y_f6Wr7_ksjlcZ9NFLJAI_p6n6em3W6QDicRvOv3dFrFAojn6Lae7w-2ySAcSvcNut4gFEtnD8nTYTRfpQCJzmM2mo-Xv-hkt6jcEBqLpdPhc93rd73fXO-x2u8bv9stcJpflYXZr_K7L6a23nFyWz1viNLnsnrfIb3WL_m7N6W94q4yny8Njetp9bpHD9HDLLH-3W3D0212et97mFlz-VpfH9Ja9LE_Tw_OW-V13k8vyljrcLs9b73W5bC6_HAAAAAAeAI7GYyF-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAAKUqM0AKA4FN7isnxOJ7_l5g8AgAcFEAAAAQwSgAG3phIACbKwEwAAAAAAAAAAlv____8YgL2AaRmAC8CxHoAHH4AHogLFIkYAAAAAW8d2SkeTOqGyqAIAIEi3ArgCAAjok8DxLwoDAAAIEJO9n91VZX-IGVugh8XvNzvsGr_bZQAAAAAAAAAAZv9n_2hCPVwpaUEkUexqv4AAAGu_gAAAbOoGAPAmABdygYFoOh0-171e9_vd9Q673a7xu_0yl8lleZjdGr_rcnrrLSeX5fOWOE0uu-ct8lvdor9bc_ob3irj6fLwmJ52n1vkMD3cMsvf7RYc_XaX5623uQWXv9XlMb1lL8vT9PC8ZX7X3eSyvKUOt8vz1ntdLpvLLzqCVgwGq1OI3XC22I0Wu8HsAAAAAO7-____8WTvZ3dV2R9i9EDGMlrZRiubcTAZGWYrk8kxW84mo9Vw49jNLKaV9zhlZisx0BMR-gIR9yLyux1Ou0U6kAhNp8Pnutfrfr-73mG32zV-t0UskKiMh5fl6XbZTRfpQCJ3mX5_y9dfctkcrrPpIhZIBH_P0_T02y3SgUTiN53-botYINEc_ZbT3eF2WaQDid5ht1vEAonsYXk67KaLdCCROcxm09Hyd_2MFvX9JmwxWk0mm-VwtlxMBsPRcDTan0CuBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBihYNJqvRaLKYDFejyWq2XOx2G6Ro1Wo22gyGq9lkttuthoPhcjTCCVuMVpPJZjmcLReTwXA0HI2GCBOW4WiwWK3cCsNm5hZNHB63cLjZrSWL3WiyGCxXDo9xLXp9TMfhbrYbDLcoGPC3F8FFOhE5PY_X5617mnwu01vvsNstYonmZJFOZJd9xzJa2UYrm3EwGRlmK5PJMVvOJqPVcOPYzSymlb9hGY4Gi9XKrTBsZm7RxOFxC4eb3Vqy2I0mi8Fy5fAY16LXx3Qc7ma7wXDfmG1ms-FwMhvtG7PNbDYcTmajfYfJ9Ex9zkbTX2PwmLzRaDWklJkPCpfB4v1JTItpd3bw_H5Hp8oZeRZ0RuHle_QaFJ6DRzUdn_0617j6tVZU3oNBEUsEp4t0InoZTxexRPK0SCfKmc23nFgcC4trMZzZbM7ZyLMxOVwb22DmMDlcE7FEabpIJ3qZy-SyPMxujd91Ob31lpPL8nlLnCaX3fMW-a1u0d-tOf0Nb5XxdHl4TE-7zy1ymB5umeXvdguOfrvL89bb3ILL3-rymN6yl-VpenjeMr_rbnJZ3lKH2-V5670ul81lUf-xIRdzxXI5VyyGc91olQAAAAAAAAAAljBn3gQAAADgNJDJaDhaLRcAAmdRFxgEAAAAAABg9x5silJb5uuiuPFjCXJ6Hq_PW_c0-Vymt95ht1sZ4MFpkXmzZ4JYq9WyBgAAEMAGAAAIyM6tm7eAMEsO!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=1&pb=0&pagg=3&sd=undefined&dtagid=1205345&dpubid=224845&abtst=adh5c-1_vA!adh5c_vA!t45!ufm&mPre=0.033&cirf=https%3A%2F%2Fwww.oann.com&en=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.5.2/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e4e3e8d170cfa0ec8b64e71fa0dee3cb97ab2f20d7bfe2d11745bfc15c46df30

Request headers

Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type
text/plain

Response headers

date
Fri, 12 Nov 2021 03:37:50 GMT
content-encoding
gzip
access-control-allow-origin
https://www.oann.com
machineid
1406
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra19166-FRA
pragma
no-cache
server
nginx
x-timer
S1636688271.653043,VS0,VE47
vary
Accept-Encoding
content-type
application/json;charset=utf-8
via
1.1 varnish
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame AAA6 		112 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/cw/cw_ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f22f93097418fecb40a35a45376b92d57e5dcc08fa809470e94b285c8119f60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40186
x-xss-protection
0
server
cafe
etag
14982534172671885568
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 12 Nov 2021 03:37:53 GMT
cw_tracking.php
served-by.pixfuture.com/www/headerbid/library/tracking/ 		0
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/headerbid/library/tracking/cw_tracking.php
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/cw/cw_ad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:53 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
max-age=172800
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Sun, 14 Nov 2021 03:37:53 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111100101/ Frame AAA6 		268 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1575911585432548&plah=www.oann.com&bust=31063703
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3f73deee728e30afb499760c87623eb1bf65458f573f365fe0e28d6fd2a83d92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
98702
x-xss-protection
0
server
cafe
etag
7702745790552000029
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 12 Nov 2021 03:37:53 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame AAA6 		12 B
247 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.oann.com&callback=_gfp_s_&client=ca-pub-1575911585432548&cookie=ID%3D7a2f33326af15082-22460f4655cb0048%3AT%3D1636688263%3AS%3DALNI_MYoDdZID8ASaftpf8b1oJO7x-F78w
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1575911585432548&plah=www.oann.com&bust=31063703
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame AAA6 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.oann.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1575911585432548&plah=www.oann.com&bust=31063703
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Nov 2021 03:37:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame AAA6 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.oann.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1575911585432548&plah=www.oann.com&bust=31063703
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Nov 2021 03:37:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
afr.php
served-by.pixfuture.com/www/delivery/ Frame 9E24
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1575911585432548&output=html&h=278&slotname=Widget-300x250-2.5&adk=2566101958&adf=3791526571&pi=t.ma~as.Widget-300x250-2.5&w=374&url=htt...
  • https://served-by.pixfuture.com/www/delivery/afr.php
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/delivery/afr.php
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1575911585432548&plah=www.oann.com&bust=31063703
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
64c41a6752147d6209ab9377bd28d1970be83a0a8d8617dfa4ea8dddf0516194

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/

Response headers

server
nginx/1.10.3 (Ubuntu)
date
Fri, 12 Nov 2021 03:37:53 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
max-age=172800 public, no-transform
pragma
no-cache
expires
Sun, 14 Nov 2021 03:37:53 GMT
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-encoding
gzip

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
location
https://served-by.pixfuture.com/www/delivery/afr.php
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 12 Nov 2021 03:37:53 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/getconfig/ Frame AAA6 		12 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211109&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1575911585432548&plah=www.oann.com&bust=31063703
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9f6b10bd30551a0ade08610e627c713f427caef9436c8ab8920faa327cb149cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Nov 2021 03:37:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9305
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame AAA6 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1575911585432548&plah=www.oann.com&bust=31063703
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Fri, 12 Nov 2021 03:37:53 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 0A3C 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Thu, 11 Nov 2021 22:09:37 GMT
expires
Fri, 11 Nov 2022 22:09:37 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
19696
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 27D9 		783 B
970 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
60baaf4f82b895ab5a9f9947a8aca7148452b756d64fc7844f0e357eeec1b29d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-MopdXU1B5NxktGJp7v2wrw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Fri, 12 Nov 2021 03:37:53 GMT
date
Fri, 12 Nov 2021 03:37:53 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-MopdXU1B5NxktGJp7v2wrw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js
pagead2.googlesyndication.com/bg/ Frame 0A3C 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
203a4bdab26266b358deb62aa3878818363aa615edc7e1b361110d1cc2165a51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 20:18:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
199182
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13371
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 09 Nov 2022 20:18:11 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 27D9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211109&jk=3206672275891475&rc=
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame AAA6 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211109&jk=3206672275891475&bg=!SUqlSg7NAAZQLpa_UC47ACkAdvg8Wh8AGqiT3WOS1g4LdnGUixLOR-nN7jh0ju4VkY1wxkMWCWJaYAIAAABpUgAAAAxoAQcKAFxHwopLTRY7IaqQD8SuXWD8gcI0U21L4j2lSuMOYvKLt0FJP5mmpX_xc8WbijlGeX8pXU1iLaUmq7E1a1Ubbds1BCemcxtb4KYzM1H7k-tZHM7KJGNmW8EsxB6xpZkC3agQ58rHrDJv6-USxP6j7cHqAGm9dtKt0nWTF15cSg17LQWTMB-jP0b5STT5ezxFgzoOLbKOQVXASCbz1Nxo92KJ9BDhgZrD_KZ37SW2fRZo4srhAorhBiyYoxyklIqF2K5x6TdS1DfAEVWzuJx1HaFLg_fMDmBEtOM_Ef5KlgB17fE1czeNeghhd_ItjoJo53GtOmXOdC_oPSx90VNz1qogpNmAGWuKzvLQtlt9MtIXIk0Z25XzripQG3zrupOvrkK-ulTHC0EcZWZM9yiHSiE_ok-6Se0khl699Zg9Ewi5IWBl76U0F0GMmyxMquHXNQCmsaUkGBykyk_VeoiK7JNAr3codxbfhh4l0j5gPZrP_4wugrbwkfbdDzkYjla564v54WReNJdnIddzfmF5bmCADiFLCCEfWxoqIGXiWlpdAXVcHKs1JDl9FlqwcoOPsGiKnj_9bdG4wdIbGZXFMYGWv_L4kFvFxlb3oZlAlzNbCDuaPPs18jR8gd9XvUqyHXopykA03suldwX2Kibr6i1oM4nKe6I3IZhQf_vraz-xAV7gPlS_jg5opcVEpNEFbgaW_mY9n9HPHzbP65xCDi4FpById2qhSqqrrVda3lvelOOuAtJgix0AB7QiTRGtXlwtetpkwPkoGME8cQajEAgfLe85vJ0y5JVMJaxTwCjrNEFKnvxa4rLTGO0q6L5TSONAKL4Pxyv8EotENV2afDJAHJSWrhr1TRQRp-ygCWUMRRso20sNmcmFJE9YCJ2X0f05J3vZPpNOUxF5SdLN8uvWGrgcN5VTwYg1teigRpvAuVbUPvX0N2-GgYHUPyAn7qnayP7ka47hmzSo8fLqYz79VxlIb2XndvfK-uiNDY6aVC2S6HZ80hwuvqTi6oSHpCbt4GoRDk-hVwdA9rrghcJKtP7hoz_8HynoaqMCSGxCIsgCIGKvhPhbioB66p-B8ZbMTQCwQpIwxiWQZkM
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
user
ads3.admatic.com.tr/ Frame A5F9
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=admatic
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dadmatic%26expires%3D30%26user_group%3D%24%...
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dadmatic%26expires%3D30%26user_group%3D%24%...
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=f2660431-125a-513c-be99-7129df1490bb&ssp=admatic&expires=30&user_group=1
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=ca55ffaf-b038-4845-a074-417fa5b634be&dsp_uuid=&dsp_id=
  • https://ads3.admatic.com.tr/user?bsw_uuid=ca55ffaf-b038-4845-a074-417fa5b634be&dsp_uuid=&dsp_id=
35 B
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads3.admatic.com.tr/user?bsw_uuid=ca55ffaf-b038-4845-a074-417fa5b634be&dsp_uuid=&dsp_id=
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
H2
Server
188.132.147.235 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-235-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:54 GMT
server
AdMatic
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
x-powered-by
AdMatic
content-type
image/gif
cache-control
no-cache
timing-allow-origin
*
content-length
35

Redirect headers

timing-allow-origin
*
date
Fri, 12 Nov 2021 03:37:54 GMT
location
https://ads3.admatic.com.tr/user?bsw_uuid=ca55ffaf-b038-4845-a074-417fa5b634be&dsp_uuid=&dsp_id=
x-powered-by
AdMatic
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
221
ptrack
a.audrte.com/ Frame 34E1 		368 B
880 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptrack?arlocation=91.199.118.74&p=M1353665098&artime=2021-11-12T03:37:53.562Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMT9kdT1odHRwcyUzQSUyRiUyRnN5bmMuYWR0ZWxsaWdlbnQuY29tJTJGY3N5bmMlM0Z0JTNEYSUyNmVwJTNEMzA3OTcxJTI2ZXh0dWlkJTNEJTI0VUlE&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=d3d3Lm9hbm4uY29tL2ZlZGVyYWwtY291cnQtb3JkZXJzLWJpZGVucy1kb2otdG8tc3RvcC1leHRyYWN0aW5nLWRhdGEtZnJvbS1waG9uZXMtb2YtcHJvamVjdC12ZXJpdGFzLWZvdW5kZXItamFtZXMtb2tlZWZlLw==
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.28.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-28-97.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
7da5be1d950ae8789e74fc4ecd37704bb3f8753b04f33bbd446366c05739a4b4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:37:54 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://ads.us.e-planning.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
263
rt=ifr
bcp.crwdcntrl.net/5/c=15238/rand=431377501/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20www.oann.com/ Frame 551B 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/5/c=15238/rand=431377501/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20www.oann.com/rt=ifr
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.84.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-84-146.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
ec51195add94402ceaea3b24b63d2ad584d9c28ab69def13f6ac0ab5e409f37a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

date
Fri, 12 Nov 2021 03:37:53 GMT
content-type
text/html;charset=utf-8
content-length
1131
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control
no-cache
pragma
no-cache
expires
0
x-server
10.45.14.219
access-control-allow-origin
*
server
Jetty(9.4.38.v20210224)
usermatch.gif
beacon.krxd.net/ Frame 551B 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=lotame&partner_uid=ae1ef9dbcc63b13a6494acd785836c22
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=431377501/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20www.oann.com/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.73.26 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-73-26.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:54 GMT
cache-control
private, no-cache, no-store
x-request-time
D=52 t=1636688274
x-served-by
beacon-n021-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
tpid=YY3hiwAAAbzr6wBG
sync.crwdcntrl.net/map/c=1811/tp=TBMG/ Frame 551B
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D
  • https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YY3hiwAAAbzr6wBG
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YY3hiwAAAbzr6wBG
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=431377501/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20www.oann.com/rt=ifr
Protocol
H2
Server
52.17.84.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-84-146.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:54 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.5.53
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:54 GMT
via
1.1 varnish
server
Varnish
x-timer
S1636688274.047015,VS0,VE0
x-served-by
cache-fra19156-FRA
x-cache
HIT
location
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YY3hiwAAAbzr6wBG
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
tpid=37127328274913860432154452890004927553
sync.crwdcntrl.net/map/c=9828/tp=ADBE/ Frame 551B
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=ae1ef9dbcc63b13a6494acd785836c22&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=37127328274913860432154452890004927553
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=37127328274913860432154452890004927553
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=431377501/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20www.oann.com/rt=ifr
Protocol
H2
Server
52.17.84.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-84-146.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:54 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.14.219
content-type
image/gif
content-length
49
expires
0

Redirect headers

DCS
dcs-prod-irl1-1-v019-0df8032d5.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
FKhLYqLHTR0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=37127328274913860432154452890004927553
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
image.sbxx
global.ib-ibi.com/ Frame 551B 		0
0
5907
tags.bluekai.com/site/ Frame 551B 		62 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/5907?limit=0&id=e856ed7390dd54519c7fbcf633ed8ed5
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=431377501/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20www.oann.com/rt=ifr
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-191.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:37:54 GMT
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
Content-Type
image/gif
qmap
sync.crwdcntrl.net/ Frame 551B
Redirect Chain
  • https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D
  • https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=e626618d-e18b-4900-b346-8a6c848cdf60
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=e626618d-e18b-4900-b346-8a6c848cdf60
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=431377501/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20www.oann.com/rt=ifr
Protocol
H2
Server
52.17.84.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-84-146.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:54 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.31.8
content-type
image/gif
content-length
49
expires
0

Redirect headers

Date
Fri, 12 Nov 2021 03:37:54 GMT
Server
MT3 4067 88cc6bf master cdg-pixel-x29 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=e626618d-e18b-4900-b346-8a6c848cdf60
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 12 Nov 2021 03:37:53 GMT
pixel
ps.eyeota.net/ Frame 34E1 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=2m5oK5SwQnJRja1OGUZekugfQ&gdpr=0&gdpr_consent=
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.121.27.153 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:37:54 GMT
Content-Length
1241
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
p
a.audrte.com/ Frame 34E1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=2m5oK5SwQnJRja1OGUZekugfQ&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=2m5oK5SwQnJRja1OGUZekugfQ&gdpr=0&gdpr_consent=&google_gid=CAESEHs7MsDHG_tBhKtQzyONLvw&google_cver=1
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
HTTP/1.1
Server
34.206.28.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-28-97.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:37:54 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Fri, 12 Nov 2021 03:37:54 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
match
ps.eyeota.net/ Frame 34E1
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=1034124019680978443
  • https://ps.eyeota.net/match?bid=kh51m51&uid=2m5oK5SwQnJRja1OGUZekugfQ&gdpr=0&gdpr_consent=
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?bid=kh51m51&uid=2m5oK5SwQnJRja1OGUZekugfQ&gdpr=0&gdpr_consent=
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
HTTP/1.1
Server
3.121.27.153 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:37:54 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Date
Fri, 12 Nov 2021 03:37:54 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://ps.eyeota.net/match?bid=kh51m51&uid=2m5oK5SwQnJRja1OGUZekugfQ&gdpr=0&gdpr_consent=
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
async_usersync.html
acdn.adnxs.com/dmp/ Frame 9DBE 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-148.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Content-Type
text/html
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Sat, 13 Nov 2021 03:37:56 GMT
Date
Fri, 12 Nov 2021 03:37:54 GMT
Connection
keep-alive
Vary
Accept-Encoding
beacon
ap.lijit.com/ Frame F909 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13480300
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/

Response headers

Server
nginx
Date
Fri, 12 Nov 2021 03:37:54 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap4ams1
pd
eu-u.openx.net/w/1.0/ Frame 0F34 		542 B
358 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
270774d8d3d0a48bbf341155afc69ecd9bc1e0681f7196b1cfc96e82f5b280f6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/16.218.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Fri, 12 Nov 2021 03:37:54 GMT
content-type
text/html
content-length
339
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sync.html
s.adtelligent.com/ Frame 105A 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=651796
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5139::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
282891b3961bb82bfa9850b4b003d09b309c4ac8250ee56592172c165047373a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/

Response headers

Server
VertaMedia 1.0
Date
Fri, 12 Nov 2021 03:37:53 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
792
Access-Control-Allow-Origin
https://www.oann.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
d
ic.tynt.com/r/ Frame 8E54 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ic.tynt.com/r/d?m=xch&rt=html&gdpr={gdpr}gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.186 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip186.208-100-17.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/

Response headers

server
nginx/1.16.1
date
Fri, 12 Nov 2021 03:37:54 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
sync.html
s.console.adtarget.com.tr/ Frame 0FD7 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=609096
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5139::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
7cf9f1cabbd31f0e4b89199b94c1474db634a3c2e14f3f4dd6e0820d30acdd5a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/

Response headers

Server
VertaMedia 1.0
Date
Fri, 12 Nov 2021 03:37:53 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
874
Access-Control-Allow-Origin
https://www.oann.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
/
ads.us.e-planning.net/uspd/1/ Frame 6C54 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 Aalsmeer, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
c77635bc84046a156d29be1a71dd276b585139b9b4549975c3b3c8d275d9b53b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/

Response headers

server
openresty
date
Fri, 12 Nov 2021 03:37:54 GMT
content-type
text/html
cache-control
max-age=0, no-cache
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
expires
Fri, 12 Nov 2021 03:37:54 GMT
x-sid
AMS-731
content-encoding
gzip
csync
sync.adtelligent.com/ Frame F307
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D
  • https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=c5b33dd8-fbfd-4a05-badc-d38f5c8aa507
0
0
usync.html
eus.rubiconproject.com/ Frame 3180 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40019-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 12 Nov 2021 03:37:54 GMT
Connection
keep-alive
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9A28 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-175.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=68216
expires
Fri, 12 Nov 2021 22:34:50 GMT
date
Fri, 12 Nov 2021 03:37:54 GMT
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame D3B7 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
usersync.html
ad-cdn.technoratimedia.com/html/ Frame B83E 		17 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_5.9.0-pre
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.191 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frd/E2F8) /
Resource Hash
62f3a786e694b5c0ea068b3267e019ec7de62fb98fbebffdfbd425f1cd99a86e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/

Response headers

content-encoding
gzip
accept-ranges
bytes
access-control-allow-origin
*
age
889
cache-control
max-age=900
content-type
text/html; charset=UTF-8
date
Fri, 12 Nov 2021 03:37:54 GMT
etag
"450f-5c7a90520f640"
expires
Fri, 12 Nov 2021 03:52:54 GMT
last-modified
Wed, 21 Jul 2021 21:40:33 GMT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
server
ECAcc (frd/E2F8)
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-varnish
620897773
content-length
5566
check.html
biddr.brealtime.com/ Frame 083D 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.120.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/

Response headers

Date
Fri, 12 Nov 2021 03:37:54 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
x-amz-id-2
iThDOqIsDS8Lc8XERmO4THti/L0TNokZlU7KZ5ydViHoGsz8wSrXydQlClxKzw+8VZ9YuulUJ7s=
x-amz-request-id
5S3T1K5V2G9VMX3D
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status
HIT
Age
7098
Expires
Fri, 12 Nov 2021 03:38:54 GMT
Cache-Control
public, max-age=60
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
6accb97129e0695e-FRA
Content-Encoding
gzip
checksync.php
contextual.media.net/ Frame C711 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIUMTP7&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2029%2C2028%2C2027%2C236%2C237%2C2025%2C238%2C117%2C97%2C99%2C3012%2C3011%2C3010%2C3007%2C201%2C4%2C246%2C2037%2C203%2C9%2C2011%2C3022%2C3020%2C251%2C175%2C2009%2C255%2C178%2C3018%2C3017%2C3016%2C214%2C3014%2C70%2C77%2C38%2C182%2C261%2C141%2C222%2C301%2C225%2C80%2C10000%2C108&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a6d8b4fd932c77f091df092303087ebc50c0200922e2af2cc61c45b6194e486b
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/

Response headers

server
Apache
content-type
text/html; charset=UTF-8
x-mnet-hl2
E
strict-transport-security
max-age=604800
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=172800
expires
Sun, 14 Nov 2021 03:37:54 GMT
date
Fri, 12 Nov 2021 03:37:54 GMT
content-length
8178
/
ssc-cms.33across.com/ps/ Frame 53F9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=azC7qard4r6OkMaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbixcw.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.177 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip177.208-100-17.static.steadfastdns.net
Software
33XP002 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/

Response headers

x-33x-status
2000208
server
33XP002
date
Fri, 12 Nov 2021 03:37:53 GMT
sync
ups.analytics.yahoo.com/ups/55986/
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=
  • https://pixel.advertising.com/ups/55986/sync?uid=YY3hiwAAAbzr6wBG&_origin=0&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/55986/sync?uid=YY3hiwAAAbzr6wBG&_origin=0&gdpr=0&gdpr_consent=&apid=UPe54983f6-4369-11ec-a004-02c1570f7238
0
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55986/sync?uid=YY3hiwAAAbzr6wBG&_origin=0&gdpr=0&gdpr_consent=&apid=UPe54983f6-4369-11ec-a004-02c1570f7238
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:54 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55986/sync?uid=YY3hiwAAAbzr6wBG&_origin=0&gdpr=0&gdpr_consent=&apid=UPe54983f6-4369-11ec-a004-02c1570f7238
date
Fri, 12 Nov 2021 03:37:54 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
csync
sync.adtelligent.com/
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=59aa3052-ff19-4751-90ca-53cfef66db91
0
0
prebidserver
lockerdome.com/usync/ 		43 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lockerdome.com/usync/prebidserver?pid=11201047612067584&gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D285400%26extuid%3D%7B%7Buid%7D%7D
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.142.154.104.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:37:54 GMT
Cache-Control
no-cache, max-age=0, must-revalidate, no-store
Content-Type
image/gif
ETag
W/"2b-J5MV1QeFXGpDUeHiwvOd2c0vzNg"
Content-Length
43
P3P
CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
csync
sync.adtelligent.com/ 		0
0
sync
ups.analytics.yahoo.com/ups/57304/
Redirect Chain
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UPe54983f6-4369-11ec-a004-02c1570f7238
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVBlNTQ5ODNmNi00MzY5LTExZWMtYTAwNC0wMmMxNTcwZjcyMzg%3D
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEEhp0aTeFaidO5ycLYomz2U&google_cver=1
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEEhp0aTeFaidO5ycLYomz2U&google_cver=1&apid=UPe54983f6-4369-11ec-a004-02c1570f7238
0
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEEhp0aTeFaidO5ycLYomz2U&google_cver=1&apid=UPe54983f6-4369-11ec-a004-02c1570f7238
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:54 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEEhp0aTeFaidO5ycLYomz2U&google_cver=1&apid=UPe54983f6-4369-11ec-a004-02c1570f7238
date
Fri, 12 Nov 2021 03:37:54 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
csync
sync.adtelligent.com/
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=f84f02358cfc80548d3f33c7
0
0
sync
ups.analytics.yahoo.com/ups/55953/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=c6f7b90a-8be6-489e-aed8-3443d34fbebe&_origin=1&gdpr=1&gdpr_consent=
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55953/sync?uid=c6f7b90a-8be6-489e-aed8-3443d34fbebe&_origin=1&gdpr=1&gdpr_consent=
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:54 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:54 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ups.analytics.yahoo.com/ups/55953/sync?uid=c6f7b90a-8be6-489e-aed8-3443d34fbebe&_origin=1&gdpr=1&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
267
8.gif
id5-sync.com/c/441/340/2/
Redirect Chain
  • https://id5-sync.com/s/441/9.gif?puid=e_bee7f5ba-0941-47a7-ac46-c27fb81a1b49&gdpr=1&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMO86cEKNoRjXxNkuBVQQZ1PvX1TX4ZkkCXTVTOuw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3Fpuid%3...
  • https://id5-sync.com/cq/441/916/8/2.gif?puid=869d1979-d4d7-48b6-8296-b1c99ad5eb73&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO86cEKNoRjXxNkuBVQQZ1PvX1TX4ZkkCXTVTOuw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F7%2F3.gif%3Fpuid%3D...
  • https://id5-sync.com/cq/441/124/7/3.gif?puid=869d1979-d4d7-48b6-8296-b1c99ad5eb73&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/441/146/6/4.gif?puid=30b2f914-7298-45f5-ac23-8adb5ce5999c&gdpr=1&gdpr_consent=
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&domid=1033
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi...
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103...
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEGFFKSS9WApe7yysncOdMRU&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0Rv...
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=7051991869510472897&opid=apx&ops=&utidl=tech:goo:CAESEGFFKSS9WApe7yysncOdMRU&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0a...
  • https://id5-sync.com/qp/18.gif?puid=vec%3A22425443906&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/4/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/441/19/4/6.gif?puid=ae1ef9dbcc63b13a6494acd785836c22&gdpr=1&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=463291&dpuuid=ID5-ZHMO86cEKNoRjXxNkuBVQQZ1PvX1TX4ZkkCXTVTOuw&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F160%2F3%2F7.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr...
  • https://id5-sync.com/c/441/160/3/7.gif?puid=37127328274913860432154452890004927553&gdpr=1&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=494279&dpuuid=ID5-ZHMO86cEKNoRjXxNkuBVQQZ1PvX1TX4ZkkCXTVTOuw&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F340%2F2%2F8.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr...
  • https://id5-sync.com/c/441/340/2/8.gif?puid=37127328274913860432154452890004927553&gdpr=1&gdpr_consent=
0
0
csync
sync.adtelligent.com/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=7051991869510472897
0
0
/
www.example.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.example.com/
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:1:248:1893:25c8:1946 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
csync
sync.adtelligent.com/
Redirect Chain
  • https://ad.360yield.com/server_match?gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D
  • https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=869d1979-d4d7-48b6-8296-b1c99ad5eb73
0
0
usync.js
eus.rubiconproject.com/ Frame 3180 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0ab97734a7744ba95b6c3a25f32fc74029cae9a8b0e65b0f7bdeb4d1ba7b2d70

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:37:54 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Nov 2021 00:01:00 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=12161
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9510
Expires
Fri, 12 Nov 2021 07:00:35 GMT
dds
rtb.openx.net/sync/ Frame 0F34
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=vyI1oe8AzZYdMt9tvSQjpg==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
Protocol
H3
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:54 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
habmt6coaengbs93ltjg1mtf8rr97gid

Redirect headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:54 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
f4b3d9d9-d62a-e6f1-ca91-852f916ad455
pr-bh.ybp.yahoo.com/sync/openx/ Frame 0F34 		43 B
874 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/f4b3d9d9-d62a-e6f1-ca91-852f916ad455?gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:dc78:e42b:b41a:32a0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:54 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
sd
eu-u.openx.net/w/1.0/ Frame 0F34
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=LlpRG4f11MLnnS5
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=LlpRG4f11MLnnS5
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:54 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:53 GMT
Server
PingMatch/v2.0.30-691-gbabbd08#rel-ec2-master i-02cbf440f9d738c39@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=LlpRG4f11MLnnS5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 0F34
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dopenx
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dopenx
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=30b2f914-7298-45f5-ac23-8adb5ce5999c&ssp=openx
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=ca55ffaf-b038-4845-a074-417fa5b634be
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=ca55ffaf-b038-4845-a074-417fa5b634be
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:54 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
//us-u.openx.net/w/1.0/sd?id=537072968&val=ca55ffaf-b038-4845-a074-417fa5b634be
Date
Fri, 12 Nov 2021 03:37:54 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
sd
eu-u.openx.net/w/1.0/ Frame 0F34
Redirect Chain
  • https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://eu-u.openx.net/w/1.0/sd?id=537072399&val=7051991869510472897
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=7051991869510472897
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:54 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:54 GMT
X-Proxy-Origin
91.199.118.74; 91.199.118.74; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
c8ceff13-0048-4679-9a4b-d518b6c1b41e
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=7051991869510472897
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cookie-sync
match.prod.bidr.io/ Frame 0F34
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ox
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AATrDk7DG8MAAD0EfyumLw&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpp%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=ox&bee_sync_hop_count=1
43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpp%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=ox&bee_sync_hop_count=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
Protocol
HTTP/1.1
Server
52.212.206.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-206-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:54 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpp%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=ox&bee_sync_hop_count=1
date
Fri, 12 Nov 2021 03:37:54 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug021:0:487
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
dataxpand_28122020.js
s.e-planning.net/esb/4/1/3fb8/8a4272ba9ae263fe/ Frame 6C54 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/8a4272ba9ae263fe/dataxpand_28122020.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
792e8d90eda8320b9bad0aa1aa9b98cb609ac3a72a642e6d370f40131c88ebe4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:54 GMT
content-encoding
gzip
last-modified
Mon, 28 Dec 2020 16:45:03 GMT
server
openresty
etag
W/"5fea0b8f-9a72"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Wed, 11 Nov 2026 03:37:54 GMT
retargetly_030920.js
s.e-planning.net/esb/4/1/3fb8/7bb4893a30d21aef/ Frame 6C54 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/7bb4893a30d21aef/retargetly_030920.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
18cbfcb608af5885f7916274b60578d32006c90e8fce3d98dbcc89a646707608

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:54 GMT
content-encoding
gzip
last-modified
Thu, 03 Sep 2020 18:45:03 GMT
server
openresty
etag
W/"5f5139af-857"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Wed, 11 Nov 2026 03:37:54 GMT
ptag
a.audrte.com/ Frame 6C54 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.28.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-28-97.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
7a349630f46773b993f243b2ef0f26a88304fde74466717161d74b09c6a9fd2f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:37:54 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1682
lotame.js
s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/ Frame 6C54 		266 B
415 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:54 GMT
content-encoding
gzip
last-modified
Thu, 19 Nov 2020 16:18:03 GMT
server
openresty
etag
W/"5fb69abb-10a"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Wed, 11 Nov 2026 03:37:54 GMT
current
prebid-match.dotomi.com/match/bounce/ Frame 6C54 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-match.dotomi.com/match/bounce/current?networkId=72582&version=1&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi%3D6c99d864c877fcf3%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:54 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame 6C54
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D6c99d864c877fcf3
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
95 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
162.55.233.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.233.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:54 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png

Redirect headers

location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
date
Fri, 12 Nov 2021 03:37:54 GMT
server
nginx/1.14.2
content-type
text/html; charset=UTF-8
us
sync.go.sonobi.com/ Frame 6C54 		0
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3D6c99d864c877fcf3%26uid%3D%5BUID%5D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:54 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
um
u-ams02.e-planning.net/ Frame 6C54
Redirect Chain
  • https://cs.admanmedia.com/sync/eplanning?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D227acb3d18564968%26fi%3D6c99d864c877fcf3%26uid%3D%7B%24UID%7D
  • https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=6c99d864c877fcf3&uid=8905320fd96316601b5036f2c7ff5ee29069c9b4
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=6c99d864c877fcf3&uid=8905320fd96316601b5036f2c7ff5ee29069c9b4
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:54 GMT
server
openresty
content-type
image/gif

Redirect headers

Location
https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=6c99d864c877fcf3&uid=8905320fd96316601b5036f2c7ff5ee29069c9b4
Date
Fri, 12 Nov 2021 03:37:54 GMT
Transfer-Encoding
chunked
Server
nginx
Connection
keep-alive
X-Frame-Options
DENY
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
async_usersync
ib.adnxs.com/ Frame 9DBE 		0
731 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:54 GMT
X-Proxy-Origin
91.199.118.74; 91.199.118.74; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
ec29115c-1139-4660-8bd8-a76268e728a7
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 9A28 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=6843922&p=158127&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
9135c54bdc74af02675fa38a2e7fa98b4b90eae92dc62a090f8282b90fbf4b93

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
1586
content-type
text/html; charset=UTF-8
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7A32 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-175.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=68216
expires
Fri, 12 Nov 2021 22:34:50 GMT
date
Fri, 12 Nov 2021 03:37:54 GMT
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 6312
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d
  • https://eus.rubiconproject.com/usync.html?p=17184-d
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17184-d
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40019-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 12 Nov 2021 03:37:54 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=17184-d
Date
Fri, 12 Nov 2021 03:37:54 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
csync
sync.adtelligent.com/ Frame 105A
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189529&cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D323546%26extuid%3D
  • https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=YY3hh-hBgT.uGKmO4CBSjQAA%261130
0
0
csync
sync.adtelligent.com/ Frame 105A 		0
0
usync.html
eus.rubiconproject.com/ Frame F9D9
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40019-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 12 Nov 2021 03:37:54 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Date
Fri, 12 Nov 2021 03:37:54 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9FDF 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D6c99d864c877fcf3%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-175.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=68216
expires
Fri, 12 Nov 2021 22:34:50 GMT
date
Fri, 12 Nov 2021 03:37:54 GMT
vary
Accept-Encoding
csync
sync.console.adtarget.com.tr/ Frame 21C8 		0
0
csync
sync.console.adtarget.com.tr/ Frame 4BA2
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=admatic
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=9g0j12fACH6DwS0AE7Em&pi=admatic
0
0
/
ads.us.e-planning.net/uspd/1/ Frame 4230 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 Aalsmeer, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
3088ffc994cfe5f4d8124fdee9f1d9ee9796d408dc24eabe91f4e3255b24855e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

server
openresty
date
Fri, 12 Nov 2021 03:37:54 GMT
content-type
text/html
cache-control
max-age=0, no-cache
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
expires
Fri, 12 Nov 2021 03:37:54 GMT
x-sid
AMS-731
content-encoding
gzip
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E080 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-175.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=68216
expires
Fri, 12 Nov 2021 22:34:50 GMT
date
Fri, 12 Nov 2021 03:37:54 GMT
vary
Accept-Encoding
pbsync.html
js.adscale.de/ Frame 65A5 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:8600:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ecde72bc5d9fd5bc5150218535ae8f75ad9161924b91e64b7995c495fc90c246

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

content-type
text/html
last-modified
Thu, 11 Nov 2021 06:45:10 GMT
x-amz-version-id
RYuv7OHkGyBGhruGqt.WyYPuQOUx_v1g
server
AmazonS3
content-encoding
gzip
date
Fri, 12 Nov 2021 02:45:11 GMT
cache-control
max-age=7200
etag
W/"5550fca00caf055568d6ced373f2721f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 5297df6326448099cefed6e96fd7b00b.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
fHh1zobVzSAJcoyEPiTQe2nRUBXSbazcTLbmbzScZAehQi_gZ7ZUEw==
age
3163
csync
sync.console.adtarget.com.tr/ Frame 87A7
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=1034124019680978443
0
0
user
cdn.admatic.com.tr/ Frame A8AE 		251 B
628 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admatic.com.tr/user
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
62b58b017cf4d54dc404dbc48e49b0429cbbb46678a868a95bf17664cc6340fd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

date
Fri, 12 Nov 2021 03:37:54 GMT
content-type
text/html
vary
Accept-Encoding
server
BunnyCDN-DE1-756
cdn-pullzone
266102
cdn-uid
bea626e5-d007-4073-8941-73ce8dd2f81c
cdn-requestcountrycode
GB
cdn-edgestorageid
756
cdn-storageserver
DE-51
cache-control
public, max-age=3600
cdn-fileserver
141
last-modified
Thu, 11 Feb 2021 13:30:42 GMT
cdn-cachedat
2021-08-10 09:24:38
cdn-requestpullsuccess
True
cdn-requestpullcode
206
cdn-requestid
aac1bbda058095c5a3b9b8eafca7604a
cdn-status
200
cdn-cache
HIT
content-encoding
gzip
csync
sync.console.adtarget.com.tr/ Frame 0FD7 		0
0
usermatch
ssum.casalemedia.com/ Frame A257 		2 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D6c99d864c877fcf3%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
727ac58055a5dc2a26c255eb338193b7117889703406214be4de6f90b102bfcc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
13|51|206|191|88|65|41|90
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1710
Expires
Fri, 12 Nov 2021 03:37:54 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:54 GMT
Connection
keep-alive
loader
api.retargetly.com/ Frame 6C54 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.retargetly.com/loader?id=1473
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/1/3fb8/7bb4893a30d21aef/retargetly_030920.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:118d -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
d22884064f4d7b34e4a0c7ef2767d21363923c795416100088d9d910a32a63c5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:54 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6accb972f8ed699f-FRA
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
cache-control
public, max-age=604800
content-type
application/javascript
expires
Fri Nov 19 2021 03:37:54 GMT+0000 (UTC)
/
onetag-sys.com/usync/ Frame D5B3 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame CECB 		322 B
688 B 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ca2c3cee1dda8ca8de830549e62c096abc0b3dde90e58c72378dc451e068bbb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

date
Fri, 12 Nov 2021 03:37:54 GMT
content-type
text/html
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6accb972c9dc5c68-FRA
content-encoding
br
usersync
match.bnmla.com/ Frame 81A3 		0
114 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.27.122.101 Chestertown, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Fri, 12 Nov 2021 03:37:54 GMT
Content-Length
0
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame EB6A
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:LlpRG4f11MLnnS5&gdpr=0&gdpr_consent=
42 B
212 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:LlpRG4f11MLnnS5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 12 Nov 2021 03:37:54 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug006:0:464
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Cache-Control
no-cache, must-revalidate
Date
Fri, 12 Nov 2021 03:37:53 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:LlpRG4f11MLnnS5&gdpr=0&gdpr_consent=
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Pragma
no-cache
Server
PingMatch/v2.0.30-691-gbabbd08#rel-ec2-master i-02cbf440f9d738c39@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame 8663
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:8AC5227B8F2D4D5C8108AA8B2418A4EF
1 B
87 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:8AC5227B8F2D4D5C8108AA8B2418A4EF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 12 Nov 2021 03:37:54 GMT
content-type
text/html; charset=utf-8
content-length
1
x-lat
lhrpug011:0:341
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
nginx
date
Fri, 12 Nov 2021 03:37:54 GMT
content-type
text/html
content-length
138
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:8AC5227B8F2D4D5C8108AA8B2418A4EF
expires
Thu, 11 Nov 2021 03:37:54 GMT
cache-control
no-cache
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Pug
simage2.pubmatic.com/AdServer/ Frame 1A34
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=JTTjVY0qS5JtcVusoecQ11vHdko
42 B
219 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=JTTjVY0qS5JtcVusoecQ11vHdko
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 12 Nov 2021 03:37:54 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug019:0:576
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Content-Type
text/html; charset=utf-8
Date
Fri, 12 Nov 2021 03:37:54 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=JTTjVY0qS5JtcVusoecQ11vHdko
Content-Length
159
Connection
keep-alive
Artemis
aud.pubmatic.com/AdServer/ Frame 9A28
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=F7758E58-A6FE-4EE5-A3E4-8A9A780B336D&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=F7758E58-A6FE-4EE5-A3E4-8A9A780B336D&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=F7758E58-A6FE-4EE5-A3E4-8A9A780B336D&addseg=19,36,42
43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=F7758E58-A6FE-4EE5-A3E4-8A9A780B336D&addseg=19,36,42
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Server
185.64.189.229 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:54 GMT
content-length
43
content-type
text/plain; charset=utf-8

Redirect headers

date
Fri, 12 Nov 2021 03:37:54 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=F7758E58-A6FE-4EE5-A3E4-8A9A780B336D&addseg=19,36,42
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
141
info2
uipglob.semasio.net/pubmatic/1/ Frame 9A28
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=F7758E58-A6FE-4EE5-A3E4-8A9A780B336D&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=F7758E58-A6FE-4EE5-A3E4-8A9A780B336D&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=F7758E58-A6FE-4EE5-A3E4-8A9A780B336D&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
HTTP/1.1
Server
77.243.60.138 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:54 GMT
frontend-id
10
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:54 GMT
frontend-id
0
location
/pubmatic/1/info2?sType=sync&sExtCookieId=F7758E58-A6FE-4EE5-A3E4-8A9A780B336D&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 9A28 		95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=F7758E58-A6FE-4EE5-A3E4-8A9A780B336D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:54 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
6accb972d9f65c68-FRA
access-control-allow-headers
*
content-length
95
p
a.audrte.com/ Frame 9A28
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=F7758E58-A6FE-4EE5-A3E4-8A9A780B336D
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
HTTP/1.1
Server
34.206.28.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-28-97.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:37:54 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Fri, 12 Nov 2021 03:37:54 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 9A28
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=ebbc5d54-4369-11ec-a6af-31b47b025245&gdpr=0&gdpr_consent=
1 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=ebbc5d54-4369-11ec-a6af-31b47b025245&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:54 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug005:0:464
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=ebbc5d54-4369-11ec-a6af-31b47b025245&gdpr=0&gdpr_consent=
Date
Fri, 12 Nov 2021 03:37:54 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
ebbc5d55-4369-11ec-a6af-31b47b025245
bundle.js
cdn.admatic.com.tr/user/ Frame A8AE 		54 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admatic.com.tr/user/bundle.js
Requested by
Host: cdn.admatic.com.tr
URL: https://cdn.admatic.com.tr/user
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
8b5cbe512fbb056de7aa42963d3bac7e38adb05e32fbe6f502b4fad3cabf57fc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/user
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:54 GMT
content-encoding
br
cdn-edgestorageid
756
cdn-fileserver
141
cdn-storageserver
DE-51
cdn-cachedat
2021-08-12 13:48:34
cdn-pullzone
266102
last-modified
Fri, 12 Mar 2021 04:24:48 GMT
server
BunnyCDN-DE1-756
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
bea626e5-d007-4073-8941-73ce8dd2f81c
cache-control
public, max-age=3600
cdn-requestid
2d703e4883fe5067dcd14c289d62ce46
cdn-requestcountrycode
GB
cdn-status
200
cdn-requestpullsuccess
True
usync.js
eus.rubiconproject.com/ Frame 6312 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0ab97734a7744ba95b6c3a25f32fc74029cae9a8b0e65b0f7bdeb4d1ba7b2d70

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17184-d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:37:54 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Nov 2021 00:01:00 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=12161
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9510
Expires
Fri, 12 Nov 2021 07:00:35 GMT
cc.js
tags.crwdcntrl.net/c/15238/ Frame 6C54 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-128.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 16:20:14 GMT
content-encoding
gzip
etag
W/"2b2f816f40499d384e118ce88a266e02"
last-modified
Thu, 02 Jul 2020 15:35:12 GMT
server
AmazonS3
age
40661
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
via
1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
oXjN36fLruCyrd4FrUAh6Hy6jIbB0PzE-tLYHVgVZRb9WkEilgGlOw==
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame B1D9 		636 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

server
openresty
date
Fri, 12 Nov 2021 03:37:54 GMT
content-type
text/html
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
etag
W/"601b131c-27c"
expires
Wed, 11 Nov 2026 03:37:54 GMT
cache-control
max-age=157680000
access-control-allow-origin
*
content-encoding
gzip
csync
sync.adtelligent.com/ Frame 1C78 		0
0
dataxpand_28122020.js
s.e-planning.net/esb/4/1/3fb8/8a4272ba9ae263fe/ Frame 4230 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/8a4272ba9ae263fe/dataxpand_28122020.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
792e8d90eda8320b9bad0aa1aa9b98cb609ac3a72a642e6d370f40131c88ebe4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:54 GMT
content-encoding
gzip
last-modified
Mon, 28 Dec 2020 16:45:03 GMT
server
openresty
etag
W/"5fea0b8f-9a72"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Wed, 11 Nov 2026 03:37:54 GMT
retargetly_030920.js
s.e-planning.net/esb/4/1/3fb8/7bb4893a30d21aef/ Frame 4230 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/7bb4893a30d21aef/retargetly_030920.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
18cbfcb608af5885f7916274b60578d32006c90e8fce3d98dbcc89a646707608

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:54 GMT
content-encoding
gzip
last-modified
Thu, 03 Sep 2020 18:45:03 GMT
server
openresty
etag
W/"5f5139af-857"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Wed, 11 Nov 2026 03:37:54 GMT
ptag
a.audrte.com/ Frame 4230 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.28.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-28-97.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
7a349630f46773b993f243b2ef0f26a88304fde74466717161d74b09c6a9fd2f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:37:54 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1682
lotame.js
s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/ Frame 4230 		266 B
415 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:54 GMT
content-encoding
gzip
last-modified
Thu, 19 Nov 2020 16:18:03 GMT
server
openresty
etag
W/"5fb69abb-10a"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Wed, 11 Nov 2026 03:37:54 GMT
current
prebid-match.dotomi.com/match/bounce/ Frame 4230 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-match.dotomi.com/match/bounce/current?networkId=72582&version=1&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi%3D6c99d864c877fcf3%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:54 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame 4230
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D6c99d864c877fcf3
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
95 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
162.55.233.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.233.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:54 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png

Redirect headers

location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
date
Fri, 12 Nov 2021 03:37:54 GMT
server
nginx/1.14.2
content-type
text/html; charset=UTF-8
us
sync.go.sonobi.com/ Frame 4230 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3D6c99d864c877fcf3%26uid%3D%5BUID%5D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:54 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
um
u-ams02.e-planning.net/ Frame 4230
Redirect Chain
  • https://cs.admanmedia.com/sync/eplanning?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D227acb3d18564968%26fi%3D6c99d864c877fcf3%26uid%3D%7B%24UID%7D
  • https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=6c99d864c877fcf3&uid=8905320fd96316601b5036f2c7ff5ee29069c9b4
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=6c99d864c877fcf3&uid=8905320fd96316601b5036f2c7ff5ee29069c9b4
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:54 GMT
server
openresty
content-type
image/gif

Redirect headers

Location
https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=6c99d864c877fcf3&uid=8905320fd96316601b5036f2c7ff5ee29069c9b4
Date
Fri, 12 Nov 2021 03:37:54 GMT
Transfer-Encoding
chunked
Server
nginx
Connection
keep-alive
X-Frame-Options
DENY
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
usync.js
eus.rubiconproject.com/ Frame F9D9 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0ab97734a7744ba95b6c3a25f32fc74029cae9a8b0e65b0f7bdeb4d1ba7b2d70

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:37:54 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Nov 2021 00:01:00 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=12161
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9510
Expires
Fri, 12 Nov 2021 07:00:35 GMT
log
c21lg-d.media.net/ Frame C711 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&del=2&vsid=2796898669860212000V10&origin=1&flt=0
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIUMTP7&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2029%2C2028%2C2027%2C236%2C237%2C2025%2C238%2C117%2C97%2C99%2C3012%2C3011%2C3010%2C3007%2C201%2C4%2C246%2C2037%2C203%2C9%2C2011%2C3022%2C3020%2C251%2C175%2C2009%2C255%2C178%2C3018%2C3017%2C3016%2C214%2C3014%2C70%2C77%2C38%2C182%2C261%2C141%2C222%2C301%2C225%2C80%2C10000%2C108&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:54 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Fri, 12 Nov 2021 03:37:54 GMT
usync.html
eus.rubiconproject.com/ Frame 7C1F
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40019-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 12 Nov 2021 03:37:54 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Date
Fri, 12 Nov 2021 03:37:54 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 858F 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D6c99d864c877fcf3%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-175.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=68216
expires
Fri, 12 Nov 2021 22:34:50 GMT
date
Fri, 12 Nov 2021 03:37:54 GMT
vary
Accept-Encoding
userconnect.js
js.adscale.de/ Frame 65A5 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/userconnect.js
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:8600:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
58ed344732766704ee535508e3dcd8d4a8ec0c9c79d16adf02293adde110926c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
e4aoS_wI4Xx4CR.MbR6sut3AyCIgCWfz
content-encoding
br
last-modified
Thu, 11 Nov 2021 06:45:10 GMT
server
AmazonS3
age
3163
etag
W/"98f37b242862929d9aef4bde91abc8ad"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 5297df6326448099cefed6e96fd7b00b.cloudfront.net (CloudFront)
cache-control
max-age=7200
date
Fri, 12 Nov 2021 02:45:11 GMT
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
pF2DVpGQ7tvfBiAPjdcV9yodVSFWQElA6gWkyC5EdBTE1kUP1NRZOg==
csync
sync.console.adtarget.com.tr/ Frame 65A5 		0
0
user
ads3.admatic.com.tr/ Frame 2262
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=admatic
  • https://green.erne.co/bidswitch/cm?bidswitch_ssp_id=admatic&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=270&expires=10&user_id=5EUJvoksFrJIRubrTtzNXzX5&ssp=admatic
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=ca55ffaf-b038-4845-a074-417fa5b634be&dsp_uuid=&dsp_id=
  • https://ads3.admatic.com.tr/user?bsw_uuid=ca55ffaf-b038-4845-a074-417fa5b634be&dsp_uuid=&dsp_id=
35 B
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads3.admatic.com.tr/user?bsw_uuid=ca55ffaf-b038-4845-a074-417fa5b634be&dsp_uuid=&dsp_id=
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
H2
Server
188.132.147.235 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-235-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:54 GMT
server
AdMatic
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
x-powered-by
AdMatic
content-type
image/gif
cache-control
no-cache
timing-allow-origin
*
content-length
35

Redirect headers

timing-allow-origin
*
date
Fri, 12 Nov 2021 03:37:54 GMT
location
https://ads3.admatic.com.tr/user?bsw_uuid=ca55ffaf-b038-4845-a074-417fa5b634be&dsp_uuid=&dsp_id=
x-powered-by
AdMatic
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
221
crum
dsum-sec.casalemedia.com/ Frame A257
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D6c99d864c877fcf3%26uid%3D
Protocol
HTTP/1.1
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:54 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 12 Nov 2021 03:37:54 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
Date
Fri, 12 Nov 2021 03:37:54 GMT
Access-Control-Allow-Credentials
true
X-Powered-By
Express
Content-Length
0
Vary
Origin
Keep-Alive
timeout=5
sync
x.bidswitch.net/ Frame A257 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=index&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D6c99d864c877fcf3%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.90.196 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-90-196.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:37:54 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
sync
ups.analytics.yahoo.com/ups/55940/ Frame A257 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YY3hh_hBgT-uGKmO4CBSjQAABGoAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D6c99d864c877fcf3%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:54 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
index
dmp.brand-display.com/cm/api/ Frame A257 		43 B
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D6c99d864c877fcf3%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.40.233 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
233.40.241.35.bc.googleusercontent.com
Software
nginx/1.21.4 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:54 GMT
via
1.1 google
last-modified
Fri, 12 Nov 2021 03:37:54 GMT
server
nginx/1.21.4
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc
clear
content-length
43
expires
Fri, 12 Nov 2021 03:37:55 GMT
ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame A257 		85 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D6c99d864c877fcf3%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:54 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1636688275.574673,VS0,VE90
x-served-by
cache-fra19156-FRA
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-type
image/png
content-length
85
x-cache-hits
0
rum
dsum.casalemedia.com/ Frame A257
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1636774674&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1636774674&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D6c99d864c877fcf3%26uid%3D
Protocol
HTTP/1.1
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:54 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Fri, 12 Nov 2021 03:37:54 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1636774674&gdpr=1
pragma
no-cache
date
Fri, 12 Nov 2021 03:37:54 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
bridge
cm.adgrx.com/ Frame A257 		43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D6c99d864c877fcf3%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.180.197 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:54 GMT
server
Cowboy
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
ams-delivery-1
Content-Length
43
Expires
Thu, 23 Sep 2004 17:42:04 GMT
no_match_opted_out
um.simpli.fi/ Frame A257
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
  • https://um.simpli.fi/no_match_opted_out
0
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/no_match_opted_out
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D6c99d864c877fcf3%26uid%3D
Protocol
H2
Server
169.50.137.182 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b6.89.32a9.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 12 Nov 2021 03:37:54 GMT
x-content-type-options
nosniff
server
nginx
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS

Redirect headers

date
Fri, 12 Nov 2021 03:37:54 GMT
x-content-type-options
nosniff
server
nginx
location
/no_match_opted_out
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Thu, 11 Nov 2021 03:37:54 GMT
um
u-ams02.e-planning.net/ Frame A257 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=99e41df815fd80b4&fi=6c99d864c877fcf3&uid=YY3hh-hBgT.uGKmO4CBSjQAA%261130
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D6c99d864c877fcf3%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:54 GMT
server
openresty
content-type
image/gif
usermatch
ssum.casalemedia.com/ Frame AEAE 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D6c99d864c877fcf3%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
81dfa1841c94c956d3535e59d54f5f4911b6bacdf3e4eb7c9ae71acb62a8b272

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
111|90|230|190|13|81|51|65
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1627
Expires
Fri, 12 Nov 2021 03:37:54 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:54 GMT
Connection
keep-alive
user
ads3.admatic.com.tr/ Frame A8AE 		75 B
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads3.admatic.com.tr/user
Requested by
Host: cdn.admatic.com.tr
URL: https://cdn.admatic.com.tr/user/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.132.147.235 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-235-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
82cf013cb80335ea02233a8e96ca1b56f5fe18e0e9cdcc375249f775f103097e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Nov 2021 03:37:54 GMT
content-encoding
br
server
AdMatic
x-powered-by
AdMatic
vary
Origin,Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
79
mw
mwzeom.zeotap.com/ Frame CECB
Redirect Chain
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D74fce...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=dc0b4475-0325-438f-6b89-e5b64d00d781&zdid=1361
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=dc0b4475-0325-438f-6b89-e5b64d00d781&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:54 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6accb9747bcd5c68-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=dc0b4475-0325-438f-6b89-e5b64d00d781&zdid=1361
date
Fri, 12 Nov 2021 03:37:54 GMT
cross-origin-resource-policy
cross-origin
content-length
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame B01E 		261 B
219 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJz66wIQu_jwAhjWi5u5ATAB&v=APEucNU8gwvfMpq2wwUZqgD3nhKYIkzSlzVlDH70tn6KnzT4ogBmGHv2i6Ppzp4T37a_8ec_lN7yDbuEeOZQOwCyCe3SaJ1g3XFPbxOTRYF2PoSsLKPn64mECOqOjp7owhEQuUHjUkr0i5VCcJJwldOUbOYSdTcyPhkI7yC5vXGiKcPC1xdJnS8
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8e7c0b0b1c36228ba736e564a00405f72bf3b6bcfe6ac826cde2b6b9c14e55ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 12 Nov 2021 03:37:54 GMT
server
cafe
cache-control
private
content-length
145
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame B7FB 		53 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AXQMCyXhaP_cQNnPqiLQTOcctGtLiajzsY61dwlm9n7b-Se9dDXvlIXICnn2vB5uOQg6G8c0M-Rmh-c8dyhkRcpgpoLcVLBFsawou-4GxcYjGDqQ-Qhgtbz6R6IHsmiAHMfO7XJ82HBsochgV9hoQQQTXqjA&cry=1&dbm_d=AKAmf-Ccx_-VI5i2qHeDt0TPb_E4w-dv0swuK1qSE2AtkNeOAgsrhl_t8NthvtSP7oKJ28UCGUq1wz35_LnxM4ObxGetRq3GIANwqapIcxJ4tH-xjdWfMsUMTAxeR2oK1CfJF5P2dyYZlaP-MrNyKdSzLZf1-Swb6-2ekLJIt6esHosGwhDJyJ8t6IbWCSc2-7gXH9cheQE-1XlQ3IuasCmXwq0_cnDCOKQ79jg7m0QU4i6FaUeOwiyXmWLAXmad13jXZv2lwIOQPPSN4lhvsmMW77G9dJ4RZCud3Tb4CeJN6ayNlRMBn6sfI5BBH5_nOLNy9N2if9epEif-G8BGUssOQxcD7MIPA3dRhL2SAfALT_DScSArkDS3zHbcw132XNVHmVi3pwSnk6HwsBQkkoXu2QsJQY1xpH1WbHmyRASiTsi4dhwmzYWgAQ95PiCKGw1kwQYLRJdH0NTwHoS_Ib7fToCWN0miBaIQ8QGQ8r9NcaXO8B-CLxrcWzkDHj3fmDpbo8NShre13nkZ1IhHt1SJSwPgH3C7rI_CHETC6zdNY2uTx-1Db17ucHcW5DFSxVgEAY-HrZUWwBJFJpNmKZENyJOxavu5K3uXfVaX-V3tSpjRfC6Cp7d5iZ78OmQ-NxTKSIbVhmebYKtP81UgLIjRxNWXSX-630RtFBSxX_ISHfUq6g3ahpkP4wsG-n4OM0swVcpzUNARd-BAzevNB1Cfy24uhi6ubwMKcRzUM2o1tNMRHs4fl50cmOwbPWz5A5onqJWBQxi1G9qgmCMd0ThNeTX1wq_KIAl4ixu9s8TUmepSzUVUmGzI8pMGPtFaoWjElVRS_dQxibJsj9uVw03oL8FgMBEJ9ugR8Sp1Mh6Z2AIUsiXLdv8D9AbOrKZzDUgzNg1TrzCo-E9aEthtrUL-MMGYmNz5E1hFIYOZ-B_02uPVUlo8J7q1lId32WUujIgyv0811ePS7TpWnWZnv2sO569JWXVD6Lps1VfH-_8JpQJCsA3a_XuDGX_vx630aZJsjKjrEYfWdWQJKwll3FhkObDV8wLXz12LzvJHEzFcuZ33n5ZSSCk3X_7t9ojpXRqMueu4J38DPVxBDeVefeZ0AE3yyPPe_x-4fvC4vOUw7AGGoiVVbt1a9Zh9IxNqWjPPlO79sPwXcTBl_QoiE46p65jVa-n4mf-gHhJmFB1ib_rQfdYw95kuMXypzWsTGfmNaM6MrjbHPWbyFU8AEhZcyy4vcDK8WkRJYoLVh_DeKCN5CTrmW1lql_ph4CDvhObycCN-9cpaYa5G-3TuzrLxtfmPHkVfL452bOVPiCmi5xvZFCTxSkM7gm56p0xFPBKR8tf5meqnNY23hlnHPbdlOGPflIWQ3zm7KL7gh90Tk6-5MUU5JA6Pis4QI6pVA94HgtKImFvBPBlRmxDp_qm05TpvE4sG4uxxG_zvfKpltcrbOlrEj_5cbkOsSU3FZL08XWu0Yl2oyL1pPlInj14U83sj1sQp1zwVe888zRmOXcGVtiv2bWfDWv98aZBnGHMl784zUx3KgLT9fL2RKrzZYwKZ_lIUgpIOPmTn_bQ_FLCZWGw1LMKZHy_xnIO5b5oa3ODKadaLoSCrJP6nmyR5KwR98GGUO7KaqRLMOzemfMKVm_fEEYI5ChgxwhM4eFHyUzhhacJ-P2EU7TONhjLXc9NSyodUvwj70kns5XWK0S-2DIk9Zohzlt0Fj7HO20KiZIsuMJne1_LA9e28ECgkiPvR4rI2P_EkyOiVwx5-8Nb-l7ILsbZE9ni-_h7xJMS3U2BuwebjYSUsGaYu1EtIncRYcKY-PsJqHAzS5abf3nPqa22DHsRBonCO3YLOf-zUe6YVmEB6OHVRDadm1tNZkBLdv_XvUjwjHsQepGw2P9u5bgYUQhB0ZVLf5YLF3HoK_-2jVQ1PpeRwyJjN0LJDy4yF_3NNSTW8R37HfqMS5CNxOUZ010-Xy5oL6rzECnBlSMx2w-E6ote26FcD1kND-_IjQt69L5zO0hH0aNDs_RLfND_vs3vbdJD9Ukf98AjgBAFP5mcJ8BvmXaJayfTDr0cVLBL43bCaEbFKWqd06Dn6BhlhmnDkfdJ-QIvBvMyHKeS2RInSysi5TX4_6IW9ZCre-uNhY714YaQY0WCRRCpQdDPWUQsz6vJ4WA_xo1eX4-UyQge1pmuBB-90w2SCLczhltqVEmasfn2wSV_R5Gr3BDEmY4tpA8y4jKwyJGwexutJrz8DyKb8Muc6f95R8myBcEyCmpkORmCdUNNrIhK_AX5XPD4YtQI8j78-f-L4wyN84ZWxOSvac9uz2wJCrfx0_SQDuinXA-H31yERBk9z7bhWDkCIINaPSpSQlbvNppr1Dy1Nt6z4MXS-IVQuMGg2X4ERDOzNLwDUaK3CkUuTu92yBZ-_Ng29Ln4LnAQ4Pq1g1Yqw6TQ4KJQhKkV9rDJ1cn12AQdh-umlRUlVthRusKVv_siP1upyAt6a4wq4tSpP5DUgFKz9El55SWkgCc_DEAe7FiptIxdfMq2sWPErb4MwtQ7P-8qPyXRPKnMkdRVcgdcIL1nbfPzqxZhRHgaAqwObeADNz98RI4sSQhQ4bP49Wz3urFaQmU6uhd3-ktFxt-mYwPVCTl2UPTYJ7qkAY7dsY_KkTrJEN5XOpLJSieODMLKBgm2YlMqvre9ITLxkX2o7Qtcm2juyb3pgBq3alIcwg_3a9aNbb2TEMc-s0WRBefKkoKTlhmcsAE6Q3nlgdn-5j-Z9Er77X9mhUjcwa6SZvnl64w1mfDu_rWgBzP0igPkhVAs-lnRjJq40IcBREbbgHpVW1gJl_fKBkI0Uy3zzDl-LSoR6-Nm7wOCja8uAgqzQhtPT3YnNjPaSJZUzHiMNr2ybGgddlcssg3atvTRJkwTNwIqHeddxbMEPj8bM2kd2LXOKuuPKKgI3hDY1nmB9OkUGsm53_FqrwCUjszIyDj7iPcTVD8GUp646mH0RCz2G0WgQGF1Gatuvv5qsv6VQ2dGJPqY-yCB_-m2Yf8Rn-PwY1aEadWiX65i2l4gRbuzaXjoPTN0udgrZ6yt-SQn7esIT3JX-0IuSACHMSMiAMk6zwrstBbyynUt_NzK-21Qhj-uZGuiqyoeimr9RqD7xfJZEevI5_GY__pCFj8U9n5-N93VocWCuz7xvikXFZJe74g38ianaTW45m_v1ugRHfDGZOGwWMa2DYIXi58Hc90HjRJ13Vg7jNAFqzQHx2_UPKMRGJ8-dZZo1c2Z52oT7vPFHwUOYI8sWCe4uxlGhpFaRYdYxg1S_-4LzU38RyXPnFZXx1CNhSxrW7vSrfbGH34m9K8DGCJNmY5GxkQT4WCQGGKpVe_X4XajPXrJ_MaTkgqmCU6OeMZ47g4SP78SHhc54UkrBwxq6Ceqx0oM3Ya5RJZFw_z4_GYKS86ffhbM&pr=8:EE495833C0FDFC5D&cid=CAASEuRo38X2CEA0jqbOmmHz-b2-2g&rfl=1%2Chttps%253A%252F%252Fwww.oann.com%252Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%252F%240
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cdb4939073b6ab25481d5a68e8bf45ee05433bcdef9f1d3429e76002f96546d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:54 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26115
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B7FB 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DMk93YW270Gv1OC4_IvtkYzUq6knW_Xvlj9OjCqqzCSdcFMoAM2vDR15osMXHMMT7l-1kHfDtlUCc1cK9s-S_4mTsuaGyZa_cH3TbS4MneeYs633c
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bfba4de1-3eb7-4cff-89d6-71f61b1a4856
beacon-ams3.rubiconproject.com/beacon/d/ Frame B7FB 		43 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/bfba4de1-3eb7-4cff-89d6-71f61b1a4856?oo=0&accountId=23564&siteId=377488&zoneId=2082578&sizeId=43&e=6A1E40E384DA563BADAA55D145AC4768E11651156E9C249CB351A9BAE72377397035F85ACA86CFB48AE4D146DC7DA81F5ABF4BC26238BE184709FEFD6A67E537A1193A4693AB9A1704F87BA7C218F24C7D56F08639767DC84B2578BF8A01DB2E23E8BC0A5224FF5134D3E761935A5F0C1D8F9BCC8F4245104BAE6C5C8DA6A51A2605645952F601785C0813E54637BE37BB58F3A5F786C073B69BFF42D0CEE793C0777DBE25BFDDFF5C3635D78278B5EAA4B53955133821F5CDA10306204D320B
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::27 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:54 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Content-Type
image/avif
Cache-Control
private, max-age=0, no-cache
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
01 Jan 1970 10:00:00 GMT
cw_tracking.php
served-by.pixfuture.com/www/headerbid/library/tracking/ 		0
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/headerbid/library/tracking/cw_tracking.php
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/cw/cw_ad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:54 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
max-age=172800
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Sun, 14 Nov 2021 03:37:54 GMT
/
onetag-sys.com/usync/ Frame 35FF 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame A496 		322 B
664 B 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4482b18aa93b29aa8401644ecb3cc7ca605e00ed3e7892db392a9bba073f3dc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

date
Fri, 12 Nov 2021 03:37:54 GMT
content-type
text/html
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6accb9744b945c68-FRA
content-encoding
br
cc.js
tags.crwdcntrl.net/c/15238/ Frame 4230 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-128.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 16:20:14 GMT
content-encoding
gzip
etag
W/"2b2f816f40499d384e118ce88a266e02"
last-modified
Thu, 02 Jul 2020 15:35:12 GMT
server
AmazonS3
age
40661
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
via
1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
vacQg_3DUm2QLJekxvjtivW1fjwkCm2v-LkBeRbHsBtHrUr0jj_oNw==
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame CD42 		636 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

server
openresty
date
Fri, 12 Nov 2021 03:37:54 GMT
content-type
text/html
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
etag
W/"601b131c-27c"
expires
Wed, 11 Nov 2026 03:37:54 GMT
cache-control
max-age=157680000
access-control-allow-origin
*
content-encoding
gzip
csync
sync.console.adtarget.com.tr/ Frame 345C 		0
0
userconnect
ih.adscale.de/ Frame 65A5 		149 B
224 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/userconnect?ssl=1&sid=0&cbfn=stroeerCoreConnect&ts=1636688274203&umd=false&gdpr=0&gdpr_version=2&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.138.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-138-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:54 GMT
content-length
149
content-type
application/javascript
GS.d
js.cookieless-data.com/ Frame B1D9 		0
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1636688274204
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.15.145.115 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
51-15-145-115.rev.poneytelecom.eu
Software
nginx/1.11.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:54 GMT
Server
nginx/1.11.3
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 7C1F 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0ab97734a7744ba95b6c3a25f32fc74029cae9a8b0e65b0f7bdeb4d1ba7b2d70

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:37:54 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Nov 2021 00:01:00 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=12161
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9510
Expires
Fri, 12 Nov 2021 07:00:35 GMT
T2.min.js
resources-rt.idx.lat/ Frame 6C54 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources-rt.idx.lat/T2.min.js
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/loader?id=1473
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4acb -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
1326c88d831faec75944c75ab8fb61c5e5c18ade4c6a3fa2de16baafdc64ec97

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:54 GMT
via
1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
5495
x-cache
Hit from cloudfront
content-encoding
gzip
last-modified
Wed, 27 Oct 2021 15:10:54 GMT
server
cloudflare
etag
W/"0e27aee1b6a9fa35cb3b3bbcfd005aaf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-pop
FRA2-C2
cf-ray
6accb974bd8105cc-FRA
x-amz-cf-id
co5JB5yYeo6KfDO2rZTbCpHr50y494PUYIE7sa6ChDbeD02Q2Ybvuw==
api
api.retargetly.com/ Frame 1CC9
Redirect Chain
  • https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&browserU...
  • https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&browserU...
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fdu%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fdu%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=e753df97-ec21-42f3-b3f1-6bd0dc96c361&idx=&_rlid=e753df97-ec21-42f3-b3f1-6bd0dc96c361
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/loader?id=1473
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:118d -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
45f5114900c291f2b5d4120d6585cefd6bdee557b3349fe7ba6e66d1e65010ed

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID

Response headers

date
Fri, 12 Nov 2021 03:37:54 GMT
content-type
text/html
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
cache-control
no-cache
pragma
no-cache
expires
0
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6accb975bc07699f-FRA
content-encoding
gzip

Redirect headers

date
Fri, 12 Nov 2021 03:37:54 GMT
content-type
application/javascript
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
cache-control
no-cache
pragma
no-cache
expires
0
location
/api?id=1473&src=0&url=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fdu%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fdu%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=e753df97-ec21-42f3-b3f1-6bd0dc96c361&idx=&_rlid=e753df97-ec21-42f3-b3f1-6bd0dc96c361
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6accb9748a99699f-FRA
new
ads3.admatic.com.tr/user/ Frame A8AE 		169 B
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads3.admatic.com.tr/user/new
Requested by
Host: cdn.admatic.com.tr
URL: https://cdn.admatic.com.tr/user/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.132.147.235 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-235-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
fc5f29439ef2baeb44cdeca3a21fa045dfdd4244969aa3d136c96ccba4e98b64

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Nov 2021 03:37:54 GMT
content-encoding
br
etag
oBt5vEX5eYYuDnIKV2Bk80svSR890c0Pb-Jg3O_lsv2fr0a25iyvIkUEXsh8tmDtWPPWnV3uFo_WmC0PAhQ9IQ
last-modified
Fri, 12 Nov 2021 04:37:54 GMT
server
AdMatic
x-powered-by
AdMatic
vary
Origin,Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
173
match
c1.adform.net/serving/cookie/ Frame AEAE 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D6c99d864c877fcf3%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:54 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
no_match_opted_out
um.simpli.fi/ Frame AEAE
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
  • https://um.simpli.fi/no_match_opted_out
0
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/no_match_opted_out
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D6c99d864c877fcf3%26uid%3D
Protocol
H2
Server
169.50.137.182 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b6.89.32a9.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 12 Nov 2021 03:37:54 GMT
x-content-type-options
nosniff
server
nginx
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS

Redirect headers

date
Fri, 12 Nov 2021 03:37:54 GMT
x-content-type-options
nosniff
server
nginx
location
/no_match_opted_out
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Thu, 11 Nov 2021 03:37:54 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame AEAE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YY3hh_hBgT-uGKmO4CBSjQAABGoAAAAB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEC0kTo4DOTi5Y4M5VfsuE0M&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEC0kTo4DOTi5Y4M5VfsuE0M&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D6c99d864c877fcf3%26uid%3D
Protocol
HTTP/1.1
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:54 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Fri, 12 Nov 2021 03:37:54 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:54 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEC0kTo4DOTi5Y4M5VfsuE0M&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
getuid
ib.adnxs.com/ Frame AEAE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D6c99d864c877fcf3%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
crum
dsum-sec.casalemedia.com/ Frame AEAE
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D6c99d864c877fcf3%26uid%3D
Protocol
HTTP/1.1
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:54 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 12 Nov 2021 03:37:54 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
Date
Fri, 12 Nov 2021 03:37:54 GMT
Access-Control-Allow-Credentials
true
X-Powered-By
Express
Content-Length
0
Vary
Origin
Keep-Alive
timeout=5
p-Z8PuJEk6U7Hyq.gif
pixel.quantserve.com/pixel/ Frame AEAE 		0
0
sync
x.bidswitch.net/ Frame AEAE 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=index&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D6c99d864c877fcf3%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.90.196 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-90-196.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:37:54 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
rum
dsum.casalemedia.com/ Frame AEAE
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1636774674&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1636774674&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D6c99d864c877fcf3%26uid%3D
Protocol
HTTP/1.1
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:54 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Fri, 12 Nov 2021 03:37:54 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1636774674&gdpr=1
pragma
no-cache
date
Fri, 12 Nov 2021 03:37:54 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
um
u-ams02.e-planning.net/ Frame AEAE 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=99e41df815fd80b4&fi=6c99d864c877fcf3&uid=YY3hh-hBgT.uGKmO4CBSjQAA%261130
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D6c99d864c877fcf3%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:54 GMT
server
openresty
content-type
image/gif
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/ Frame B7FB 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AXQMCyXhaP_cQNnPqiLQTOcctGtLiajzsY61dwlm9n7b-Se9dDXvlIXICnn2vB5uOQg6G8c0M-Rmh-c8dyhkRcpgpoLcVLBFsawou-4GxcYjGDqQ-Qhgtbz6R6IHsmiAHMfO7XJ82HBsochgV9hoQQQTXqjA&cry=1&dbm_d=AKAmf-Ccx_-VI5i2qHeDt0TPb_E4w-dv0swuK1qSE2AtkNeOAgsrhl_t8NthvtSP7oKJ28UCGUq1wz35_LnxM4ObxGetRq3GIANwqapIcxJ4tH-xjdWfMsUMTAxeR2oK1CfJF5P2dyYZlaP-MrNyKdSzLZf1-Swb6-2ekLJIt6esHosGwhDJyJ8t6IbWCSc2-7gXH9cheQE-1XlQ3IuasCmXwq0_cnDCOKQ79jg7m0QU4i6FaUeOwiyXmWLAXmad13jXZv2lwIOQPPSN4lhvsmMW77G9dJ4RZCud3Tb4CeJN6ayNlRMBn6sfI5BBH5_nOLNy9N2if9epEif-G8BGUssOQxcD7MIPA3dRhL2SAfALT_DScSArkDS3zHbcw132XNVHmVi3pwSnk6HwsBQkkoXu2QsJQY1xpH1WbHmyRASiTsi4dhwmzYWgAQ95PiCKGw1kwQYLRJdH0NTwHoS_Ib7fToCWN0miBaIQ8QGQ8r9NcaXO8B-CLxrcWzkDHj3fmDpbo8NShre13nkZ1IhHt1SJSwPgH3C7rI_CHETC6zdNY2uTx-1Db17ucHcW5DFSxVgEAY-HrZUWwBJFJpNmKZENyJOxavu5K3uXfVaX-V3tSpjRfC6Cp7d5iZ78OmQ-NxTKSIbVhmebYKtP81UgLIjRxNWXSX-630RtFBSxX_ISHfUq6g3ahpkP4wsG-n4OM0swVcpzUNARd-BAzevNB1Cfy24uhi6ubwMKcRzUM2o1tNMRHs4fl50cmOwbPWz5A5onqJWBQxi1G9qgmCMd0ThNeTX1wq_KIAl4ixu9s8TUmepSzUVUmGzI8pMGPtFaoWjElVRS_dQxibJsj9uVw03oL8FgMBEJ9ugR8Sp1Mh6Z2AIUsiXLdv8D9AbOrKZzDUgzNg1TrzCo-E9aEthtrUL-MMGYmNz5E1hFIYOZ-B_02uPVUlo8J7q1lId32WUujIgyv0811ePS7TpWnWZnv2sO569JWXVD6Lps1VfH-_8JpQJCsA3a_XuDGX_vx630aZJsjKjrEYfWdWQJKwll3FhkObDV8wLXz12LzvJHEzFcuZ33n5ZSSCk3X_7t9ojpXRqMueu4J38DPVxBDeVefeZ0AE3yyPPe_x-4fvC4vOUw7AGGoiVVbt1a9Zh9IxNqWjPPlO79sPwXcTBl_QoiE46p65jVa-n4mf-gHhJmFB1ib_rQfdYw95kuMXypzWsTGfmNaM6MrjbHPWbyFU8AEhZcyy4vcDK8WkRJYoLVh_DeKCN5CTrmW1lql_ph4CDvhObycCN-9cpaYa5G-3TuzrLxtfmPHkVfL452bOVPiCmi5xvZFCTxSkM7gm56p0xFPBKR8tf5meqnNY23hlnHPbdlOGPflIWQ3zm7KL7gh90Tk6-5MUU5JA6Pis4QI6pVA94HgtKImFvBPBlRmxDp_qm05TpvE4sG4uxxG_zvfKpltcrbOlrEj_5cbkOsSU3FZL08XWu0Yl2oyL1pPlInj14U83sj1sQp1zwVe888zRmOXcGVtiv2bWfDWv98aZBnGHMl784zUx3KgLT9fL2RKrzZYwKZ_lIUgpIOPmTn_bQ_FLCZWGw1LMKZHy_xnIO5b5oa3ODKadaLoSCrJP6nmyR5KwR98GGUO7KaqRLMOzemfMKVm_fEEYI5ChgxwhM4eFHyUzhhacJ-P2EU7TONhjLXc9NSyodUvwj70kns5XWK0S-2DIk9Zohzlt0Fj7HO20KiZIsuMJne1_LA9e28ECgkiPvR4rI2P_EkyOiVwx5-8Nb-l7ILsbZE9ni-_h7xJMS3U2BuwebjYSUsGaYu1EtIncRYcKY-PsJqHAzS5abf3nPqa22DHsRBonCO3YLOf-zUe6YVmEB6OHVRDadm1tNZkBLdv_XvUjwjHsQepGw2P9u5bgYUQhB0ZVLf5YLF3HoK_-2jVQ1PpeRwyJjN0LJDy4yF_3NNSTW8R37HfqMS5CNxOUZ010-Xy5oL6rzECnBlSMx2w-E6ote26FcD1kND-_IjQt69L5zO0hH0aNDs_RLfND_vs3vbdJD9Ukf98AjgBAFP5mcJ8BvmXaJayfTDr0cVLBL43bCaEbFKWqd06Dn6BhlhmnDkfdJ-QIvBvMyHKeS2RInSysi5TX4_6IW9ZCre-uNhY714YaQY0WCRRCpQdDPWUQsz6vJ4WA_xo1eX4-UyQge1pmuBB-90w2SCLczhltqVEmasfn2wSV_R5Gr3BDEmY4tpA8y4jKwyJGwexutJrz8DyKb8Muc6f95R8myBcEyCmpkORmCdUNNrIhK_AX5XPD4YtQI8j78-f-L4wyN84ZWxOSvac9uz2wJCrfx0_SQDuinXA-H31yERBk9z7bhWDkCIINaPSpSQlbvNppr1Dy1Nt6z4MXS-IVQuMGg2X4ERDOzNLwDUaK3CkUuTu92yBZ-_Ng29Ln4LnAQ4Pq1g1Yqw6TQ4KJQhKkV9rDJ1cn12AQdh-umlRUlVthRusKVv_siP1upyAt6a4wq4tSpP5DUgFKz9El55SWkgCc_DEAe7FiptIxdfMq2sWPErb4MwtQ7P-8qPyXRPKnMkdRVcgdcIL1nbfPzqxZhRHgaAqwObeADNz98RI4sSQhQ4bP49Wz3urFaQmU6uhd3-ktFxt-mYwPVCTl2UPTYJ7qkAY7dsY_KkTrJEN5XOpLJSieODMLKBgm2YlMqvre9ITLxkX2o7Qtcm2juyb3pgBq3alIcwg_3a9aNbb2TEMc-s0WRBefKkoKTlhmcsAE6Q3nlgdn-5j-Z9Er77X9mhUjcwa6SZvnl64w1mfDu_rWgBzP0igPkhVAs-lnRjJq40IcBREbbgHpVW1gJl_fKBkI0Uy3zzDl-LSoR6-Nm7wOCja8uAgqzQhtPT3YnNjPaSJZUzHiMNr2ybGgddlcssg3atvTRJkwTNwIqHeddxbMEPj8bM2kd2LXOKuuPKKgI3hDY1nmB9OkUGsm53_FqrwCUjszIyDj7iPcTVD8GUp646mH0RCz2G0WgQGF1Gatuvv5qsv6VQ2dGJPqY-yCB_-m2Yf8Rn-PwY1aEadWiX65i2l4gRbuzaXjoPTN0udgrZ6yt-SQn7esIT3JX-0IuSACHMSMiAMk6zwrstBbyynUt_NzK-21Qhj-uZGuiqyoeimr9RqD7xfJZEevI5_GY__pCFj8U9n5-N93VocWCuz7xvikXFZJe74g38ianaTW45m_v1ugRHfDGZOGwWMa2DYIXi58Hc90HjRJ13Vg7jNAFqzQHx2_UPKMRGJ8-dZZo1c2Z52oT7vPFHwUOYI8sWCe4uxlGhpFaRYdYxg1S_-4LzU38RyXPnFZXx1CNhSxrW7vSrfbGH34m9K8DGCJNmY5GxkQT4WCQGGKpVe_X4XajPXrJ_MaTkgqmCU6OeMZ47g4SP78SHhc54UkrBwxq6Ceqx0oM3Ya5RJZFw_z4_GYKS86ffhbM&pr=8:EE495833C0FDFC5D&cid=CAASEuRo38X2CEA0jqbOmmHz-b2-2g&rfl=1%2Chttps%253A%252F%252Fwww.oann.com%252Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
376b71acfc81e9af8b707d78e0734ea7b92836f7b95603e7ee755ca480dfd49e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:36:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
89
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9508
x-xss-protection
0
server
cafe
etag
4184452204472697813
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Nov 2021 03:36:25 GMT
4115717470657911870
s0.2mdn.net/simgad/ Frame B7FB 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/4115717470657911870
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AXQMCyXhaP_cQNnPqiLQTOcctGtLiajzsY61dwlm9n7b-Se9dDXvlIXICnn2vB5uOQg6G8c0M-Rmh-c8dyhkRcpgpoLcVLBFsawou-4GxcYjGDqQ-Qhgtbz6R6IHsmiAHMfO7XJ82HBsochgV9hoQQQTXqjA&cry=1&dbm_d=AKAmf-Ccx_-VI5i2qHeDt0TPb_E4w-dv0swuK1qSE2AtkNeOAgsrhl_t8NthvtSP7oKJ28UCGUq1wz35_LnxM4ObxGetRq3GIANwqapIcxJ4tH-xjdWfMsUMTAxeR2oK1CfJF5P2dyYZlaP-MrNyKdSzLZf1-Swb6-2ekLJIt6esHosGwhDJyJ8t6IbWCSc2-7gXH9cheQE-1XlQ3IuasCmXwq0_cnDCOKQ79jg7m0QU4i6FaUeOwiyXmWLAXmad13jXZv2lwIOQPPSN4lhvsmMW77G9dJ4RZCud3Tb4CeJN6ayNlRMBn6sfI5BBH5_nOLNy9N2if9epEif-G8BGUssOQxcD7MIPA3dRhL2SAfALT_DScSArkDS3zHbcw132XNVHmVi3pwSnk6HwsBQkkoXu2QsJQY1xpH1WbHmyRASiTsi4dhwmzYWgAQ95PiCKGw1kwQYLRJdH0NTwHoS_Ib7fToCWN0miBaIQ8QGQ8r9NcaXO8B-CLxrcWzkDHj3fmDpbo8NShre13nkZ1IhHt1SJSwPgH3C7rI_CHETC6zdNY2uTx-1Db17ucHcW5DFSxVgEAY-HrZUWwBJFJpNmKZENyJOxavu5K3uXfVaX-V3tSpjRfC6Cp7d5iZ78OmQ-NxTKSIbVhmebYKtP81UgLIjRxNWXSX-630RtFBSxX_ISHfUq6g3ahpkP4wsG-n4OM0swVcpzUNARd-BAzevNB1Cfy24uhi6ubwMKcRzUM2o1tNMRHs4fl50cmOwbPWz5A5onqJWBQxi1G9qgmCMd0ThNeTX1wq_KIAl4ixu9s8TUmepSzUVUmGzI8pMGPtFaoWjElVRS_dQxibJsj9uVw03oL8FgMBEJ9ugR8Sp1Mh6Z2AIUsiXLdv8D9AbOrKZzDUgzNg1TrzCo-E9aEthtrUL-MMGYmNz5E1hFIYOZ-B_02uPVUlo8J7q1lId32WUujIgyv0811ePS7TpWnWZnv2sO569JWXVD6Lps1VfH-_8JpQJCsA3a_XuDGX_vx630aZJsjKjrEYfWdWQJKwll3FhkObDV8wLXz12LzvJHEzFcuZ33n5ZSSCk3X_7t9ojpXRqMueu4J38DPVxBDeVefeZ0AE3yyPPe_x-4fvC4vOUw7AGGoiVVbt1a9Zh9IxNqWjPPlO79sPwXcTBl_QoiE46p65jVa-n4mf-gHhJmFB1ib_rQfdYw95kuMXypzWsTGfmNaM6MrjbHPWbyFU8AEhZcyy4vcDK8WkRJYoLVh_DeKCN5CTrmW1lql_ph4CDvhObycCN-9cpaYa5G-3TuzrLxtfmPHkVfL452bOVPiCmi5xvZFCTxSkM7gm56p0xFPBKR8tf5meqnNY23hlnHPbdlOGPflIWQ3zm7KL7gh90Tk6-5MUU5JA6Pis4QI6pVA94HgtKImFvBPBlRmxDp_qm05TpvE4sG4uxxG_zvfKpltcrbOlrEj_5cbkOsSU3FZL08XWu0Yl2oyL1pPlInj14U83sj1sQp1zwVe888zRmOXcGVtiv2bWfDWv98aZBnGHMl784zUx3KgLT9fL2RKrzZYwKZ_lIUgpIOPmTn_bQ_FLCZWGw1LMKZHy_xnIO5b5oa3ODKadaLoSCrJP6nmyR5KwR98GGUO7KaqRLMOzemfMKVm_fEEYI5ChgxwhM4eFHyUzhhacJ-P2EU7TONhjLXc9NSyodUvwj70kns5XWK0S-2DIk9Zohzlt0Fj7HO20KiZIsuMJne1_LA9e28ECgkiPvR4rI2P_EkyOiVwx5-8Nb-l7ILsbZE9ni-_h7xJMS3U2BuwebjYSUsGaYu1EtIncRYcKY-PsJqHAzS5abf3nPqa22DHsRBonCO3YLOf-zUe6YVmEB6OHVRDadm1tNZkBLdv_XvUjwjHsQepGw2P9u5bgYUQhB0ZVLf5YLF3HoK_-2jVQ1PpeRwyJjN0LJDy4yF_3NNSTW8R37HfqMS5CNxOUZ010-Xy5oL6rzECnBlSMx2w-E6ote26FcD1kND-_IjQt69L5zO0hH0aNDs_RLfND_vs3vbdJD9Ukf98AjgBAFP5mcJ8BvmXaJayfTDr0cVLBL43bCaEbFKWqd06Dn6BhlhmnDkfdJ-QIvBvMyHKeS2RInSysi5TX4_6IW9ZCre-uNhY714YaQY0WCRRCpQdDPWUQsz6vJ4WA_xo1eX4-UyQge1pmuBB-90w2SCLczhltqVEmasfn2wSV_R5Gr3BDEmY4tpA8y4jKwyJGwexutJrz8DyKb8Muc6f95R8myBcEyCmpkORmCdUNNrIhK_AX5XPD4YtQI8j78-f-L4wyN84ZWxOSvac9uz2wJCrfx0_SQDuinXA-H31yERBk9z7bhWDkCIINaPSpSQlbvNppr1Dy1Nt6z4MXS-IVQuMGg2X4ERDOzNLwDUaK3CkUuTu92yBZ-_Ng29Ln4LnAQ4Pq1g1Yqw6TQ4KJQhKkV9rDJ1cn12AQdh-umlRUlVthRusKVv_siP1upyAt6a4wq4tSpP5DUgFKz9El55SWkgCc_DEAe7FiptIxdfMq2sWPErb4MwtQ7P-8qPyXRPKnMkdRVcgdcIL1nbfPzqxZhRHgaAqwObeADNz98RI4sSQhQ4bP49Wz3urFaQmU6uhd3-ktFxt-mYwPVCTl2UPTYJ7qkAY7dsY_KkTrJEN5XOpLJSieODMLKBgm2YlMqvre9ITLxkX2o7Qtcm2juyb3pgBq3alIcwg_3a9aNbb2TEMc-s0WRBefKkoKTlhmcsAE6Q3nlgdn-5j-Z9Er77X9mhUjcwa6SZvnl64w1mfDu_rWgBzP0igPkhVAs-lnRjJq40IcBREbbgHpVW1gJl_fKBkI0Uy3zzDl-LSoR6-Nm7wOCja8uAgqzQhtPT3YnNjPaSJZUzHiMNr2ybGgddlcssg3atvTRJkwTNwIqHeddxbMEPj8bM2kd2LXOKuuPKKgI3hDY1nmB9OkUGsm53_FqrwCUjszIyDj7iPcTVD8GUp646mH0RCz2G0WgQGF1Gatuvv5qsv6VQ2dGJPqY-yCB_-m2Yf8Rn-PwY1aEadWiX65i2l4gRbuzaXjoPTN0udgrZ6yt-SQn7esIT3JX-0IuSACHMSMiAMk6zwrstBbyynUt_NzK-21Qhj-uZGuiqyoeimr9RqD7xfJZEevI5_GY__pCFj8U9n5-N93VocWCuz7xvikXFZJe74g38ianaTW45m_v1ugRHfDGZOGwWMa2DYIXi58Hc90HjRJ13Vg7jNAFqzQHx2_UPKMRGJ8-dZZo1c2Z52oT7vPFHwUOYI8sWCe4uxlGhpFaRYdYxg1S_-4LzU38RyXPnFZXx1CNhSxrW7vSrfbGH34m9K8DGCJNmY5GxkQT4WCQGGKpVe_X4XajPXrJ_MaTkgqmCU6OeMZ47g4SP78SHhc54UkrBwxq6Ceqx0oM3Ya5RJZFw_z4_GYKS86ffhbM&pr=8:EE495833C0FDFC5D&cid=CAASEuRo38X2CEA0jqbOmmHz-b2-2g&rfl=1%2Chttps%253A%252F%252Fwww.oann.com%252Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
bcc298eddb0f020a4cfb205cbd9e1c384fbd450e5506e3b800d34c34c85227be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 09:00:09 GMT
x-content-type-options
nosniff
age
326265
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23197
x-xss-protection
0
last-modified
Fri, 29 Oct 2021 14:57:57 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Nov 2022 09:00:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B7FB 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AXQMCyXhaP_cQNnPqiLQTOcctGtLiajzsY61dwlm9n7b-Se9dDXvlIXICnn2vB5uOQg6G8c0M-Rmh-c8dyhkRcpgpoLcVLBFsawou-4GxcYjGDqQ-Qhgtbz6R6IHsmiAHMfO7XJ82HBsochgV9hoQQQTXqjA&cry=1&dbm_d=AKAmf-Ccx_-VI5i2qHeDt0TPb_E4w-dv0swuK1qSE2AtkNeOAgsrhl_t8NthvtSP7oKJ28UCGUq1wz35_LnxM4ObxGetRq3GIANwqapIcxJ4tH-xjdWfMsUMTAxeR2oK1CfJF5P2dyYZlaP-MrNyKdSzLZf1-Swb6-2ekLJIt6esHosGwhDJyJ8t6IbWCSc2-7gXH9cheQE-1XlQ3IuasCmXwq0_cnDCOKQ79jg7m0QU4i6FaUeOwiyXmWLAXmad13jXZv2lwIOQPPSN4lhvsmMW77G9dJ4RZCud3Tb4CeJN6ayNlRMBn6sfI5BBH5_nOLNy9N2if9epEif-G8BGUssOQxcD7MIPA3dRhL2SAfALT_DScSArkDS3zHbcw132XNVHmVi3pwSnk6HwsBQkkoXu2QsJQY1xpH1WbHmyRASiTsi4dhwmzYWgAQ95PiCKGw1kwQYLRJdH0NTwHoS_Ib7fToCWN0miBaIQ8QGQ8r9NcaXO8B-CLxrcWzkDHj3fmDpbo8NShre13nkZ1IhHt1SJSwPgH3C7rI_CHETC6zdNY2uTx-1Db17ucHcW5DFSxVgEAY-HrZUWwBJFJpNmKZENyJOxavu5K3uXfVaX-V3tSpjRfC6Cp7d5iZ78OmQ-NxTKSIbVhmebYKtP81UgLIjRxNWXSX-630RtFBSxX_ISHfUq6g3ahpkP4wsG-n4OM0swVcpzUNARd-BAzevNB1Cfy24uhi6ubwMKcRzUM2o1tNMRHs4fl50cmOwbPWz5A5onqJWBQxi1G9qgmCMd0ThNeTX1wq_KIAl4ixu9s8TUmepSzUVUmGzI8pMGPtFaoWjElVRS_dQxibJsj9uVw03oL8FgMBEJ9ugR8Sp1Mh6Z2AIUsiXLdv8D9AbOrKZzDUgzNg1TrzCo-E9aEthtrUL-MMGYmNz5E1hFIYOZ-B_02uPVUlo8J7q1lId32WUujIgyv0811ePS7TpWnWZnv2sO569JWXVD6Lps1VfH-_8JpQJCsA3a_XuDGX_vx630aZJsjKjrEYfWdWQJKwll3FhkObDV8wLXz12LzvJHEzFcuZ33n5ZSSCk3X_7t9ojpXRqMueu4J38DPVxBDeVefeZ0AE3yyPPe_x-4fvC4vOUw7AGGoiVVbt1a9Zh9IxNqWjPPlO79sPwXcTBl_QoiE46p65jVa-n4mf-gHhJmFB1ib_rQfdYw95kuMXypzWsTGfmNaM6MrjbHPWbyFU8AEhZcyy4vcDK8WkRJYoLVh_DeKCN5CTrmW1lql_ph4CDvhObycCN-9cpaYa5G-3TuzrLxtfmPHkVfL452bOVPiCmi5xvZFCTxSkM7gm56p0xFPBKR8tf5meqnNY23hlnHPbdlOGPflIWQ3zm7KL7gh90Tk6-5MUU5JA6Pis4QI6pVA94HgtKImFvBPBlRmxDp_qm05TpvE4sG4uxxG_zvfKpltcrbOlrEj_5cbkOsSU3FZL08XWu0Yl2oyL1pPlInj14U83sj1sQp1zwVe888zRmOXcGVtiv2bWfDWv98aZBnGHMl784zUx3KgLT9fL2RKrzZYwKZ_lIUgpIOPmTn_bQ_FLCZWGw1LMKZHy_xnIO5b5oa3ODKadaLoSCrJP6nmyR5KwR98GGUO7KaqRLMOzemfMKVm_fEEYI5ChgxwhM4eFHyUzhhacJ-P2EU7TONhjLXc9NSyodUvwj70kns5XWK0S-2DIk9Zohzlt0Fj7HO20KiZIsuMJne1_LA9e28ECgkiPvR4rI2P_EkyOiVwx5-8Nb-l7ILsbZE9ni-_h7xJMS3U2BuwebjYSUsGaYu1EtIncRYcKY-PsJqHAzS5abf3nPqa22DHsRBonCO3YLOf-zUe6YVmEB6OHVRDadm1tNZkBLdv_XvUjwjHsQepGw2P9u5bgYUQhB0ZVLf5YLF3HoK_-2jVQ1PpeRwyJjN0LJDy4yF_3NNSTW8R37HfqMS5CNxOUZ010-Xy5oL6rzECnBlSMx2w-E6ote26FcD1kND-_IjQt69L5zO0hH0aNDs_RLfND_vs3vbdJD9Ukf98AjgBAFP5mcJ8BvmXaJayfTDr0cVLBL43bCaEbFKWqd06Dn6BhlhmnDkfdJ-QIvBvMyHKeS2RInSysi5TX4_6IW9ZCre-uNhY714YaQY0WCRRCpQdDPWUQsz6vJ4WA_xo1eX4-UyQge1pmuBB-90w2SCLczhltqVEmasfn2wSV_R5Gr3BDEmY4tpA8y4jKwyJGwexutJrz8DyKb8Muc6f95R8myBcEyCmpkORmCdUNNrIhK_AX5XPD4YtQI8j78-f-L4wyN84ZWxOSvac9uz2wJCrfx0_SQDuinXA-H31yERBk9z7bhWDkCIINaPSpSQlbvNppr1Dy1Nt6z4MXS-IVQuMGg2X4ERDOzNLwDUaK3CkUuTu92yBZ-_Ng29Ln4LnAQ4Pq1g1Yqw6TQ4KJQhKkV9rDJ1cn12AQdh-umlRUlVthRusKVv_siP1upyAt6a4wq4tSpP5DUgFKz9El55SWkgCc_DEAe7FiptIxdfMq2sWPErb4MwtQ7P-8qPyXRPKnMkdRVcgdcIL1nbfPzqxZhRHgaAqwObeADNz98RI4sSQhQ4bP49Wz3urFaQmU6uhd3-ktFxt-mYwPVCTl2UPTYJ7qkAY7dsY_KkTrJEN5XOpLJSieODMLKBgm2YlMqvre9ITLxkX2o7Qtcm2juyb3pgBq3alIcwg_3a9aNbb2TEMc-s0WRBefKkoKTlhmcsAE6Q3nlgdn-5j-Z9Er77X9mhUjcwa6SZvnl64w1mfDu_rWgBzP0igPkhVAs-lnRjJq40IcBREbbgHpVW1gJl_fKBkI0Uy3zzDl-LSoR6-Nm7wOCja8uAgqzQhtPT3YnNjPaSJZUzHiMNr2ybGgddlcssg3atvTRJkwTNwIqHeddxbMEPj8bM2kd2LXOKuuPKKgI3hDY1nmB9OkUGsm53_FqrwCUjszIyDj7iPcTVD8GUp646mH0RCz2G0WgQGF1Gatuvv5qsv6VQ2dGJPqY-yCB_-m2Yf8Rn-PwY1aEadWiX65i2l4gRbuzaXjoPTN0udgrZ6yt-SQn7esIT3JX-0IuSACHMSMiAMk6zwrstBbyynUt_NzK-21Qhj-uZGuiqyoeimr9RqD7xfJZEevI5_GY__pCFj8U9n5-N93VocWCuz7xvikXFZJe74g38ianaTW45m_v1ugRHfDGZOGwWMa2DYIXi58Hc90HjRJ13Vg7jNAFqzQHx2_UPKMRGJ8-dZZo1c2Z52oT7vPFHwUOYI8sWCe4uxlGhpFaRYdYxg1S_-4LzU38RyXPnFZXx1CNhSxrW7vSrfbGH34m9K8DGCJNmY5GxkQT4WCQGGKpVe_X4XajPXrJ_MaTkgqmCU6OeMZ47g4SP78SHhc54UkrBwxq6Ceqx0oM3Ya5RJZFw_z4_GYKS86ffhbM&pr=8:EE495833C0FDFC5D&cid=CAASEuRo38X2CEA0jqbOmmHz-b2-2g&rfl=1%2Chttps%253A%252F%252Fwww.oann.com%252Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37119
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636547677202025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 12 Nov 2021 03:37:54 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/elements/html/ Frame B7FB 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AXQMCyXhaP_cQNnPqiLQTOcctGtLiajzsY61dwlm9n7b-Se9dDXvlIXICnn2vB5uOQg6G8c0M-Rmh-c8dyhkRcpgpoLcVLBFsawou-4GxcYjGDqQ-Qhgtbz6R6IHsmiAHMfO7XJ82HBsochgV9hoQQQTXqjA&cry=1&dbm_d=AKAmf-Ccx_-VI5i2qHeDt0TPb_E4w-dv0swuK1qSE2AtkNeOAgsrhl_t8NthvtSP7oKJ28UCGUq1wz35_LnxM4ObxGetRq3GIANwqapIcxJ4tH-xjdWfMsUMTAxeR2oK1CfJF5P2dyYZlaP-MrNyKdSzLZf1-Swb6-2ekLJIt6esHosGwhDJyJ8t6IbWCSc2-7gXH9cheQE-1XlQ3IuasCmXwq0_cnDCOKQ79jg7m0QU4i6FaUeOwiyXmWLAXmad13jXZv2lwIOQPPSN4lhvsmMW77G9dJ4RZCud3Tb4CeJN6ayNlRMBn6sfI5BBH5_nOLNy9N2if9epEif-G8BGUssOQxcD7MIPA3dRhL2SAfALT_DScSArkDS3zHbcw132XNVHmVi3pwSnk6HwsBQkkoXu2QsJQY1xpH1WbHmyRASiTsi4dhwmzYWgAQ95PiCKGw1kwQYLRJdH0NTwHoS_Ib7fToCWN0miBaIQ8QGQ8r9NcaXO8B-CLxrcWzkDHj3fmDpbo8NShre13nkZ1IhHt1SJSwPgH3C7rI_CHETC6zdNY2uTx-1Db17ucHcW5DFSxVgEAY-HrZUWwBJFJpNmKZENyJOxavu5K3uXfVaX-V3tSpjRfC6Cp7d5iZ78OmQ-NxTKSIbVhmebYKtP81UgLIjRxNWXSX-630RtFBSxX_ISHfUq6g3ahpkP4wsG-n4OM0swVcpzUNARd-BAzevNB1Cfy24uhi6ubwMKcRzUM2o1tNMRHs4fl50cmOwbPWz5A5onqJWBQxi1G9qgmCMd0ThNeTX1wq_KIAl4ixu9s8TUmepSzUVUmGzI8pMGPtFaoWjElVRS_dQxibJsj9uVw03oL8FgMBEJ9ugR8Sp1Mh6Z2AIUsiXLdv8D9AbOrKZzDUgzNg1TrzCo-E9aEthtrUL-MMGYmNz5E1hFIYOZ-B_02uPVUlo8J7q1lId32WUujIgyv0811ePS7TpWnWZnv2sO569JWXVD6Lps1VfH-_8JpQJCsA3a_XuDGX_vx630aZJsjKjrEYfWdWQJKwll3FhkObDV8wLXz12LzvJHEzFcuZ33n5ZSSCk3X_7t9ojpXRqMueu4J38DPVxBDeVefeZ0AE3yyPPe_x-4fvC4vOUw7AGGoiVVbt1a9Zh9IxNqWjPPlO79sPwXcTBl_QoiE46p65jVa-n4mf-gHhJmFB1ib_rQfdYw95kuMXypzWsTGfmNaM6MrjbHPWbyFU8AEhZcyy4vcDK8WkRJYoLVh_DeKCN5CTrmW1lql_ph4CDvhObycCN-9cpaYa5G-3TuzrLxtfmPHkVfL452bOVPiCmi5xvZFCTxSkM7gm56p0xFPBKR8tf5meqnNY23hlnHPbdlOGPflIWQ3zm7KL7gh90Tk6-5MUU5JA6Pis4QI6pVA94HgtKImFvBPBlRmxDp_qm05TpvE4sG4uxxG_zvfKpltcrbOlrEj_5cbkOsSU3FZL08XWu0Yl2oyL1pPlInj14U83sj1sQp1zwVe888zRmOXcGVtiv2bWfDWv98aZBnGHMl784zUx3KgLT9fL2RKrzZYwKZ_lIUgpIOPmTn_bQ_FLCZWGw1LMKZHy_xnIO5b5oa3ODKadaLoSCrJP6nmyR5KwR98GGUO7KaqRLMOzemfMKVm_fEEYI5ChgxwhM4eFHyUzhhacJ-P2EU7TONhjLXc9NSyodUvwj70kns5XWK0S-2DIk9Zohzlt0Fj7HO20KiZIsuMJne1_LA9e28ECgkiPvR4rI2P_EkyOiVwx5-8Nb-l7ILsbZE9ni-_h7xJMS3U2BuwebjYSUsGaYu1EtIncRYcKY-PsJqHAzS5abf3nPqa22DHsRBonCO3YLOf-zUe6YVmEB6OHVRDadm1tNZkBLdv_XvUjwjHsQepGw2P9u5bgYUQhB0ZVLf5YLF3HoK_-2jVQ1PpeRwyJjN0LJDy4yF_3NNSTW8R37HfqMS5CNxOUZ010-Xy5oL6rzECnBlSMx2w-E6ote26FcD1kND-_IjQt69L5zO0hH0aNDs_RLfND_vs3vbdJD9Ukf98AjgBAFP5mcJ8BvmXaJayfTDr0cVLBL43bCaEbFKWqd06Dn6BhlhmnDkfdJ-QIvBvMyHKeS2RInSysi5TX4_6IW9ZCre-uNhY714YaQY0WCRRCpQdDPWUQsz6vJ4WA_xo1eX4-UyQge1pmuBB-90w2SCLczhltqVEmasfn2wSV_R5Gr3BDEmY4tpA8y4jKwyJGwexutJrz8DyKb8Muc6f95R8myBcEyCmpkORmCdUNNrIhK_AX5XPD4YtQI8j78-f-L4wyN84ZWxOSvac9uz2wJCrfx0_SQDuinXA-H31yERBk9z7bhWDkCIINaPSpSQlbvNppr1Dy1Nt6z4MXS-IVQuMGg2X4ERDOzNLwDUaK3CkUuTu92yBZ-_Ng29Ln4LnAQ4Pq1g1Yqw6TQ4KJQhKkV9rDJ1cn12AQdh-umlRUlVthRusKVv_siP1upyAt6a4wq4tSpP5DUgFKz9El55SWkgCc_DEAe7FiptIxdfMq2sWPErb4MwtQ7P-8qPyXRPKnMkdRVcgdcIL1nbfPzqxZhRHgaAqwObeADNz98RI4sSQhQ4bP49Wz3urFaQmU6uhd3-ktFxt-mYwPVCTl2UPTYJ7qkAY7dsY_KkTrJEN5XOpLJSieODMLKBgm2YlMqvre9ITLxkX2o7Qtcm2juyb3pgBq3alIcwg_3a9aNbb2TEMc-s0WRBefKkoKTlhmcsAE6Q3nlgdn-5j-Z9Er77X9mhUjcwa6SZvnl64w1mfDu_rWgBzP0igPkhVAs-lnRjJq40IcBREbbgHpVW1gJl_fKBkI0Uy3zzDl-LSoR6-Nm7wOCja8uAgqzQhtPT3YnNjPaSJZUzHiMNr2ybGgddlcssg3atvTRJkwTNwIqHeddxbMEPj8bM2kd2LXOKuuPKKgI3hDY1nmB9OkUGsm53_FqrwCUjszIyDj7iPcTVD8GUp646mH0RCz2G0WgQGF1Gatuvv5qsv6VQ2dGJPqY-yCB_-m2Yf8Rn-PwY1aEadWiX65i2l4gRbuzaXjoPTN0udgrZ6yt-SQn7esIT3JX-0IuSACHMSMiAMk6zwrstBbyynUt_NzK-21Qhj-uZGuiqyoeimr9RqD7xfJZEevI5_GY__pCFj8U9n5-N93VocWCuz7xvikXFZJe74g38ianaTW45m_v1ugRHfDGZOGwWMa2DYIXi58Hc90HjRJ13Vg7jNAFqzQHx2_UPKMRGJ8-dZZo1c2Z52oT7vPFHwUOYI8sWCe4uxlGhpFaRYdYxg1S_-4LzU38RyXPnFZXx1CNhSxrW7vSrfbGH34m9K8DGCJNmY5GxkQT4WCQGGKpVe_X4XajPXrJ_MaTkgqmCU6OeMZ47g4SP78SHhc54UkrBwxq6Ceqx0oM3Ya5RJZFw_z4_GYKS86ffhbM&pr=8:EE495833C0FDFC5D&cid=CAASEuRo38X2CEA0jqbOmmHz-b2-2g&rfl=1%2Chttps%253A%252F%252Fwww.oann.com%252Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 01:55:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6134
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3140
x-xss-protection
0
server
cafe
etag
17163059639670574047
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Nov 2021 01:55:40 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame B7FB 		0
571 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuvfjMYLwLg6s64KJyzHv1sjpmTcCMIveamMbNENIkKLjQbW_89W4PZBDQ3yDw-IVW6z49w8WWwlRYd4SNL0IM8-xA8S9b3lNBNCFAFysw1CfcAPN2Sp2kG4PPhg3PSmFmuicAjOpnShUZDOGX4mIUevdzMDkPByNHPmeoC9QPrVaX1wVb0l6vEKPeMPqf47qiZbhrxc_VGEXq1Hx4vt44oP07VIhxqPEiO8zaNSjNWSd9U4oUPkR6vlutzDS3lYXo0qQ6GBP9Tq0MBtnJv0sxf4zqZmZHa1RLQ42H9G6cH9uab_GtNwrybseOn4UaYmDVRNKbq2tYHZTqvdoDdYTggjZr8DR0AOfQftZcViXcTFHCiplsxppoy-j9maTf4C2nrH17AeoyFrw10l1CzJjNsC4dM-g6vgLXzAWp2DvE5FEHuuuEkLbTEsErPuiIOVgAZ_n29GazQR4JLdx9kEMjGAG9pnTNy6oTqkr6ZqwdYOyqkEL9w7XwkQvltRt4vebCXAioljX379e71wN8zPFGifTPuwTGfwkVcQasT_CJUtEr-VDAWCTvwHJjZf7tu29bz996EBQLOZzkMoH3ZChW-YGBnKHZ5uifwrlGWsceNneGivwGRbBaONz1n8cYu-g4kFgMcx-bdXX6_xTdTFcTNUqbdEfFk3KDLJD4J_tVMeW8rV2WL6q8nTJrz0SJae_AuthRpUyQqJ__Lhsgnko6Zs2SZ_LXPHBq1C6pkQhe-fwqSQPZXG8l-oFJUQs7GvyaoiK-CBmXhT05zgBbzbNtlEaFdMDMNhyX2P7Uxssm4I49KovDRQe9STSm0DIPdzOxWeRKYrgNHqGrlbLmw7PguwMD7zofZTJat_nLKmhZ2qry2Ng0bgKuBZtgWalZAQpocH8Ni8aWwjW1_2KbTc2gwj8wbVNmGhxBAhog3zhjdqP1Q2dACydvvordSdswFBpT-Dl8AXx2d0LRyEOk7QKsh1IXKP-aiOhTQoE_MijD7xMoaH2oli0cipEZa8xsI1MT0jdiTipyJtCl8cCvQVrtkvM_B__HpvVRmw1WBX5I9A39LIUFifrqehB-DOVpQPho-vBXlsigvX1pd6ebind4ujLMXEEFGJFhI67j-OczOE-G1JMDt2PIzzbE0uoi3zzLXpNCGavjktriX0A_78RCOPMdmvYs2hiaQ9ATHcdwtCREk-nyErS1KICD0fvSPBRb7eAHk5K1jca7q&sai=AMfl-YSdRaAtDo2ROnWKiByPMCG_83xUEi5mJk5sH4HgXUBsYD_J9e7e0vw6lTRO7OsU2Gh5uIM83hE7Y1mUkGnamwo-OD-u-JJjWiA5btOrj-OzCpUGOgxgbN67DcMI9AGL9mKfzT4RCjNEgS9RhRuVueRrmDgtOQ&sig=Cg0ArKJSzJasZxSJgoaWEAE&uach_m=[UACH]&pr=8:EE495833C0FDFC5D&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20211109.28999&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AXQMCyXhaP_cQNnPqiLQTOcctGtLiajzsY61dwlm9n7b-Se9dDXvlIXICnn2vB5uOQg6G8c0M-Rmh-c8dyhkRcpgpoLcVLBFsawou-4GxcYjGDqQ-Qhgtbz6R6IHsmiAHMfO7XJ82HBsochgV9hoQQQTXqjA&cry=1&dbm_d=AKAmf-Ccx_-VI5i2qHeDt0TPb_E4w-dv0swuK1qSE2AtkNeOAgsrhl_t8NthvtSP7oKJ28UCGUq1wz35_LnxM4ObxGetRq3GIANwqapIcxJ4tH-xjdWfMsUMTAxeR2oK1CfJF5P2dyYZlaP-MrNyKdSzLZf1-Swb6-2ekLJIt6esHosGwhDJyJ8t6IbWCSc2-7gXH9cheQE-1XlQ3IuasCmXwq0_cnDCOKQ79jg7m0QU4i6FaUeOwiyXmWLAXmad13jXZv2lwIOQPPSN4lhvsmMW77G9dJ4RZCud3Tb4CeJN6ayNlRMBn6sfI5BBH5_nOLNy9N2if9epEif-G8BGUssOQxcD7MIPA3dRhL2SAfALT_DScSArkDS3zHbcw132XNVHmVi3pwSnk6HwsBQkkoXu2QsJQY1xpH1WbHmyRASiTsi4dhwmzYWgAQ95PiCKGw1kwQYLRJdH0NTwHoS_Ib7fToCWN0miBaIQ8QGQ8r9NcaXO8B-CLxrcWzkDHj3fmDpbo8NShre13nkZ1IhHt1SJSwPgH3C7rI_CHETC6zdNY2uTx-1Db17ucHcW5DFSxVgEAY-HrZUWwBJFJpNmKZENyJOxavu5K3uXfVaX-V3tSpjRfC6Cp7d5iZ78OmQ-NxTKSIbVhmebYKtP81UgLIjRxNWXSX-630RtFBSxX_ISHfUq6g3ahpkP4wsG-n4OM0swVcpzUNARd-BAzevNB1Cfy24uhi6ubwMKcRzUM2o1tNMRHs4fl50cmOwbPWz5A5onqJWBQxi1G9qgmCMd0ThNeTX1wq_KIAl4ixu9s8TUmepSzUVUmGzI8pMGPtFaoWjElVRS_dQxibJsj9uVw03oL8FgMBEJ9ugR8Sp1Mh6Z2AIUsiXLdv8D9AbOrKZzDUgzNg1TrzCo-E9aEthtrUL-MMGYmNz5E1hFIYOZ-B_02uPVUlo8J7q1lId32WUujIgyv0811ePS7TpWnWZnv2sO569JWXVD6Lps1VfH-_8JpQJCsA3a_XuDGX_vx630aZJsjKjrEYfWdWQJKwll3FhkObDV8wLXz12LzvJHEzFcuZ33n5ZSSCk3X_7t9ojpXRqMueu4J38DPVxBDeVefeZ0AE3yyPPe_x-4fvC4vOUw7AGGoiVVbt1a9Zh9IxNqWjPPlO79sPwXcTBl_QoiE46p65jVa-n4mf-gHhJmFB1ib_rQfdYw95kuMXypzWsTGfmNaM6MrjbHPWbyFU8AEhZcyy4vcDK8WkRJYoLVh_DeKCN5CTrmW1lql_ph4CDvhObycCN-9cpaYa5G-3TuzrLxtfmPHkVfL452bOVPiCmi5xvZFCTxSkM7gm56p0xFPBKR8tf5meqnNY23hlnHPbdlOGPflIWQ3zm7KL7gh90Tk6-5MUU5JA6Pis4QI6pVA94HgtKImFvBPBlRmxDp_qm05TpvE4sG4uxxG_zvfKpltcrbOlrEj_5cbkOsSU3FZL08XWu0Yl2oyL1pPlInj14U83sj1sQp1zwVe888zRmOXcGVtiv2bWfDWv98aZBnGHMl784zUx3KgLT9fL2RKrzZYwKZ_lIUgpIOPmTn_bQ_FLCZWGw1LMKZHy_xnIO5b5oa3ODKadaLoSCrJP6nmyR5KwR98GGUO7KaqRLMOzemfMKVm_fEEYI5ChgxwhM4eFHyUzhhacJ-P2EU7TONhjLXc9NSyodUvwj70kns5XWK0S-2DIk9Zohzlt0Fj7HO20KiZIsuMJne1_LA9e28ECgkiPvR4rI2P_EkyOiVwx5-8Nb-l7ILsbZE9ni-_h7xJMS3U2BuwebjYSUsGaYu1EtIncRYcKY-PsJqHAzS5abf3nPqa22DHsRBonCO3YLOf-zUe6YVmEB6OHVRDadm1tNZkBLdv_XvUjwjHsQepGw2P9u5bgYUQhB0ZVLf5YLF3HoK_-2jVQ1PpeRwyJjN0LJDy4yF_3NNSTW8R37HfqMS5CNxOUZ010-Xy5oL6rzECnBlSMx2w-E6ote26FcD1kND-_IjQt69L5zO0hH0aNDs_RLfND_vs3vbdJD9Ukf98AjgBAFP5mcJ8BvmXaJayfTDr0cVLBL43bCaEbFKWqd06Dn6BhlhmnDkfdJ-QIvBvMyHKeS2RInSysi5TX4_6IW9ZCre-uNhY714YaQY0WCRRCpQdDPWUQsz6vJ4WA_xo1eX4-UyQge1pmuBB-90w2SCLczhltqVEmasfn2wSV_R5Gr3BDEmY4tpA8y4jKwyJGwexutJrz8DyKb8Muc6f95R8myBcEyCmpkORmCdUNNrIhK_AX5XPD4YtQI8j78-f-L4wyN84ZWxOSvac9uz2wJCrfx0_SQDuinXA-H31yERBk9z7bhWDkCIINaPSpSQlbvNppr1Dy1Nt6z4MXS-IVQuMGg2X4ERDOzNLwDUaK3CkUuTu92yBZ-_Ng29Ln4LnAQ4Pq1g1Yqw6TQ4KJQhKkV9rDJ1cn12AQdh-umlRUlVthRusKVv_siP1upyAt6a4wq4tSpP5DUgFKz9El55SWkgCc_DEAe7FiptIxdfMq2sWPErb4MwtQ7P-8qPyXRPKnMkdRVcgdcIL1nbfPzqxZhRHgaAqwObeADNz98RI4sSQhQ4bP49Wz3urFaQmU6uhd3-ktFxt-mYwPVCTl2UPTYJ7qkAY7dsY_KkTrJEN5XOpLJSieODMLKBgm2YlMqvre9ITLxkX2o7Qtcm2juyb3pgBq3alIcwg_3a9aNbb2TEMc-s0WRBefKkoKTlhmcsAE6Q3nlgdn-5j-Z9Er77X9mhUjcwa6SZvnl64w1mfDu_rWgBzP0igPkhVAs-lnRjJq40IcBREbbgHpVW1gJl_fKBkI0Uy3zzDl-LSoR6-Nm7wOCja8uAgqzQhtPT3YnNjPaSJZUzHiMNr2ybGgddlcssg3atvTRJkwTNwIqHeddxbMEPj8bM2kd2LXOKuuPKKgI3hDY1nmB9OkUGsm53_FqrwCUjszIyDj7iPcTVD8GUp646mH0RCz2G0WgQGF1Gatuvv5qsv6VQ2dGJPqY-yCB_-m2Yf8Rn-PwY1aEadWiX65i2l4gRbuzaXjoPTN0udgrZ6yt-SQn7esIT3JX-0IuSACHMSMiAMk6zwrstBbyynUt_NzK-21Qhj-uZGuiqyoeimr9RqD7xfJZEevI5_GY__pCFj8U9n5-N93VocWCuz7xvikXFZJe74g38ianaTW45m_v1ugRHfDGZOGwWMa2DYIXi58Hc90HjRJ13Vg7jNAFqzQHx2_UPKMRGJ8-dZZo1c2Z52oT7vPFHwUOYI8sWCe4uxlGhpFaRYdYxg1S_-4LzU38RyXPnFZXx1CNhSxrW7vSrfbGH34m9K8DGCJNmY5GxkQT4WCQGGKpVe_X4XajPXrJ_MaTkgqmCU6OeMZ47g4SP78SHhc54UkrBwxq6Ceqx0oM3Ya5RJZFw_z4_GYKS86ffhbM&pr=8:EE495833C0FDFC5D&cid=CAASEuRo38X2CEA0jqbOmmHz-b2-2g&rfl=1%2Chttps%253A%252F%252Fwww.oann.com%252Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Fri, 12 Nov 2021 03:37:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame B7FB 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AXQMCyXhaP_cQNnPqiLQTOcctGtLiajzsY61dwlm9n7b-Se9dDXvlIXICnn2vB5uOQg6G8c0M-Rmh-c8dyhkRcpgpoLcVLBFsawou-4GxcYjGDqQ-Qhgtbz6R6IHsmiAHMfO7XJ82HBsochgV9hoQQQTXqjA&cry=1&dbm_d=AKAmf-Ccx_-VI5i2qHeDt0TPb_E4w-dv0swuK1qSE2AtkNeOAgsrhl_t8NthvtSP7oKJ28UCGUq1wz35_LnxM4ObxGetRq3GIANwqapIcxJ4tH-xjdWfMsUMTAxeR2oK1CfJF5P2dyYZlaP-MrNyKdSzLZf1-Swb6-2ekLJIt6esHosGwhDJyJ8t6IbWCSc2-7gXH9cheQE-1XlQ3IuasCmXwq0_cnDCOKQ79jg7m0QU4i6FaUeOwiyXmWLAXmad13jXZv2lwIOQPPSN4lhvsmMW77G9dJ4RZCud3Tb4CeJN6ayNlRMBn6sfI5BBH5_nOLNy9N2if9epEif-G8BGUssOQxcD7MIPA3dRhL2SAfALT_DScSArkDS3zHbcw132XNVHmVi3pwSnk6HwsBQkkoXu2QsJQY1xpH1WbHmyRASiTsi4dhwmzYWgAQ95PiCKGw1kwQYLRJdH0NTwHoS_Ib7fToCWN0miBaIQ8QGQ8r9NcaXO8B-CLxrcWzkDHj3fmDpbo8NShre13nkZ1IhHt1SJSwPgH3C7rI_CHETC6zdNY2uTx-1Db17ucHcW5DFSxVgEAY-HrZUWwBJFJpNmKZENyJOxavu5K3uXfVaX-V3tSpjRfC6Cp7d5iZ78OmQ-NxTKSIbVhmebYKtP81UgLIjRxNWXSX-630RtFBSxX_ISHfUq6g3ahpkP4wsG-n4OM0swVcpzUNARd-BAzevNB1Cfy24uhi6ubwMKcRzUM2o1tNMRHs4fl50cmOwbPWz5A5onqJWBQxi1G9qgmCMd0ThNeTX1wq_KIAl4ixu9s8TUmepSzUVUmGzI8pMGPtFaoWjElVRS_dQxibJsj9uVw03oL8FgMBEJ9ugR8Sp1Mh6Z2AIUsiXLdv8D9AbOrKZzDUgzNg1TrzCo-E9aEthtrUL-MMGYmNz5E1hFIYOZ-B_02uPVUlo8J7q1lId32WUujIgyv0811ePS7TpWnWZnv2sO569JWXVD6Lps1VfH-_8JpQJCsA3a_XuDGX_vx630aZJsjKjrEYfWdWQJKwll3FhkObDV8wLXz12LzvJHEzFcuZ33n5ZSSCk3X_7t9ojpXRqMueu4J38DPVxBDeVefeZ0AE3yyPPe_x-4fvC4vOUw7AGGoiVVbt1a9Zh9IxNqWjPPlO79sPwXcTBl_QoiE46p65jVa-n4mf-gHhJmFB1ib_rQfdYw95kuMXypzWsTGfmNaM6MrjbHPWbyFU8AEhZcyy4vcDK8WkRJYoLVh_DeKCN5CTrmW1lql_ph4CDvhObycCN-9cpaYa5G-3TuzrLxtfmPHkVfL452bOVPiCmi5xvZFCTxSkM7gm56p0xFPBKR8tf5meqnNY23hlnHPbdlOGPflIWQ3zm7KL7gh90Tk6-5MUU5JA6Pis4QI6pVA94HgtKImFvBPBlRmxDp_qm05TpvE4sG4uxxG_zvfKpltcrbOlrEj_5cbkOsSU3FZL08XWu0Yl2oyL1pPlInj14U83sj1sQp1zwVe888zRmOXcGVtiv2bWfDWv98aZBnGHMl784zUx3KgLT9fL2RKrzZYwKZ_lIUgpIOPmTn_bQ_FLCZWGw1LMKZHy_xnIO5b5oa3ODKadaLoSCrJP6nmyR5KwR98GGUO7KaqRLMOzemfMKVm_fEEYI5ChgxwhM4eFHyUzhhacJ-P2EU7TONhjLXc9NSyodUvwj70kns5XWK0S-2DIk9Zohzlt0Fj7HO20KiZIsuMJne1_LA9e28ECgkiPvR4rI2P_EkyOiVwx5-8Nb-l7ILsbZE9ni-_h7xJMS3U2BuwebjYSUsGaYu1EtIncRYcKY-PsJqHAzS5abf3nPqa22DHsRBonCO3YLOf-zUe6YVmEB6OHVRDadm1tNZkBLdv_XvUjwjHsQepGw2P9u5bgYUQhB0ZVLf5YLF3HoK_-2jVQ1PpeRwyJjN0LJDy4yF_3NNSTW8R37HfqMS5CNxOUZ010-Xy5oL6rzECnBlSMx2w-E6ote26FcD1kND-_IjQt69L5zO0hH0aNDs_RLfND_vs3vbdJD9Ukf98AjgBAFP5mcJ8BvmXaJayfTDr0cVLBL43bCaEbFKWqd06Dn6BhlhmnDkfdJ-QIvBvMyHKeS2RInSysi5TX4_6IW9ZCre-uNhY714YaQY0WCRRCpQdDPWUQsz6vJ4WA_xo1eX4-UyQge1pmuBB-90w2SCLczhltqVEmasfn2wSV_R5Gr3BDEmY4tpA8y4jKwyJGwexutJrz8DyKb8Muc6f95R8myBcEyCmpkORmCdUNNrIhK_AX5XPD4YtQI8j78-f-L4wyN84ZWxOSvac9uz2wJCrfx0_SQDuinXA-H31yERBk9z7bhWDkCIINaPSpSQlbvNppr1Dy1Nt6z4MXS-IVQuMGg2X4ERDOzNLwDUaK3CkUuTu92yBZ-_Ng29Ln4LnAQ4Pq1g1Yqw6TQ4KJQhKkV9rDJ1cn12AQdh-umlRUlVthRusKVv_siP1upyAt6a4wq4tSpP5DUgFKz9El55SWkgCc_DEAe7FiptIxdfMq2sWPErb4MwtQ7P-8qPyXRPKnMkdRVcgdcIL1nbfPzqxZhRHgaAqwObeADNz98RI4sSQhQ4bP49Wz3urFaQmU6uhd3-ktFxt-mYwPVCTl2UPTYJ7qkAY7dsY_KkTrJEN5XOpLJSieODMLKBgm2YlMqvre9ITLxkX2o7Qtcm2juyb3pgBq3alIcwg_3a9aNbb2TEMc-s0WRBefKkoKTlhmcsAE6Q3nlgdn-5j-Z9Er77X9mhUjcwa6SZvnl64w1mfDu_rWgBzP0igPkhVAs-lnRjJq40IcBREbbgHpVW1gJl_fKBkI0Uy3zzDl-LSoR6-Nm7wOCja8uAgqzQhtPT3YnNjPaSJZUzHiMNr2ybGgddlcssg3atvTRJkwTNwIqHeddxbMEPj8bM2kd2LXOKuuPKKgI3hDY1nmB9OkUGsm53_FqrwCUjszIyDj7iPcTVD8GUp646mH0RCz2G0WgQGF1Gatuvv5qsv6VQ2dGJPqY-yCB_-m2Yf8Rn-PwY1aEadWiX65i2l4gRbuzaXjoPTN0udgrZ6yt-SQn7esIT3JX-0IuSACHMSMiAMk6zwrstBbyynUt_NzK-21Qhj-uZGuiqyoeimr9RqD7xfJZEevI5_GY__pCFj8U9n5-N93VocWCuz7xvikXFZJe74g38ianaTW45m_v1ugRHfDGZOGwWMa2DYIXi58Hc90HjRJ13Vg7jNAFqzQHx2_UPKMRGJ8-dZZo1c2Z52oT7vPFHwUOYI8sWCe4uxlGhpFaRYdYxg1S_-4LzU38RyXPnFZXx1CNhSxrW7vSrfbGH34m9K8DGCJNmY5GxkQT4WCQGGKpVe_X4XajPXrJ_MaTkgqmCU6OeMZ47g4SP78SHhc54UkrBwxq6Ceqx0oM3Ya5RJZFw_z4_GYKS86ffhbM&pr=8:EE495833C0FDFC5D&cid=CAASEuRo38X2CEA0jqbOmmHz-b2-2g&rfl=1%2Chttps%253A%252F%252Fwww.oann.com%252Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:16:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
134479
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Thu, 10 Nov 2022 14:16:35 GMT
m
ad.yieldlab.net/ Frame B01E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm
  • https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESECFigcWfjWembcdpgXwpG0s&google_cver=1
0
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESECFigcWfjWembcdpgXwpG0s&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJz66wIQu_jwAhjWi5u5ATAB&v=APEucNU8gwvfMpq2wwUZqgD3nhKYIkzSlzVlDH70tn6KnzT4ogBmGHv2i6Ppzp4T37a_8ec_lN7yDbuEeOZQOwCyCe3SaJ1g3XFPbxOTRYF2PoSsLKPn64mECOqOjp7owhEQuUHjUkr0i5VCcJJwldOUbOYSdTcyPhkI7yC5vXGiKcPC1xdJnS8
Protocol
HTTP/1.1
Server
104.111.218.85 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:54 GMT
x-content-type-options
nosniff
x-frame-options
DENY
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
x-xss-protection
1; mode=block
x-application-context
application
Expires
Thu, 11 Nov 2021 03:37:54 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:54 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESECFigcWfjWembcdpgXwpG0s&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.adform.net/ Frame B01E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_dbm
  • https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEIlloGnXirCxliHvs6IKbCU&google_cver=1&adform_v=1
43 B
161 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEIlloGnXirCxliHvs6IKbCU&google_cver=1&adform_v=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJz66wIQu_jwAhjWi5u5ATAB&v=APEucNU8gwvfMpq2wwUZqgD3nhKYIkzSlzVlDH70tn6KnzT4ogBmGHv2i6Ppzp4T37a_8ec_lN7yDbuEeOZQOwCyCe3SaJ1g3XFPbxOTRYF2PoSsLKPn64mECOqOjp7owhEQuUHjUkr0i5VCcJJwldOUbOYSdTcyPhkI7yC5vXGiKcPC1xdJnS8
Protocol
H2
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:54 GMT
last-modified
Wed, 10 Apr 2019 10:06:26 GMT
server
nginx
accept-ranges
bytes
etag
"5cadc022-2b"
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:54 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEIlloGnXirCxliHvs6IKbCU&google_cver=1&adform_v=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
312
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
map
ih.adscale.de/ Frame BC47 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.138.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-138-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
534308905b03350e6935979797b8aaa1b096eb48fd80f5ec7e98a262ec01eccc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/

Response headers

date
Fri, 12 Nov 2021 03:37:54 GMT
content-type
text/html;charset=ISO-8859-1
content-length
2084
GS.d
js.cookieless-data.com/ Frame CD42 		0
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1636688274467
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.15.145.115 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
51-15-145-115.rev.poneytelecom.eu
Software
nginx/1.11.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:54 GMT
Server
nginx/1.11.3
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
/
rt.idx.lat/idx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://rt.idx.lat/idx/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.81.39.163 -, , ASN (),
Reverse DNS
Software
awselb/2.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ads.us.e-planning.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
awselb/2.0
date
Fri, 12 Nov 2021 03:37:55 GMT
content-type
application/json
content-length
0
access-control-allow-origin
https://ads.us.e-planning.net
access-control-allow-methods
OPTIONS,POST
access-control-allow-headers
content-type
access-control-allow-credentials
true
/
rt.idx.lat/idx/ Frame 6C54 		890 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rt.idx.lat/idx/
Requested by
Host: resources-rt.idx.lat
URL: https://resources-rt.idx.lat/T2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.81.39.163 -, , ASN (),
Reverse DNS
Software
awselb/2.0 /
Resource Hash
02f5363481a4d55b7b47f26b738d5fa53cb048002f7abc1b2b9e92e2971fc7c9

Request headers

Referer
https://ads.us.e-planning.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 12 Nov 2021 03:37:55 GMT
server
awselb/2.0
access-control-allow-methods
OPTIONS,POST
content-type
application/json
access-control-allow-origin
https://ads.us.e-planning.net
access-control-allow-credentials
true
access-control-allow-headers
content-type
content-length
890
mw
mwzeom.zeotap.com/ Frame A496
Redirect Chain
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D74fce...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=a3124958-2975-4c19-7373-7c5ead9f5295&zdid=1361
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=a3124958-2975-4c19-7373-7c5ead9f5295&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:54 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6accb9766daa5c68-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=a3124958-2975-4c19-7373-7c5ead9f5295&zdid=1361
date
Fri, 12 Nov 2021 03:37:54 GMT
cross-origin-resource-policy
cross-origin
content-length
0
usync.html
eus.rubiconproject.com/ Frame F16A 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40019-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 12 Nov 2021 03:37:54 GMT
Connection
keep-alive
Vary
Accept-Encoding
view
googleads4.g.doubleclick.net/pcs/ Frame B7FB 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuvfjMYLwLg6s64KJyzHv1sjpmTcCMIveamMbNENIkKLjQbW_89W4PZBDQ3yDw-IVW6z49w8WWwlRYd4SNL0IM8-xA8S9b3lNBNCFAFysw1CfcAPN2Sp2kG4PPhg3PSmFmuicAjOpnShUZDOGX4mIUevdzMDkPByNHPmeoC9QPrVaX1wVb0l6vEKPeMPqf47qiZbhrxc_VGEXq1Hx4vt44oP07VIhxqPEiO8zaNSjNWSd9U4oUPkR6vlutzDS3lYXo0qQ6GBP9Tq0MBtnJv0sxf4zqZmZHa1RLQ42H9G6cH9uab_GtNwrybseOn4UaYmDVRNKbq2tYHZTqvdoDdYTggjZr8DR0AOfQftZcViXcTFHCiplsxppoy-j9maTf4C2nrH17AeoyFrw10l1CzJjNsC4dM-g6vgLXzAWp2DvE5FEHuuuEkLbTEsErPuiIOVgAZ_n29GazQR4JLdx9kEMjGAG9pnTNy6oTqkr6ZqwdYOyqkEL9w7XwkQvltRt4vebCXAioljX379e71wN8zPFGifTPuwTGfwkVcQasT_CJUtEr-VDAWCTvwHJjZf7tu29bz996EBQLOZzkMoH3ZChW-YGBnKHZ5uifwrlGWsceNneGivwGRbBaONz1n8cYu-g4kFgMcx-bdXX6_xTdTFcTNUqbdEfFk3KDLJD4J_tVMeW8rV2WL6q8nTJrz0SJae_AuthRpUyQqJ__Lhsgnko6Zs2SZ_LXPHBq1C6pkQhe-fwqSQPZXG8l-oFJUQs7GvyaoiK-CBmXhT05zgBbzbNtlEaFdMDMNhyX2P7Uxssm4I49KovDRQe9STSm0DIPdzOxWeRKYrgNHqGrlbLmw7PguwMD7zofZTJat_nLKmhZ2qry2Ng0bgKuBZtgWalZAQpocH8Ni8aWwjW1_2KbTc2gwj8wbVNmGhxBAhog3zhjdqP1Q2dACydvvordSdswFBpT-Dl8AXx2d0LRyEOk7QKsh1IXKP-aiOhTQoE_MijD7xMoaH2oli0cipEZa8xsI1MT0jdiTipyJtCl8cCvQVrtkvM_B__HpvVRmw1WBX5I9A39LIUFifrqehB-DOVpQPho-vBXlsigvX1pd6ebind4ujLMXEEFGJFhI67j-OczOE-G1JMDt2PIzzbE0uoi3zzLXpNCGavjktriX0A_78RCOPMdmvYs2hiaQ9ATHcdwtCREk-nyErS1KICD0fvSPBRb7eAHk5K1jca7q&sai=AMfl-YSdRaAtDo2ROnWKiByPMCG_83xUEi5mJk5sH4HgXUBsYD_J9e7e0vw6lTRO7OsU2Gh5uIM83hE7Y1mUkGnamwo-OD-u-JJjWiA5btOrj-OzCpUGOgxgbN67DcMI9AGL9mKfzT4RCjNEgS9RhRuVueRrmDgtOQ&sig=Cg0ArKJSzJasZxSJgoaWEAE&uach_m=[UACH]&pr=8:EE495833C0FDFC5D&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=98&vt=11&dtpt=97&dett=2&cstd=0&cisv=r20211109.28999&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AXQMCyXhaP_cQNnPqiLQTOcctGtLiajzsY61dwlm9n7b-Se9dDXvlIXICnn2vB5uOQg6G8c0M-Rmh-c8dyhkRcpgpoLcVLBFsawou-4GxcYjGDqQ-Qhgtbz6R6IHsmiAHMfO7XJ82HBsochgV9hoQQQTXqjA&cry=1&dbm_d=AKAmf-Ccx_-VI5i2qHeDt0TPb_E4w-dv0swuK1qSE2AtkNeOAgsrhl_t8NthvtSP7oKJ28UCGUq1wz35_LnxM4ObxGetRq3GIANwqapIcxJ4tH-xjdWfMsUMTAxeR2oK1CfJF5P2dyYZlaP-MrNyKdSzLZf1-Swb6-2ekLJIt6esHosGwhDJyJ8t6IbWCSc2-7gXH9cheQE-1XlQ3IuasCmXwq0_cnDCOKQ79jg7m0QU4i6FaUeOwiyXmWLAXmad13jXZv2lwIOQPPSN4lhvsmMW77G9dJ4RZCud3Tb4CeJN6ayNlRMBn6sfI5BBH5_nOLNy9N2if9epEif-G8BGUssOQxcD7MIPA3dRhL2SAfALT_DScSArkDS3zHbcw132XNVHmVi3pwSnk6HwsBQkkoXu2QsJQY1xpH1WbHmyRASiTsi4dhwmzYWgAQ95PiCKGw1kwQYLRJdH0NTwHoS_Ib7fToCWN0miBaIQ8QGQ8r9NcaXO8B-CLxrcWzkDHj3fmDpbo8NShre13nkZ1IhHt1SJSwPgH3C7rI_CHETC6zdNY2uTx-1Db17ucHcW5DFSxVgEAY-HrZUWwBJFJpNmKZENyJOxavu5K3uXfVaX-V3tSpjRfC6Cp7d5iZ78OmQ-NxTKSIbVhmebYKtP81UgLIjRxNWXSX-630RtFBSxX_ISHfUq6g3ahpkP4wsG-n4OM0swVcpzUNARd-BAzevNB1Cfy24uhi6ubwMKcRzUM2o1tNMRHs4fl50cmOwbPWz5A5onqJWBQxi1G9qgmCMd0ThNeTX1wq_KIAl4ixu9s8TUmepSzUVUmGzI8pMGPtFaoWjElVRS_dQxibJsj9uVw03oL8FgMBEJ9ugR8Sp1Mh6Z2AIUsiXLdv8D9AbOrKZzDUgzNg1TrzCo-E9aEthtrUL-MMGYmNz5E1hFIYOZ-B_02uPVUlo8J7q1lId32WUujIgyv0811ePS7TpWnWZnv2sO569JWXVD6Lps1VfH-_8JpQJCsA3a_XuDGX_vx630aZJsjKjrEYfWdWQJKwll3FhkObDV8wLXz12LzvJHEzFcuZ33n5ZSSCk3X_7t9ojpXRqMueu4J38DPVxBDeVefeZ0AE3yyPPe_x-4fvC4vOUw7AGGoiVVbt1a9Zh9IxNqWjPPlO79sPwXcTBl_QoiE46p65jVa-n4mf-gHhJmFB1ib_rQfdYw95kuMXypzWsTGfmNaM6MrjbHPWbyFU8AEhZcyy4vcDK8WkRJYoLVh_DeKCN5CTrmW1lql_ph4CDvhObycCN-9cpaYa5G-3TuzrLxtfmPHkVfL452bOVPiCmi5xvZFCTxSkM7gm56p0xFPBKR8tf5meqnNY23hlnHPbdlOGPflIWQ3zm7KL7gh90Tk6-5MUU5JA6Pis4QI6pVA94HgtKImFvBPBlRmxDp_qm05TpvE4sG4uxxG_zvfKpltcrbOlrEj_5cbkOsSU3FZL08XWu0Yl2oyL1pPlInj14U83sj1sQp1zwVe888zRmOXcGVtiv2bWfDWv98aZBnGHMl784zUx3KgLT9fL2RKrzZYwKZ_lIUgpIOPmTn_bQ_FLCZWGw1LMKZHy_xnIO5b5oa3ODKadaLoSCrJP6nmyR5KwR98GGUO7KaqRLMOzemfMKVm_fEEYI5ChgxwhM4eFHyUzhhacJ-P2EU7TONhjLXc9NSyodUvwj70kns5XWK0S-2DIk9Zohzlt0Fj7HO20KiZIsuMJne1_LA9e28ECgkiPvR4rI2P_EkyOiVwx5-8Nb-l7ILsbZE9ni-_h7xJMS3U2BuwebjYSUsGaYu1EtIncRYcKY-PsJqHAzS5abf3nPqa22DHsRBonCO3YLOf-zUe6YVmEB6OHVRDadm1tNZkBLdv_XvUjwjHsQepGw2P9u5bgYUQhB0ZVLf5YLF3HoK_-2jVQ1PpeRwyJjN0LJDy4yF_3NNSTW8R37HfqMS5CNxOUZ010-Xy5oL6rzECnBlSMx2w-E6ote26FcD1kND-_IjQt69L5zO0hH0aNDs_RLfND_vs3vbdJD9Ukf98AjgBAFP5mcJ8BvmXaJayfTDr0cVLBL43bCaEbFKWqd06Dn6BhlhmnDkfdJ-QIvBvMyHKeS2RInSysi5TX4_6IW9ZCre-uNhY714YaQY0WCRRCpQdDPWUQsz6vJ4WA_xo1eX4-UyQge1pmuBB-90w2SCLczhltqVEmasfn2wSV_R5Gr3BDEmY4tpA8y4jKwyJGwexutJrz8DyKb8Muc6f95R8myBcEyCmpkORmCdUNNrIhK_AX5XPD4YtQI8j78-f-L4wyN84ZWxOSvac9uz2wJCrfx0_SQDuinXA-H31yERBk9z7bhWDkCIINaPSpSQlbvNppr1Dy1Nt6z4MXS-IVQuMGg2X4ERDOzNLwDUaK3CkUuTu92yBZ-_Ng29Ln4LnAQ4Pq1g1Yqw6TQ4KJQhKkV9rDJ1cn12AQdh-umlRUlVthRusKVv_siP1upyAt6a4wq4tSpP5DUgFKz9El55SWkgCc_DEAe7FiptIxdfMq2sWPErb4MwtQ7P-8qPyXRPKnMkdRVcgdcIL1nbfPzqxZhRHgaAqwObeADNz98RI4sSQhQ4bP49Wz3urFaQmU6uhd3-ktFxt-mYwPVCTl2UPTYJ7qkAY7dsY_KkTrJEN5XOpLJSieODMLKBgm2YlMqvre9ITLxkX2o7Qtcm2juyb3pgBq3alIcwg_3a9aNbb2TEMc-s0WRBefKkoKTlhmcsAE6Q3nlgdn-5j-Z9Er77X9mhUjcwa6SZvnl64w1mfDu_rWgBzP0igPkhVAs-lnRjJq40IcBREbbgHpVW1gJl_fKBkI0Uy3zzDl-LSoR6-Nm7wOCja8uAgqzQhtPT3YnNjPaSJZUzHiMNr2ybGgddlcssg3atvTRJkwTNwIqHeddxbMEPj8bM2kd2LXOKuuPKKgI3hDY1nmB9OkUGsm53_FqrwCUjszIyDj7iPcTVD8GUp646mH0RCz2G0WgQGF1Gatuvv5qsv6VQ2dGJPqY-yCB_-m2Yf8Rn-PwY1aEadWiX65i2l4gRbuzaXjoPTN0udgrZ6yt-SQn7esIT3JX-0IuSACHMSMiAMk6zwrstBbyynUt_NzK-21Qhj-uZGuiqyoeimr9RqD7xfJZEevI5_GY__pCFj8U9n5-N93VocWCuz7xvikXFZJe74g38ianaTW45m_v1ugRHfDGZOGwWMa2DYIXi58Hc90HjRJ13Vg7jNAFqzQHx2_UPKMRGJ8-dZZo1c2Z52oT7vPFHwUOYI8sWCe4uxlGhpFaRYdYxg1S_-4LzU38RyXPnFZXx1CNhSxrW7vSrfbGH34m9K8DGCJNmY5GxkQT4WCQGGKpVe_X4XajPXrJ_MaTkgqmCU6OeMZ47g4SP78SHhc54UkrBwxq6Ceqx0oM3Ya5RJZFw_z4_GYKS86ffhbM&pr=8:EE495833C0FDFC5D&cid=CAASEuRo38X2CEA0jqbOmmHz-b2-2g&rfl=1%2Chttps%253A%252F%252Fwww.oann.com%252Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Fri, 12 Nov 2021 03:37:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
match.js
js.adscale.de/ Frame BC47 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/match.js
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:8600:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
91b4eb09154d5ebef46352e922194ec6dbb9547b63f9776ae10133fe1ca66879

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
mwPXuZ0W9XDnivenXkp2GOvo7EpISEuC
content-encoding
br
last-modified
Thu, 11 Nov 2021 06:45:10 GMT
server
AmazonS3
age
3163
etag
W/"b75124846aec28a28b7a3441813682d5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 5297df6326448099cefed6e96fd7b00b.cloudfront.net (CloudFront)
cache-control
max-age=7200
date
Fri, 12 Nov 2021 02:45:12 GMT
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
mwkW4_yTbYHm0S3mPX-8zZSKiIRjnR26FC-FeR7DXW8ccwE2s7CQmQ==
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 87F9 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Wed, 10 Nov 2021 14:17:34 GMT
expires
Thu, 10 Nov 2022 14:17:34 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
134421
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
usync.js
eus.rubiconproject.com/ Frame F16A 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0ab97734a7744ba95b6c3a25f32fc74029cae9a8b0e65b0f7bdeb4d1ba7b2d70

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:37:55 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Nov 2021 00:01:00 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=12160
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9510
Expires
Fri, 12 Nov 2021 07:00:35 GMT
img
ih.adscale.de/sium/23c1d4719e6544b7a5dc8ad4fb7f7f34/1636688274862/0/ Frame BC47
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&uid=c0ef958aaf53f010dd27d9de5b877e2daa5f1ca6d6514ad21c287b0e195e4e90&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F23c...
  • https://ih.adscale.de/sium/23c1d4719e6544b7a5dc8ad4fb7f7f34/1636688274862/0/img?uid=c0ef958aaf53f010dd27d9de5b877e2daa5f1ca6d6514ad21c287b0e195e4e90&tpid=38&gdpr=0&tpuid=CAESEL6nLPN4cn9QN1SvlFnMbus...
49 B
794 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/23c1d4719e6544b7a5dc8ad4fb7f7f34/1636688274862/0/img?uid=c0ef958aaf53f010dd27d9de5b877e2daa5f1ca6d6514ad21c287b0e195e4e90&tpid=38&gdpr=0&tpuid=CAESEL6nLPN4cn9QN1SvlFnMbus&google_cver=1
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
35.157.138.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-138-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:55 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ih.adscale.de/sium/23c1d4719e6544b7a5dc8ad4fb7f7f34/1636688274862/0/img?uid=c0ef958aaf53f010dd27d9de5b877e2daa5f1ca6d6514ad21c287b0e195e4e90&tpid=38&gdpr=0&tpuid=CAESEL6nLPN4cn9QN1SvlFnMbus&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
424
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
app.retargetly.com/ Frame 1CC9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=retargetly_ddp&google_hm=ZTc1M2RmOTctZWMyMS00MmYzLWIzZjEtNmJkMGRjOTZjMzYx&google_cm
  • https://app.retargetly.com/sync?pid=11&google_gid=CAESEL_8Dn8r8DPRxkJxr587BXc&google_cver=1
68 B
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.retargetly.com/sync?pid=11&google_gid=CAESEL_8Dn8r8DPRxkJxr587BXc&google_cver=1
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fdu%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fdu%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=e753df97-ec21-42f3-b3f1-6bd0dc96c361&idx=&_rlid=e753df97-ec21-42f3-b3f1-6bd0dc96c361
Protocol
H2
Server
2606:4700:10::6816:118d -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:55 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6accb9773df5699f-FRA
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
cache-control
no-cache
content-type
image/png
expires
0

Redirect headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://app.retargetly.com/sync?pid=11&google_gid=CAESEL_8Dn8r8DPRxkJxr587BXc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
296
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
pixel.mathtag.com/sync/ Frame 1CC9 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.mathtag.com/sync/js?mt_lim=12&sync=auto&exsync=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%5BMM_UUID%5D%26pid%3D10
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fdu%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fdu%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=e753df97-ec21-42f3-b3f1-6bd0dc96c361&idx=&_rlid=e753df97-ec21-42f3-b3f1-6bd0dc96c361
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 -, , ASN (),
Reverse DNS
Software
MT3 4067 88cc6bf master cdg-pixel-x2 config:1.0.0 /
Resource Hash
827e2fb9659d0bd68c134a325e7ca5f990b1b13dbcc74a9cc513cff878f6be9b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:37:55 GMT
Server
MT3 4067 88cc6bf master cdg-pixel-x2 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
text/javascript
Content-Length
1486
Expires
Fri, 12 Nov 2021 03:37:54 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 1CC9 		95 B
414 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3012&partner_device_id=e753df97-ec21-42f3-b3f1-6bd0dc96c361&_rand=1636688274894
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fdu%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fdu%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=e753df97-ec21-42f3-b3f1-6bd0dc96c361&idx=&_rlid=e753df97-ec21-42f3-b3f1-6bd0dc96c361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:55 GMT
via
1.1 google
content-type
image/png
alt-svc
clear
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
sync
app.retargetly.com/ Frame 1CC9
Redirect Chain
  • https://tags.bluekai.com/site/28347?limit=0&id=e753df97-ec21-42f3-b3f1-6bd0dc96c361&redir=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%24_BK_UUID%26pid%3D9
  • https://app.retargetly.com/sync?sid=$_BK_UUID&pid=9
68 B
705 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.retargetly.com/sync?sid=$_BK_UUID&pid=9
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fdu%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fdu%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=e753df97-ec21-42f3-b3f1-6bd0dc96c361&idx=&_rlid=e753df97-ec21-42f3-b3f1-6bd0dc96c361
Protocol
H2
Server
2606:4700:10::6816:118d -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:55 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6accb977fed7699f-FRA
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
cache-control
no-cache
content-type
image/png
expires
0

Redirect headers

Location
https://app.retargetly.com/sync?sid=$_BK_UUID&pid=9
Date
Fri, 12 Nov 2021 03:37:55 GMT
Connection
keep-alive
Content-Length
0
BK-Server
48d8
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
sync
api.retargetly.com/ Frame 1CC9
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=83i98y4&ttd_tpi=1
  • https://api.retargetly.com/sync?pid=13&sid=c6f7b90a-8be6-489e-aed8-3443d34fbebe
68 B
629 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.retargetly.com/sync?pid=13&sid=c6f7b90a-8be6-489e-aed8-3443d34fbebe
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fdu%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fdu%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=e753df97-ec21-42f3-b3f1-6bd0dc96c361&idx=&_rlid=e753df97-ec21-42f3-b3f1-6bd0dc96c361
Protocol
H2
Server
2606:4700:10::6816:118d -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:55 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6accb9775e23699f-FRA
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
cache-control
no-cache
content-type
image/png
expires
0

Redirect headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:55 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://api.retargetly.com/sync?pid=13&sid=c6f7b90a-8be6-489e-aed8-3443d34fbebe
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
189
usersync
pixel-sync.sitescout.com/connectors/retargetly/ Frame 1CC9 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/connectors/retargetly/usersync?redir=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%7BuserId%7D%26pid%3D23
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fdu%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fdu%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=e753df97-ec21-42f3-b3f1-6bd0dc96c361&idx=&_rlid=e753df97-ec21-42f3-b3f1-6bd0dc96c361
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:55 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
cms
cms.analytics.yahoo.com/ Frame 1CC9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.analytics.yahoo.com/cms?partner_id=RTGLY
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fdu%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fdu%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=e753df97-ec21-42f3-b3f1-6bd0dc96c361&idx=&_rlid=e753df97-ec21-42f3-b3f1-6bd0dc96c361
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.182 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spcms.pbp.vip.ir2.yahoo.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
sync
app.retargetly.com/ Frame 1CC9
Redirect Chain
  • https://secure.adnxs.com/getuid?https://app.retargetly.com/sync?sid=$UID&pid=2
  • https://app.retargetly.com/sync?sid=7051991869510472897&pid=2
68 B
423 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.retargetly.com/sync?sid=7051991869510472897&pid=2
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fdu%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fdu%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=e753df97-ec21-42f3-b3f1-6bd0dc96c361&idx=&_rlid=e753df97-ec21-42f3-b3f1-6bd0dc96c361
Protocol
H2
Server
2606:4700:10::6816:118d -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:55 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6accb9774e1b699f-FRA
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
cache-control
no-cache
content-type
image/png
expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:55 GMT
X-Proxy-Origin
91.199.118.74; 91.199.118.74; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
ceffcae6-06f2-49ab-8693-dd84b71f1106
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://app.retargetly.com/sync?sid=7051991869510472897&pid=2
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
app.retargetly.com/ Frame 1CC9
Redirect Chain
  • https://trc.taboola.com/sg/retargetly/1/cm
  • https://app.retargetly.com/sync?pid=39&sid=99df2d6b-f89a-491a-82d2-cd98d43c0b1a-tuct8876709
68 B
658 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.retargetly.com/sync?pid=39&sid=99df2d6b-f89a-491a-82d2-cd98d43c0b1a-tuct8876709
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fdu%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fdu%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=e753df97-ec21-42f3-b3f1-6bd0dc96c361&idx=&_rlid=e753df97-ec21-42f3-b3f1-6bd0dc96c361
Protocol
H2
Server
2606:4700:10::6816:118d -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:55 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6accb9773def699f-FRA
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
cache-control
no-cache
content-type
image/png
expires
0

Redirect headers

x-vcl-time-ms
9
date
Fri, 12 Nov 2021 03:37:55 GMT
via
1.1 varnish
server
nginx
x-timer
S1636688275.051258,VS0,VE9
x-cache
MISS
location
https://app.retargetly.com/sync?pid=39&sid=99df2d6b-f89a-491a-82d2-cd98d43c0b1a-tuct8876709
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19166-FRA
sync
app.retargetly.com/ Frame 1CC9
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3a%2f%2fapp.retargetly.com%2fsync%3fpid%3d14%26sid%3d%23PM_USER_ID
  • https://app.retargetly.com/sync?pid=14&sid=F7758E58-A6FE-4EE5-A3E4-8A9A780B336D
68 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.retargetly.com/sync?pid=14&sid=F7758E58-A6FE-4EE5-A3E4-8A9A780B336D
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fdu%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fdu%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=e753df97-ec21-42f3-b3f1-6bd0dc96c361&idx=&_rlid=e753df97-ec21-42f3-b3f1-6bd0dc96c361
Protocol
H2
Server
2606:4700:10::6816:118d -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:55 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6accb9773df2699f-FRA
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
cache-control
no-cache
content-type
image/png
expires
0

Redirect headers

location
https://app.retargetly.com/sync?pid=14&sid=F7758E58-A6FE-4EE5-A3E4-8A9A780B336D
date
Fri, 12 Nov 2021 03:37:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
sync
app.retargetly.com/ Frame 1CC9
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%5Bsas_uid%5D%26pid%3D63
  • https://app.retargetly.com/sync?sid=1193297337061439951&pid=63
68 B
488 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.retargetly.com/sync?sid=1193297337061439951&pid=63
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fdu%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fdu%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=e753df97-ec21-42f3-b3f1-6bd0dc96c361&idx=&_rlid=e753df97-ec21-42f3-b3f1-6bd0dc96c361
Protocol
H2
Server
2606:4700:10::6816:118d -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:55 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6accb9774e16699f-FRA
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
cache-control
no-cache
content-type
image/png
expires
0

Redirect headers

location
https://app.retargetly.com/sync?sid=1193297337061439951&pid=63
date
Fri, 12 Nov 2021 03:37:54 GMT
content-length
0
sync
app.retargetly.com/ Frame 1CC9
Redirect Chain
  • https://sync.teads.tv/rt/sync?vid=e753df97-ec21-42f3-b3f1-6bd0dc96c361&gdpr=0&us_privacy=%221-N-%22
  • https://app.retargetly.com/sync?pid=51&sid=e753df97-ec21-42f3-b3f1-6bd0dc96c361
68 B
497 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.retargetly.com/sync?pid=51&sid=e753df97-ec21-42f3-b3f1-6bd0dc96c361
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fdu%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fdu%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=e753df97-ec21-42f3-b3f1-6bd0dc96c361&idx=&_rlid=e753df97-ec21-42f3-b3f1-6bd0dc96c361
Protocol
H2
Server
2606:4700:10::6816:118d -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:55 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6accb9779e75699f-FRA
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
cache-control
no-cache
content-type
image/png
expires
0

Redirect headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:55 GMT
server
akka-http/10.2.6
content-type
text/html; charset=UTF-8
location
https://app.retargetly.com/sync?pid=51&sid=e753df97-ec21-42f3-b3f1-6bd0dc96c361
cache-control
max-age=0, no-cache, no-store
content-length
152
expires
Fri, 12 Nov 2021 03:37:55 GMT
tpid=e753df97-ec21-42f3-b3f1-6bd0dc96c361
bcp.crwdcntrl.net/map/c=11530/tp=RTRG/ Frame 1CC9 		49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=11530/tp=RTRG/tpid=e753df97-ec21-42f3-b3f1-6bd0dc96c361
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fdu%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fdu%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=e753df97-ec21-42f3-b3f1-6bd0dc96c361&idx=&_rlid=e753df97-ec21-42f3-b3f1-6bd0dc96c361
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.84.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-84-146.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:55 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.5.53
content-type
image/gif
content-length
49
expires
0
cm.os
ads01.groovinads.com/grv/track/ Frame 1CC9 		43 B
592 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads01.groovinads.com/grv/track/cm.os?p=RT&u=e753df97-ec21-42f3-b3f1-6bd0dc96c361
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fdu%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fdu%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=e753df97-ec21-42f3-b3f1-6bd0dc96c361&idx=&_rlid=e753df97-ec21-42f3-b3f1-6bd0dc96c361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.34.177 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:55 GMT
cf-cache-status
DYNAMIC
x-server-origin
app06.groovinads.com
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/gif
cache-control
no-cache, must-revalidate
x-server
app11
cf-ray
6accb9773cd24df4-FRA
expires
0
IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js
pagead2.googlesyndication.com/bg/ Frame 87F9 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
203a4bdab26266b358deb62aa3878818363aa615edc7e1b361110d1cc2165a51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 20:18:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
199184
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13371
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 09 Nov 2022 20:18:11 GMT
img
ih.adscale.de/sium/23c1d4719e6544b7a5dc8ad4fb7f7f34/1636688274862/0/ Frame BC47
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=17&uid=811c429160e750c2bda015c47413b283db52d03c7e31b6f1d1f71e57bd0e1d43&tpid=72&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F23c1d4719e6544b7a5dc8ad4fb7f7f...
  • https://ih.adscale.de/sium/23c1d4719e6544b7a5dc8ad4fb7f7f34/1636688274862/0/img?tpuid=7029522580518533270&tpid=72&gdpr=0
49 B
801 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/23c1d4719e6544b7a5dc8ad4fb7f7f34/1636688274862/0/img?tpuid=7029522580518533270&tpid=72&gdpr=0
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
35.157.138.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-138-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:55 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Location
https://ih.adscale.de/sium/23c1d4719e6544b7a5dc8ad4fb7f7f34/1636688274862/0/img?tpuid=7029522580518533270&tpid=72&gdpr=0
Date
Fri, 12 Nov 2021 03:37:55 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
iframe
pixel.mathtag.com/sync/ Frame 0AFA 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.mathtag.com/sync/iframe?mt_uuid=e626618d-e18b-4900-b346-8a6c848cdf60&no_iframe=1&exsync=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%5BMM_UUID%5D%26pid%3D10&mt_lim=12&source=mathtag
Requested by
Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/js?mt_lim=12&sync=auto&exsync=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%5BMM_UUID%5D%26pid%3D10
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 -, , ASN (),
Reverse DNS
Software
MT3 4067 88cc6bf master cdg-pixel-x13 config:1.0.0 /
Resource Hash
06f89ab9c622f568c59c74a39d4de767e5393c83cc66cffe303448ee90635f0e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://api.retargetly.com/

Response headers

Content-Type
text/html
Server
MT3 4067 88cc6bf master cdg-pixel-x13 config:1.0.0
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires
Fri, 12 Nov 2021 03:37:54 GMT
Vary
Accept-Encoding
Content-Encoding
gzip
Date
Fri, 12 Nov 2021 03:37:55 GMT
Content-Length
900
Connection
keep-alive
tpui
ih.adscale.de/adscale-ih/ Frame BC47
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adscale&ttd_tpi=1&uid=6f19a24d0a43c293082db18170f536059080940384a190d7f41ffd08458ba50c&tpid=60&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F23c1d471...
  • https://ih.adscale.de/adscale-ih/tpui?tpid=60&tpuid=c6f7b90a-8be6-489e-aed8-3443d34fbebe
49 B
752 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/adscale-ih/tpui?tpid=60&tpuid=c6f7b90a-8be6-489e-aed8-3443d34fbebe
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
35.157.138.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-138-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:55 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:55 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ih.adscale.de/adscale-ih/tpui?tpid=60&tpuid=c6f7b90a-8be6-489e-aed8-3443d34fbebe
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
207
img
pixel.mathtag.com/misc/ Frame 1CC9 		43 B
493 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fdu%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fdu%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=e753df97-ec21-42f3-b3f1-6bd0dc96c361&idx=&_rlid=e753df97-ec21-42f3-b3f1-6bd0dc96c361
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 -, , ASN (),
Reverse DNS
Software
MT3 4067 88cc6bf master cdg-pixel-x27 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:37:55 GMT
Server
MT3 4067 88cc6bf master cdg-pixel-x27 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 12 Nov 2021 03:37:54 GMT
img
pixel.mathtag.com/misc/ Frame 0AFA 		43 B
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/misc/img?mop_seq=0:1&mt_cb=629021&mop_top=
Requested by
Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=e626618d-e18b-4900-b346-8a6c848cdf60&no_iframe=1&exsync=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%5BMM_UUID%5D%26pid%3D10&mt_lim=12&source=mathtag
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 -, , ASN (),
Reverse DNS
Software
MT3 4067 88cc6bf master cdg-pixel-x30 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pixel.mathtag.com/sync/iframe?mt_uuid=e626618d-e18b-4900-b346-8a6c848cdf60&no_iframe=1&exsync=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%5BMM_UUID%5D%26pid%3D10&mt_lim=12&source=mathtag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:37:55 GMT
Server
MT3 4067 88cc6bf master cdg-pixel-x30 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 12 Nov 2021 03:37:54 GMT
img
pixel.mathtag.com/misc/ Frame 0AFA 		43 B
493 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by
Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=e626618d-e18b-4900-b346-8a6c848cdf60&no_iframe=1&exsync=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%5BMM_UUID%5D%26pid%3D10&mt_lim=12&source=mathtag
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 -, , ASN (),
Reverse DNS
Software
MT3 4067 88cc6bf master cdg-pixel-x15 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pixel.mathtag.com/sync/iframe?mt_uuid=e626618d-e18b-4900-b346-8a6c848cdf60&no_iframe=1&exsync=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%5BMM_UUID%5D%26pid%3D10&mt_lim=12&source=mathtag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:37:55 GMT
Server
MT3 4067 88cc6bf master cdg-pixel-x15 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 12 Nov 2021 03:37:54 GMT
img
ih.adscale.de/sium/434521556285939984/1556285939984/0/ Frame BC47
Redirect Chain
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fih.adscale.de%2Fsium%2F434521556285939984%2F1556285939984%2F0%2Fimg%3Ftpid%3D107%26tpuid%3D%24UID&uid=13e351be94e4a2de8218dc3d7e49a032384a9549d79cd4d...
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fih.adscale.de%2Fsium%2F434521556285939984%2F1556285939984%2F0%2Fimg%3Ftpid%3D107%26tpuid%3D%24EMXUID
  • https://cs.emxdgt.com/umcheck?apnxid=7051991869510472897&redirect=https://ih.adscale.de/sium/434521556285939984/1556285939984/0/img?tpid=107&tpuid=$EMXUID
  • https://ih.adscale.de/sium/434521556285939984/1556285939984/0/img?tpid=107&uid=7051991869510472897brt309251636688275244087f1
49 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/434521556285939984/1556285939984/0/img?tpid=107&uid=7051991869510472897brt309251636688275244087f1
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
35.157.138.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-138-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:55 GMT
content-length
49
content-type
image/gif

Redirect headers

location
https://ih.adscale.de/sium/434521556285939984/1556285939984/0/img?tpid=107&uid=7051991869510472897brt309251636688275244087f1
date
Fri, 12 Nov 2021 03:37:54 GMT
content-length
0
content-type
text/html
async_usersync
ib.adnxs.com/ Frame 9DBE 		0
731 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:55 GMT
X-Proxy-Origin
91.199.118.74; 91.199.118.74; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
9810c996-6313-4b5a-bce9-892bfc280d9a
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 87F9 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B5otgkuGNYeTfJIjI7gOelaigBQAAAAA4AeAEAg&bg=!aWqlai7NAAZQLpa_UC47ACkAdvg8WvOLyLvlhf9Griz0CNMxL7_3ThnoLvFeiR1jUSLJTKx7NNuAKQIAAACaUgAAAAtoAQeZAtGby96ONA5lpIzaYmDGqVTA_W2K6tMPROYHtaaaPCIPSYL2JQ5Gguoz7s2f-iVwONjyXNA033pnEYcico5KqVFjxIh1QxyaBY5GZhzrPt_G6UL2vAi7__1bLbrfR7T1AQKPkubya7oiGBMxmlaIlbEQMC37-LL6vzBiRq-FllAA93xOeOmCNepPaRRVmu9xKk8RxdNib6Xk1dgu547sgU7iOnz6xYOmT649vUmW76bc6HizOVpyAit77BBDnsieeZGQ1lV2dr9FaMPeynjRxBwr7zj2a-j9VZeO3MPx4SWSy95Ym8SvX26Mpzfv0Tx-RV8YPMj5ubCYYssJCOm4jO-3TaXszRnLrhbw_uv6rvX9dANX8nWDoi9o7f8zlVecvxC0Ce6d_H38gWSdAtnxW6zL6_xOeAJDJU21ebTQpf_4mZG9CwkJg1L8z0n745K3esTXhG_0aUrj3jLh-HDg1R9nCwz40PzXhpBxQrkMLi8Y-f7FBj53Cbd4x6xKXq8Mo2iXcprLRS9JfAgeq0yytVuYMoNcCqBDVGl0L4x5I0YuLfpfT1-AIRoZYWs0SJMjkC4d1XjFTG4KNheBupqXSDWv2abd9-rNilKnhqIfdsycWMPh9Ql27DVG2r9gE9SXig9Mb_8606HGf6RF6pIf1D7r1mA-HzMwOUuVGe4-FZUUNEWU8dkOr1_yBiWRe5GpXXV7Np8ZY9kRNOtXlvCu9I408Y8K__Adw833tJ3CqY9bU9UrDvXs4x6sff72fDhng8gWB5LTIVp-Qn_qYE78iIHKl9IPG7mtLu0LLZjNETyGToYDcq6l5SpFL8L-7YrokcRIpH4xFuzzSCp6hDWtGhQqn2IhBxrh322rZNa8qunYjDOHEgsKZLbd9ztoeXn5wACuZhhyL9O4S5OpR7E1DDERhQmf3RYRWkQa_cbfK5AyX69UH9wb7OdZVz7pUoIgHKjM
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
img
ih.adscale.de/sium/23c1d4719e6544b7a5dc8ad4fb7f7f34/1636688274862/0/ Frame BC47
Redirect Chain
  • https://green.erne.co/stroer/cm?uid=73834bb45fc01404072bb7833deeb857d56b4907a5f94e67aab7f799ed38c69c&tpid=84&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F23c1d4719e6544b7a5dc8ad4fb7f7f34%2F1636688274...
  • https://pixel.onaudience.com/?mapped=5EUJvoksFrJIRubrTtzNXzX5&partner=2&redirect=green.erne.co%2Fct%2Fcm%3Fred%3Dhttps%253A%252F%252Fih.adscale.de%252Fsium%252F23c1d4719e6544b7a5dc8ad4fb7f7f34%252F...
  • https://sync.crwdcntrl.net/map/c=14544/tp=BIDB?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26redirect%3Dhttps%253A%252F%252Fgreen.erne.co%252Fc...
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=ae1ef9dbcc63b13a6494acd785836c22&redirect=https%3A%2F%2Fgreen.erne.co%2Fct%2Fcm%3Fred%3Dhttps%253A%252F%252Fih.adscale.de%252Fsium%252F23c1...
  • https://green.erne.co/ct/cm?red=https%3A%2F%2Fih.adscale.de%2Fsium%2F23c1d4719e6544b7a5dc8ad4fb7f7f34%2F1636688274862%2F0%2Fimg%3Ftpid%3D84%26tpuid%3D5EUJvoksFrJIRubrTtzNXzX5
  • https://ih.adscale.de/sium/23c1d4719e6544b7a5dc8ad4fb7f7f34/1636688274862/0/img?tpid=84&tpuid=5EUJvoksFrJIRubrTtzNXzX5
49 B
768 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/23c1d4719e6544b7a5dc8ad4fb7f7f34/1636688274862/0/img?tpid=84&tpuid=5EUJvoksFrJIRubrTtzNXzX5
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
35.157.138.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-138-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:55 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

location
https://ih.adscale.de/sium/23c1d4719e6544b7a5dc8ad4fb7f7f34/1636688274862/0/img?tpid=84&tpuid=5EUJvoksFrJIRubrTtzNXzX5
date
Fri, 12 Nov 2021 03:37:55 GMT
server
openresty
strict-transport-security
max-age=0; includeSubDomains;
content-type
text/html; charset=UTF-8
ptrack
a.audrte.com/ Frame 6C54 		368 B
879 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptrack?arlocation=91.199.118.74&p=M1353665098&artime=2021-11-12T03:37:54.943Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMT9kdT1odHRwcyUzQSUyRiUyRnN5bmMuYWR0ZWxsaWdlbnQuY29tJTJGY3N5bmMlM0Z0JTNEYSUyNmVwJTNEMzA3OTcxJTI2ZXh0dWlkJTNEJTI0VUlE&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=d3d3Lm9hbm4uY29tL2ZlZGVyYWwtY291cnQtb3JkZXJzLWJpZGVucy1kb2otdG8tc3RvcC1leHRyYWN0aW5nLWRhdGEtZnJvbS1waG9uZXMtb2YtcHJvamVjdC12ZXJpdGFzLWZvdW5kZXItamFtZXMtb2tlZWZlLw==
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.28.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-28-97.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
84dca2f378544701cd80e4054a7508a2e073ebd3e859b8040a03f083102b2a09

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:37:55 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://ads.us.e-planning.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
262
sium
ih.adscale.de/adscale-ih/ Frame BC47
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adscale&uid=6f4351f5e5121f9504efa1418487c198b52f573726061f953fca9f899cf87d87&tpid=57&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F23c1d4719e6544b7a5dc8ad4fb7f7f34%2F1...
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=adscale&ssp_user_id=ca55ffaf-b038-4845-a074-417fa5b634be
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=171315511&expires=5&ssp=adscale
  • https://ih.adscale.de/adscale-ih/sium?tpid=57&tpuid=ca55ffaf-b038-4845-a074-417fa5b634be&gdpr=&gdpr_consent=
49 B
791 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/adscale-ih/sium?tpid=57&tpuid=ca55ffaf-b038-4845-a074-417fa5b634be&gdpr=&gdpr_consent=
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
35.157.138.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-138-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:55 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Location
//ih.adscale.de/adscale-ih/sium?tpid=57&tpuid=ca55ffaf-b038-4845-a074-417fa5b634be&gdpr=&gdpr_consent=
Date
Fri, 12 Nov 2021 03:37:55 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
img
ih.adscale.de/sium/23c1d4719e6544b7a5dc8ad4fb7f7f34/1636688274862/0/ Frame BC47
Redirect Chain
  • https://brain.rvty.net/RTB/AdscaleMatch?uid=e91eebb93e605a1d7cc0ad63d3d92b7fb985d3ded6922247d3c9482ec6eae158&tpid=23&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F23c1d4719e6544b7a5dc8ad4fb7f7f34%2F16...
  • https://ih.adscale.de/sium/23c1d4719e6544b7a5dc8ad4fb7f7f34/1636688274862/0/img?tpid=23&tpuid=8303cf73-534c-44dc-897f-977426f99bcd
49 B
812 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/23c1d4719e6544b7a5dc8ad4fb7f7f34/1636688274862/0/img?tpid=23&tpuid=8303cf73-534c-44dc-897f-977426f99bcd
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
35.157.138.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-138-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:55 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Location
https://ih.adscale.de/sium/23c1d4719e6544b7a5dc8ad4fb7f7f34/1636688274862/0/img?tpid=23&tpuid=8303cf73-534c-44dc-897f-977426f99bcd
Date
Fri, 12 Nov 2021 03:37:55 GMT
Server
nginx/1.13.4
Connection
keep-alive
Content-Length
0
p
a.audrte.com/ Frame 6C54
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=2m5oK5SwQnJRja1OGUZekugfQ&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=2m5oK5SwQnJRja1OGUZekugfQ&gdpr=0&gdpr_consent=&google_gid=CAESEHs7MsDHG_tBhKtQzyONLvw&google_cver=1
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
HTTP/1.1
Server
34.206.28.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-28-97.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:37:55 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Fri, 12 Nov 2021 03:37:55 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
match
ps.eyeota.net/ Frame 6C54
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=1034124019680978443
  • https://ps.eyeota.net/match?bid=kh51m51&uid=2m5oK5SwQnJRja1OGUZekugfQ&gdpr=0&gdpr_consent=
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?bid=kh51m51&uid=2m5oK5SwQnJRja1OGUZekugfQ&gdpr=0&gdpr_consent=
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
HTTP/1.1
Server
3.121.27.153 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:37:55 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Date
Fri, 12 Nov 2021 03:37:55 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://ps.eyeota.net/match?bid=kh51m51&uid=2m5oK5SwQnJRja1OGUZekugfQ&gdpr=0&gdpr_consent=
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
pixel
ps.eyeota.net/ Frame 6C54 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=2m5oK5SwQnJRja1OGUZekugfQ&gdpr=0&gdpr_consent=
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.121.27.153 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:37:55 GMT
Content-Length
1241
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
VideoBidRequestHandlerServlet
am-wf.taboola.com/ Frame 132F 		1 KB
867 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=462&height=259&pubid=169497&tagid=953497&crid=4711345&noaop=3&sortOrderType=0&cb=1636688275249&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1295&pt=1358769458&tz=0&viewable=true&ddast=V7uckCFgNjSzY4k9p6fwRjSzY4k9p6fwUAAAAGBuIHG7AajngjBoW12012m8VuMhmslrPBYLDaDWEDVsMRb8SgsHa7yW6z2C0Wk9lmNhnNdsspBCLuReR3O5x2i3QgEZpOh891r9f9fne9w263a_xui1ggURkPL8vT7bKbLtKBRO4y_f6Wr7_ksjlcZ9NFLJAI_p6n6em3W6QDicRvOv3dFrFAojn6Lae7w-2ySAcSvcNut4gFEtnD8nTYTRfpQCJzmM2mo-Xv-hkt6jcEBqLpdPhc93rd73fXO-x2u8bv9stcJpflYXZr_K7L6a23nFyWz1viNLnsnrfIb3WL_m7N6W94q4yny8Njetp9bpHD9HDLLH-3W3D0212et97mFlz-VpfH9Ja9LE_Tw_OW-V13k8vyljrcLs9b73W5bC6_HAAAAAAeAI7GYyF-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAAKUqM0AKA4FN7isnxOJ7_l5g8AgAcFEAAAAQwSgAG3phIACbKwEwAAAAAAAAAAlv____8YgL2AaRmAC8CxHoAHH4AHogLFIkYAAAAAW8d2SkeTOqGyqAIAIEi3ArgCAAjok8DxLwoDAAAIEJO9n91VZX-IGVugh8XvNzvsGr_bZQAAAAAAAAAAZv9n_2hCPVwpaUEkUexqv4AAAGu_gAAAbOoGAPAmABdygYFoOh0-171e9_vd9Q673a7xu_0yl8lleZjdGr_rcnrrLSeX5fOWOE0uu-ct8lvdor9bc_ob3irj6fLwmJ52n1vkMD3cMsvf7RYc_XaX5623uQWXv9XlMb1lL8vT9PC8ZX7X3eSyvKUOt8vz1ntdLpvLLzqCVgwGq1OI3XC22I0Wu8HsAAAAAO7-____8WTvZ3dV2R9i9EDGMlrZRiubcTAZGWYrk8kxW84mo9Vw49jNLKaV9zhlZisx0BMR-gIR9yLyux1Ou0U6kAhNp8Pnutfrfr-73mG32zV-t0UskKiMh5fl6XbZTRfpQCJ3mX5_y9dfctkcrrPpIhZIBH_P0_T02y3SgUTiN53-botYINEc_ZbT3eF2WaQDid5ht1vEAonsYXk67KaLdCCROcxm09Hyd_2MFvX9JmwxWk0mm-VwtlxMBsPRcDTan0CuBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBihYNJqvRaLKYDFejyWq2XOx2G6Ro1Wo22gyGq9lkttuthoPhcjTCCVuMVpPJZjmcLReTwXA0HI2GCBOW4WiwWK3cCsNm5hZNHB63cLjZrSWL3WiyGCxXDo9xLXp9TMfhbrYbDLcoGPC3F8FFOhE5PY_X5617mnwu01vvsNstYonmZJFOZJd9xzJa2UYrm3EwGRlmK5PJMVvOJqPVcOPYzSymlb9hGY4Gi9XKrTBsZm7RxOFxC4eb3Vqy2I0mi8Fy5fAY16LXx3Qc7ma7wXDfmG1ms-FwMhvtG7PNbDYcTmajfYfJ9Ex9zkbTX2PwmLzRaDWklJkPCpfB4v1JTItpd3bw_H5Hp8oZeRZ0RuHle_QaFJ6DRzUdn_0617j6tVZU3oNBEUsEp4t0InoZTxexRPK0SCfKmc23nFgcC4trMZzZbM7ZyLMxOVwb22DmMDlcE7FEabpIJ3qZy-SyPMxujd91Ob31lpPL8nlLnCaX3fMW-a1u0d-tOf0Nb5XxdHl4TE-7zy1ymB5umeXvdguOfrvL89bb3ILL3-rymN6yl-VpenjeMr_rbnJZ3lKH2-V5670ul81lUf-xIRdzxXI5VyyGc91olQAAAAAAAAAAljBn3gQAAADgNJDJaDhaLRcAAmdRFxgEAAAAAABg9x5silJb5uuiuPFjCXJ6Hq_PW_c0-Vymt95ht1sZ4MFpkXmzZ4JYq9WyBgAAEMAGAAAIyM6tm7eAMEsO!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=1&pb=0&pagg=3&sd=undefined&dtagid=1205345&dpubid=224845&abtst=adh5c-1_vA!adh5c_vA!t45!ufm&mPre=0.033&cirf=https%3A%2F%2Fwww.oann.com&en=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.5.2/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e4e3e8d170cfa0ec8b64e71fa0dee3cb97ab2f20d7bfe2d11745bfc15c46df30

Request headers

Referer
https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:55 GMT
content-encoding
gzip
server
nginx
machineid
1431
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.oann.com
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
user
ads3.admatic.com.tr/ Frame A8AE
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=admatic
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dadmatic%26bsw_param%...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=1febdac1a0e64b97a0fb4a1976418a77&ssp=admatic&bsw_param=ca55ffaf-b038-4845-a074-417fa5b634be&gdpr=&consent=&gdpr_pd=&expires=7
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=ca55ffaf-b038-4845-a074-417fa5b634be&dsp_uuid=&dsp_id=
  • https://ads3.admatic.com.tr/user?bsw_uuid=ca55ffaf-b038-4845-a074-417fa5b634be&dsp_uuid=&dsp_id=
35 B
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads3.admatic.com.tr/user?bsw_uuid=ca55ffaf-b038-4845-a074-417fa5b634be&dsp_uuid=&dsp_id=
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
H2
Server
188.132.147.235 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-235-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:55 GMT
server
AdMatic
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
x-powered-by
AdMatic
content-type
image/gif
cache-control
no-cache
timing-allow-origin
*
content-length
35

Redirect headers

timing-allow-origin
*
date
Fri, 12 Nov 2021 03:37:55 GMT
location
https://ads3.admatic.com.tr/user?bsw_uuid=ca55ffaf-b038-4845-a074-417fa5b634be&dsp_uuid=&dsp_id=
x-powered-by
AdMatic
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
221
sync
app.retargetly.com/ Frame 0AFA 		68 B
722 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.retargetly.com/sync?sid=e626618d-e18b-4900-b346-8a6c848cdf60&pid=10
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:118d -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pixel.mathtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:57 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6accb97e1e23699f-FRA
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
cache-control
no-cache
content-type
image/png
expires
0
img
pixel.mathtag.com/misc/ Frame 0AFA 		43 B
484 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/misc/img?mop_seq=1:1&mt_cb=476085&check=e626618d-e18b-4900-b346-8a6c848cdf60&mop_top=
Requested by
Host: www.oann.com
URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 -, , ASN (),
Reverse DNS
Software
MT3 4067 88cc6bf master cdg-pixel-x8 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pixel.mathtag.com/sync/iframe?mt_uuid=e626618d-e18b-4900-b346-8a6c848cdf60&no_iframe=1&exsync=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%5BMM_UUID%5D%26pid%3D10&mt_lim=12&source=mathtag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 12 Nov 2021 03:37:56 GMT
Server
MT3 4067 88cc6bf master cdg-pixel-x8 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 12 Nov 2021 03:37:55 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 9A28 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158127&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:37:55 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
rt=ifr
bcp.crwdcntrl.net/5/c=15238/rand=552559904/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20www.oann.com/ Frame AC69 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/5/c=15238/rand=552559904/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20www.oann.com/rt=ifr
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.84.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-84-146.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2fa34589ee4951549fdcd733d7f36ab1c6f68179b0a1b50b98729dae05979228

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

date
Fri, 12 Nov 2021 03:37:57 GMT
content-type
text/html;charset=utf-8
content-length
1241
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control
no-cache
pragma
no-cache
expires
0
x-server
10.45.1.21
access-control-allow-origin
*
server
Jetty(9.4.38.v20210224)
pixel
cm.g.doubleclick.net/ Frame AC69 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=YWUxZWY5ZGJjYzYzYjEzYTY0OTRhY2Q3ODU4MzZjMjI
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=552559904/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20www.oann.com/rt=ifr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tp=ANXS
sync.crwdcntrl.net/map/c=281/rand=380886670/tpid=7051991869510472897/ Frame AC69
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc=281%2Frand=380886670%2Ftpid%3D%24UID%2Ftp%3DANXS
  • https://sync.crwdcntrl.net/map/c=281/rand=380886670/tpid=7051991869510472897/tp=ANXS
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=281/rand=380886670/tpid=7051991869510472897/tp=ANXS
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=552559904/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20www.oann.com/rt=ifr
Protocol
H2
Server
52.17.84.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-84-146.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:57 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.31.8
content-type
image/gif
content-length
49
expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 12 Nov 2021 03:37:57 GMT
X-Proxy-Origin
91.199.118.74; 91.199.118.74; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
fe5e1714-fd3f-43bb-932a-6ea352f667b7
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.crwdcntrl.net/map/c=281/rand=380886670/tpid=7051991869510472897/tp=ANXS
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame AC69 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=1
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=552559904/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20www.oann.com/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:57 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usersync
pixel-sync.sitescout.com/connectors/lotame/ Frame AC69 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/connectors/lotame/usersync?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=552559904/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20www.oann.com/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:57 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
tpid=2365734668697577057
sync.crwdcntrl.net/map/c=10915/tp=TRNN/ Frame AC69
Redirect Chain
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/ae1ef9dbcc63b13a6494acd785836c22/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D
  • https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=2365734668697577057
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=2365734668697577057
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=552559904/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20www.oann.com/rt=ifr
Protocol
H2
Server
52.17.84.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-84-146.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:57 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.25.8
content-type
image/gif
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=2365734668697577057
pragma
no-cache
date
Fri, 12 Nov 2021 03:37:57 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
tpid=ec120d2c-953c-4462-a438-5fad45f00277
sync.crwdcntrl.net/map/c=10158/tp=TPAD/ Frame AC69
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=ae1ef9dbcc63b13a6494acd785836c22&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftp...
  • https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=ec120d2c-953c-4462-a438-5fad45f00277
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=ec120d2c-953c-4462-a438-5fad45f00277
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=552559904/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20www.oann.com/rt=ifr
Protocol
H2
Server
52.17.84.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-84-146.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Nov 2021 03:37:57 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.16.179
content-type
image/gif
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=ec120d2c-953c-4462-a438-5fad45f00277
date
Fri, 12 Nov 2021 03:37:57 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=c2d18b01-4905-4aba-a83e-e41eac932694
Domain
images.taboola.com
URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5e43de85e66e491de5f9be50927ee166.png
Domain
images.taboola.com
URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/34ae3d8438b9f0684092dd84dd25fdb9.jpeg
Domain
aux-log2-ah.adtelligent.com
URL
https://aux-log2-ah.adtelligent.com/scoring/request?cmpId=&scoring_type=20&adId=39B6835BB354F397&aid=500592&pubId=305453&sid=&width=300&height=250&env=desktop&country=61&domain=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&app_bundle=&app_name=&cb=1757793634&sas_id=157
Domain
sync.adtelligent.com
URL
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=dcd0568f-0725-4172-8200-f3ef41aa761a
Domain
sync.adtelligent.com
URL
https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D
Domain
sync.adtelligent.com
URL
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=59aa3052-ff19-4751-90ca-53cfef66db91
Domain
sync.adtelligent.com
URL
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=869d1979-d4d7-48b6-8296-b1c99ad5eb73
Domain
sync.adtelligent.com
URL
https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=f84f02358cfc80548d3f33c7
Domain
sync.adtelligent.com
URL
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=7051991869510472897
Domain
sync.adtelligent.com
URL
https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=YY3hh-hBgT.uGKmO4CBSjQAA%261130
Domain
sync.adtelligent.com
URL
https://sync.adtelligent.com/csync?redir=
Domain
sync.console.adtarget.com.tr
URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=9g0j12fACH6DwS0AE7Em&pi=admatic&tc=1
Domain
sync.console.adtarget.com.tr
URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=502624&extuid=${USER_ID}
Domain
sync.console.adtarget.com.tr
URL
https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D
Domain
sync.adtelligent.com
URL
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=0726f4b9-e46b-4137-a1a7-ad37aab9b12d
Domain
sync.adtelligent.com
URL
https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=f84f02358cfc80548d3f33c7
Domain
sync.adtelligent.com
URL
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=59aa3052-ff19-4751-90ca-53cfef66db91
Domain
sync.adtelligent.com
URL
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=7051991869510472897
Domain
sync.adtelligent.com
URL
https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D
Domain
sync.adtelligent.com
URL
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=869d1979-d4d7-48b6-8296-b1c99ad5eb73
Domain
pixel.quantserve.com
URL
https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
Domain
sync.adtelligent.com
URL
https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=ABn3kU3ZN4YFHSZk
Domain
sync.console.adtarget.com.tr
URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=502624&extuid=${USER_ID}
Domain
sync.console.adtarget.com.tr
URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=9g0j12fACH6DwS0AE7Em&pi=admatic
Domain
sync.console.adtarget.com.tr
URL
https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D
Domain
sync.adtelligent.com
URL
https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=YY3hh-hBgT.uGKmO4CBSjQAA%261130
Domain
sync.adtelligent.com
URL
https://sync.adtelligent.com/csync?redir=
Domain
pixel.quantserve.com
URL
https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
Domain
sync.console.adtarget.com.tr
URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307442&extuid=ABn3kU3ZN4YFHSZk
Domain
sync.adtelligent.com
URL
https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=ABn3kU3ZN4YFHSZk
Domain
sync.console.adtarget.com.tr
URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307565&extuid=b0dee3192cad4487afdc03251ae66aa7
Domain
sync.console.adtarget.com.tr
URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307565&extuid=b0dee3192cad4487afdc03251ae66aa7
Domain
pixel.quantserve.com
URL
https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
Domain
sync.console.adtarget.com.tr
URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=314221&extuid=W2qGeL8bz5ifzoFgKTYZ8pRfsaKvFC5iTcCxYD7t0qNWBKFZWY9INVgP5vsVMiZUihLw86pERq9zpZAGa-BEPA
Domain
sync.console.adtarget.com.tr
URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307442&extuid=ABn3kU3ZN4YFHSZk
Domain
pixel.quantserve.com
URL
https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
Domain
pixel.quantserve.com
URL
https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
Domain
s.adx.opera.com
URL
https://s.adx.opera.com/ortb/v2/pub5644548548544?ep=ep5644764124224
Domain
global.ib-ibi.com
URL
https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=ae1ef9dbcc63b13a6494acd785836c22
Domain
sync.adtelligent.com
URL
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=c5b33dd8-fbfd-4a05-badc-d38f5c8aa507
Domain
sync.adtelligent.com
URL
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=59aa3052-ff19-4751-90ca-53cfef66db91
Domain
sync.adtelligent.com
URL
https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D
Domain
sync.adtelligent.com
URL
https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=f84f02358cfc80548d3f33c7
Domain
id5-sync.com
URL
https://id5-sync.com/c/441/340/2/8.gif?puid=37127328274913860432154452890004927553&gdpr=1&gdpr_consent=
Domain
sync.adtelligent.com
URL
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=7051991869510472897
Domain
sync.adtelligent.com
URL
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=869d1979-d4d7-48b6-8296-b1c99ad5eb73
Domain
sync.adtelligent.com
URL
https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=YY3hh-hBgT.uGKmO4CBSjQAA%261130
Domain
sync.adtelligent.com
URL
https://sync.adtelligent.com/csync?redir=
Domain
sync.console.adtarget.com.tr
URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=502624&extuid=${USER_ID}
Domain
sync.console.adtarget.com.tr
URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=9g0j12fACH6DwS0AE7Em&pi=admatic
Domain
sync.console.adtarget.com.tr
URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=1034124019680978443
Domain
sync.console.adtarget.com.tr
URL
https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D
Domain
sync.adtelligent.com
URL
https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=ABn3kU3ZN4YFHSZk
Domain
sync.console.adtarget.com.tr
URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307565&extuid=b0dee3192cad4487afdc03251ae66aa7
Domain
sync.console.adtarget.com.tr
URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307442&extuid=ABn3kU3ZN4YFHSZk
Domain
pixel.quantserve.com
URL
https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1

Verdicts & Comments Add Verdict or Comment

160 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler string| gtm4wp_datalayer_name object| dataLayer string| em_version boolean| em_track_user string| em_no_track_reason object| disableStrs function| __gtagTrackerIsOptedOut undefined| index function| __gtagTrackerOptout function| gaOptout function| __gtagDataLayer function| __gtagTracker object| ExactMetricsDualTracker function| gtag function| __gaTracker object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| exactmetrics_frontend function| ExactMetrics object| ExactMetricsObject undefined| $ function| jQuery object| html5 object| Modernizr function| yepnope object| googletag object| dataLayer_content function| documentInitOneSignal function| OneSignal string| QP object| qp object| countVars string| disqus_shortname object| embedVars string| disqus_url string| disqus_identifier string| disqus_container_id string| disqus_title undefined| disqus_config_custom function| disqus_config object| wparest object| addComment object| wpa object| wp object| cookieconsent object| headEl object| styleEl string| styleOverload object| FB object| ggeac object| google_js_reporting_queue object| gaplugins object| gaGlobal object| gaData string| pxft_clear_cache_flag undefined| pxft_first_init_activated undefined| pxft_dev_debug_mode_in_pub_env_active_url string| zoneId_pxft string| affId_pxft string| widId_pxft string| widPlace_pxft object| pxft_widget_controller_class function| pxftInitAddStoryPlus number| infolinks_pid number| infolinks_wsid object| __twttrll object| twttr object| __twttr object| DISQUSWIDGETS undefined| disqus_domain number| __oneSignalSdkLoadCount object| _oneSignalInitOptions function| __jp0 boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| _ldStickyConfig object| ldAdInit object| $iceboot object| INFOLINKS object| DISQUS function| disqus_recommendations_config number| google_srt object| google_logging_queue object| google_ad_modifications object| google_reactive_ads_global_state boolean| _gfp_a_ object| adsbygoogle object| google_sa_queue object| google_sl_win function| google_process_slots string| google_user_agent_client_hint boolean| _ldStickyRendered object| _ldAdIdMap function| _typeof object| $ice object| $infolinks object| DISQUS_RECOMMENDATIONS function| getCookie object| ad_data object| data object| TRC number| taboola_view_id object| cmTag function| webpackHotUpdate function| startCMTagMain object| _taboola object| _mNDetails number| lnt_z function| pixFutureAdvertisementEnvironment object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| ima object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google function| _cwpixChunk object| _cwpix object| _pbjsGlobals object| mnet

190 Cookies

Domain/Path Name / Value
www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe Name: logglytrackingsession
Value: 9cd83fcc-6a6a-40bb-8603-4528610395a3
www.oann.com/ Name: AWSALBTG
Value: TwqZaf6g8FAquHuW+YnOYCTNRdsSFBIoK4K9YC6T3sCk/GVS8z4j26LsvLZnHNW+8Hb+XIgHFdNedIX+FOyHyADcE7uKHfEiMzqB3CemmSwlaM28tkLLYLzqgb3CnA6Y/+hSDg/xvmg3VPyCmrLL7bRQSCUxJt4rvQ62JxGAE223+IKf0Ps=
www.oann.com/ Name: AWSALBTGCORS
Value: TwqZaf6g8FAquHuW+YnOYCTNRdsSFBIoK4K9YC6T3sCk/GVS8z4j26LsvLZnHNW+8Hb+XIgHFdNedIX+FOyHyADcE7uKHfEiMzqB3CemmSwlaM28tkLLYLzqgb3CnA6Y/+hSDg/xvmg3VPyCmrLL7bRQSCUxJt4rvQ62JxGAE223+IKf0Ps=
www.oann.com/ Name: AWSALB
Value: /OpFfNjZEZ+12jfKZUi5h33c8Rbs+MNnwI1I50O3h2pHNkpLQ2V5CrmNWMtrYshopb4+ruQFnx7ZO6dfxEHtrrmRuNzvfb9NimSNnulmU7migkUxPAiQ7XJJcgas
www.oann.com/ Name: AWSALBCORS
Value: /OpFfNjZEZ+12jfKZUi5h33c8Rbs+MNnwI1I50O3h2pHNkpLQ2V5CrmNWMtrYshopb4+ruQFnx7ZO6dfxEHtrrmRuNzvfb9NimSNnulmU7migkUxPAiQ7XJJcgas
.oann.com/ Name: _ga
Value: GA1.2.117753250.1636688263
.oann.com/ Name: _gid
Value: GA1.2.739424706.1636688263
.oann.com/ Name: _gat_gtag_UA_98105905_1
Value: 1
.yahoo.com/ Name: A3
Value: d=AQABBIfhjWECELguTJcPfdPmUhEPXSu0HkgFEgEBAQEzj2GXYQAAAAAA_eMAAA&S=AQAAAtwteDLq9EIqnPB6GrNBcEk
.casalemedia.com/ Name: CMID
Value: YY3hh-hBgT.uGKmO4CBSjQAA
.casalemedia.com/ Name: CMPS
Value: 5225
.advertising.com/ Name: APID
Value: UPe54983f6-4369-11ec-a004-02c1570f7238
.openx.net/ Name: i
Value: b3d880c4-ef01-4b4f-a190-5b320a1a2ae1|1636688263
.adnxs.com/ Name: uuid2
Value: 7051991869510472897
.oann.com/ Name: __gads
Value: ID=7a2f33326af15082-22460f4655cb0048:T=1636688263:S=ALNI_MYoDdZID8ASaftpf8b1oJO7x-F78w
.casalemedia.com/ Name: CMPRO
Value: 1130
.yahoo.com/ Name: APID
Value: UPe54983f6-4369-11ec-a004-02c1570f7238
.yahoo.com/ Name: APIDTS
Value: 1636688264
.pubmatic.com/ Name: KADUSERCOOKIE
Value: F7758E58-A6FE-4EE5-A3E4-8A9A780B336D
.doubleclick.net/ Name: IDE
Value: AHWqTUnGSlPYtRWSXLo4YcuWSsZoKanUnV7We_prJaB2g86YDMkm2x9p4EUl2KjXdu0
.adsrvr.org/ Name: TDID
Value: c6f7b90a-8be6-489e-aed8-3443d34fbebe
.infolinks.com/ Name: VRUSERCOOKIE
Value: y-M2iu6oNE2uH9BCA7nc0lZZ320v3ogD.GRbxXZoA-~A
.infolinks.com/ Name: OXUSERCOOKIE
Value: 4be39d0c-5552-4334-ba89-a428969abc89
.lijit.com/ Name: ljt_reader
Value: f84f02358cfc80548d3f33c7
.infolinks.com/ Name: ANUSERCOOKIE
Value: 7051991869510472897
.infolinks.com/ Name: OUTHUSERCOOKIE
Value: y-KhzSmu1E2uH3tu0eyeeWQGgQucq1QaOI~A~UPe54983f6-4369-11ec-a004-02c1570f7238
.tynt.com/ Name: uid
Value: a1RuDWGN4YimUmRwYEt6nQ==
.cpx.to/ Name: cpSess
Value: 6cfaa0481f9babe5
.cpx.to/ Name: dsp_app_nexus
Value: 7051991869510472897#1636688264209
.pubmatic.com/ Name: PUBMDCID
Value: 3
.infolinks.com/ Name: IXUSERCOOKIE
Value: YY3hh-hBgT.uGKmO4CBSjQAA&1130
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-d09719eb-9e0b-4fa7-b0cf-b78a75f3cf54-003%22%7D
.scorecardresearch.com/ Name: UID
Value: 1QY7MWRDUI04VTDGEQPQ4Qg1636688264
.infolinks.com/ Name: ZMNUSERCOOKIE
Value: ""
.infolinks.com/ Name: KADUSERCOOKIE
Value: F7758E58-A6FE-4EE5-A3E4-8A9A780B336D~1636688350838
.eqads.com/ Name: EQUser
Value: UID=0c139b8f-e206-4a41-8b45-759e91db200a
.infolinks.com/ Name: PUBMUSERCOOKIE
Value: F7758E58-A6FE-4EE5-A3E4-8A9A780B336D
.infolinks.com/ Name: SOVRNUSERCOOKIE
Value: f84f02358cfc80548d3f33c7
.infolinks.com/ Name: R1USERCOOKIE
Value: RX-d09719eb-9e0b-4fa7-b0cf-b78a75f3cf54-003
www.oann.com/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3Da284015e-a03f-4bac-8837-21742109eac8-tuct8876708
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSNrS0NDS3MDc2NDQxMDCyNDM2NhPiM9SNyPOKSskMcCwxiLCQ4jU0MzYzs7AwMjMxt7AEABJqXSE0AAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSNrS0NDS3MDc2NDQxMDCyNDM2NhPiM9SNyPOKSskMcCwxiLAAADhRLi0lAAAA
www.oann.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
www.oann.com/ Name: _lr_retry_request
Value: true
www.oann.com/ Name: _lr_env_src_ats
Value: false
.adnxs.com/ Name: anj
Value: dTM7k!M4/8CxrEQF']wIg2C%9rNVK:!@wnf-Te9(>wL5L!!'0i$V4<2
.infolinks.com/ Name: ZTUSERCOOKIE
Value: 1991787311400296336
www.oann.com/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%22c6f7b90a-8be6-489e-aed8-3443d34fbebe%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222021-10-12T03%3A37%3A45%22%7D
.adx.opera.com/ Name: UID
Value: e2bc6fe82f7441b486ad9edae3a07ac5
disqus.com/ Name: __jid
Value: 65skr1f3rabs18
.disqus.com/ Name: disqus_unique
Value: 65skr7j38ph8s2
.rubiconproject.com/ Name: khaos
Value: KVVTXO0H-1B-H0V7
.rubiconproject.com/ Name: rsid
Value: 1|A9CsNFoQ5K/DWCet2ogsIBP0vIhaOOWfliBRT/qkfmAh+urPaQTjRsKcZLjliObLRXOqtD6qDAuneV3IXSeRTVvE8QI6g1Y1yk4Vad3QREh28zX8YKRfI6r+JKnHMVn/BdTLwVQPPUDx
.technoratimedia.com/ Name: tads_uid
Value: GDPR
.admixer.net/ Name: am-uid
Value: 1febdac1a0e64b97a0fb4a1976418a77
.spotxchange.com/ Name: audience
Value: e67ad1e9-4369-11ec-b9ca-18b2794d0206
.adtelligent.com/ Name: vmuid
Value: c67d3b015d24dc04
.taboola.com/ Name: t_gid
Value: 99df2d6b-f89a-491a-82d2-cd98d43c0b1a-tuct8876709
js.ad-score.com/ Name: token
Value: ylXkHyRYRuznr-1kbp-qhhnHFbQtvAVt
.media.net/ Name: gdpr_status
Value: 1
ads.us.e-planning.net/ Name: CT
Value: 1
.e-planning.net/ Name: E
Value: ABn3kU3ZN4YFHSZk
.360yield.com/ Name: tuuid
Value: 869d1979-d4d7-48b6-8296-b1c99ad5eb73
.360yield.com/ Name: tuuid_lu
Value: 1636688266
prebidserver.pixfuture.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhZG1peGVyb3BlbnJ0YiI6eyJ1aWQiOiIxZmViZGFjMWEwZTY0Yjk3YTBmYjRhMTk3NjQxOGE3NyIsImV4cGlyZXMiOiIyMDIxLTExLTI2VDAzOjM3OjQ2LjE0NDE2NjQ1WiJ9fSwiYmRheSI6IjIwMjEtMTEtMTJUMDM6Mzc6NDYuMTQ0MTUzODk4WiJ9
www.oann.com/ Name: pmtimesig
Value: [[1636688265861,0]]
.media.net/ Name: visitor-id
Value: 2796898669860212000V10
data.ad-score.com/ Name: token
Value: YMldWzTEvEPPp-tbcs-ZQnABjAxGyTZr
.bidswitch.net/ Name: tuuid
Value: ca55ffaf-b038-4845-a074-417fa5b634be
.bidswitch.net/ Name: c
Value: 1636688266
.bidswitch.net/ Name: tuuid_lu
Value: 1636688266
.creativecdn.com/ Name: u
Value: 9g0j12fACH6DwS0AE7Em
.creativecdn.com/ Name: ts
Value: 1636688266
.openx.net/ Name: pd
Value: v2|1636688267|gekin0vNiygu
.admanmedia.com/ Name: admtr
Value: 8905320fd96316601b5036f2c7ff5ee29069c9b4
.zeotap.com/ Name: zc
Value: 74fce569-a1fb-458a-4d4b-310e90dafe31
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YY3hiwAAAbzr6wBG
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 4
.pubmatic.com/ Name: pi
Value: 156631:3
.pubmatic.com/ Name: DPSync3
Value: 1637884800%3A201_197_219%7C1636761600%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1637884800%3A220_161_71_165_231_81_176_54_8_166_238_22_234_99_88_189_21_7_56_230_204_222_13_3_55%7C1637971200%3A35%7C1637280000%3A15_2_223%7C1639267200%3A203%7C1637539200%3A63
.adform.net/ Name: C
Value: 1
.adscale.de/ Name: uu
Value: b0dee3192cad4487afdc03251ae66aa7
.mathtag.com/ Name: uuid
Value: e626618d-e18b-4900-b346-8a6c848cdf60
.quantumdex.io/ Name: uid
Value: f5da6221-280f-4c52-ae01-77e4f57e7ed5
.adform.net/ Name: uid
Value: 1034124019680978443
.agkn.com/ Name: ab
Value: 0001%3ADDgVKXHeYpeILNkxVXp5qBaY1IGwpSw4
.richaudience.com/ Name: avcid-zeo-uid
Value: 74fce569-a1fb-458a-4d4b-310e90dafe31
.smadex.com/ Name: smxtrack
Value: fe0ddc46-6c7a-4dd8-a657-5157ab353f6f
.tapad.com/ Name: TapAd_TS
Value: 1636688267577
.tapad.com/ Name: TapAd_DID
Value: ec120d2c-953c-4462-a438-5fad45f00277
.adfarm1.adition.com/ Name: UserID1
Value: 7029522580518533270
.weborama.fr/ Name: AFFICHE_W
Value: 6lyBfV5rAEvq59
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.turn.com/ Name: uid
Value: 2365734668697577057
.tidaltv.com/ Name: tidal_ttid
Value: bde59542-35d0-4d0b-9379-d1802b89ac9e
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pbw
Value: %24b%3d16950%3b%24o%3d11100
.demdex.net/ Name: demdex
Value: 37127328274913860432154452890004927553
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-YY3hiwAAAbzr6wBG&KRTB&22978-YY3hiwAAAbzr6wBG&KRTB&23194-YY3hiwAAAbzr6wBG&KRTB&23209-YY3hiwAAAbzr6wBG
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7029522580518533270
.ads3.admatic.com.tr/ Name: ARRAffinity
Value: a3afa4c7d8a1717c24f9e5c055497ba8e77c70734474352b729f4d8ad64748ce
.simpli.fi/ Name: suid
Value: 8AC5227B8F2D4D5C8108AA8B2418A4EF
.erne.co/ Name: u
Value: 5EUJvoksFrJIRubrTtzNXzX5
.onaudience.com/ Name: cookie
Value: 791808e36d706488
.onaudience.com/ Name: done_redirects219
Value: 1
.bidr.io/ Name: bito
Value: AATrDk7DG8MAAD0EfyumLw
.bidr.io/ Name: bitoIsSecure
Value: ok
.de17a.com/ Name: guid2
Value: 1.4178678748820002827
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-5EUJvoksFrJIRubrTtzNXzX5
ads.playground.xyz/ Name: connect.sid
Value: s%3AbDrJBdgTcFhxTb3gOKy6YoWIFHzP9iKy.89JKKLGQJ8EgUFuTglfT2sO1qacP6RUKbI6m0mMT8GI
.iprom.net/ Name: UID
Value: 188361944838372
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-d09719eb-9e0b-4fa7-b0cf-b78a75f3cf54-003%22%2C%22nxtrdr%22%3Afalse%7D
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17107-RX-d09719eb-9e0b-4fa7-b0cf-b78a75f3cf54-003
.smartadserver.com/ Name: pid
Value: 1193297337061439951
.smartadserver.com/ Name: pdomid
Value: 18
.pubmatic.com/ Name: KRTBCOOKIE_1277
Value: 23327-188361944838372
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0sjQ2sTK0MAIA4mVolgkAAAA="
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.adsby.bidtheatre.com/ Name: __kuid
Value: 4be53025-df31-49af-be1a-b56284350068.405902267
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-4178678748820002827
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEGlm5kMxiRmVI3zl98Nic6c&KRTB&16514-CAESEGlm5kMxiRmVI3zl98Nic6c&KRTB&23025-CAESEGlm5kMxiRmVI3zl98Nic6c
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-7051991869510472897
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-1034124019680978443&KRTB&23263-1034124019680978443
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-2365734668697577057
.dpm.demdex.net/ Name: dpm
Value: 37127328274913860432154452890004927553
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-no-consent
.krxd.net/ Name: _kuid_
Value: OegNzdQw
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-c6f7b90a-8be6-489e-aed8-3443d34fbebe&KRTB&22918-c6f7b90a-8be6-489e-aed8-3443d34fbebe&KRTB&23031-c6f7b90a-8be6-489e-aed8-3443d34fbebe
.rqtrk.eu/ Name: browser_id
Value: 1:eeb359ba-bbf4-488a-b902-f90d1d92215f
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:e626618d-e18b-4900-b346-8a6c848cdf60&KRTB&16736-uid:e626618d-e18b-4900-b346-8a6c848cdf60&KRTB&23019-uid:e626618d-e18b-4900-b346-8a6c848cdf60&KRTB&23114-uid:e626618d-e18b-4900-b346-8a6c848cdf60
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-2534e355-8d2a-4b92-6d71-5baca1e710d7.btytIcStjV1s3y3bG0qvpFk2pKo7nqp5BOK2cRWaTow
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A0-2534e355-8d2a-4b92-6d71-5baca1e710d7%24ip%2491.199.118.74.2IZR%2FML974Fay7hgm1NiPN7eHqHZUfFeFDPHCuTzBlc
.analytics.yahoo.com/ Name: IDSYNC
Value: "192u~21hf:18xp~21hf:192m~21hf:18z8~21hf:192w~21hf"
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: ae1ef9dbcc63b13a6494acd785836c22
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQSEw1TE2zTElKTjYzTjI0TjQzsTRJTE4xtzC1MDZLNjJiAILE3ofdIBoKAHVMC50%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBI7H3YDaSgAAAdDgJb"
.id5-sync.com/ Name: callback
Value:
.sharethrough.com/ Name: stx_user_id
Value: 5ee363ec-65cc-449b-b60a-7f7f20c864da
.fwmrm.net/ Name: _uid
Value: "e3d5b_7029522584806888373"
.tribalfusion.com/ Name: ANON_ID
Value: aHnseFolXVjQuWx7J3gJHk9ZdrOtAIbc9ka292sZbrkFjcMNSaQiDEZdarXORE5IZdMR0fq6U8VwrROZd3bv73icy
.casalemedia.com/ Name: CMST
Value: YY3hh2GN4YwA
.zeotap.com/ Name: zsc
Value: Q%CE%FB%0C%10ixy%F4%40Q%F1%99%A7%A1%99%5C%2C%92-%FD%3B%CEeX%93%3D%21H%C0%B6LA%2A%24e%A1%97%F5v%BC%A3e%E7%C6%9C%E4%AE%FB%B1%ECW%AB%BA9%0F%E6%22H%15%FD%8C%15%3A%99V%FB%89%DB%C3%91%E3%D3%CE%60_%D0R%DF%A7%AF%BDg%EF%E6%CCB%81%A5%0A%EA%3E%97%F2h%D5%21%5BdL%10Qd%02%04%A4%98%3D%05T%B1%3B%E1nF%A7%CBK%3A%B9%AD6X%268Cb%C8%28%FC%BD-%96%B4%BFx%15c%7CD%5E83%F2%12%F8%E5%D5%18%EBR%DF2%FF%2C%D1%E2%0D%C6%CE%29f%D9
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-ca55ffaf-b038-4845-a074-417fa5b634be
.pubmatic.com/ Name: PugT
Value: 1636688268
.w55c.net/ Name: wfivefivec
Value: LlpRG4f11MLnnS5
.id5-sync.com/ Name: 3pi
Value:
.w55c.net/ Name: matchcasale
Value: 5
.owneriq.net/ Name: si
Value: Q6899746681820172104
.owneriq.net/ Name: p2
Value: cc
.acuityplatform.com/ Name: auid
Value: 621636589522
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqAOPqNdXNlck1hdGNoaW5nSWTQkWxhc3REcm9wVGltZU1pbGxpcyUBPkRHEGiCmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAT5ERxBogo90aGlyZFBhcnR5VXNlcklkIfv7hnZlcnNpb27C+w=="
.id5-sync.com/ Name: id5
Value: 344063d4-d9e7-452e-9374-984bb87217fc#1636688200857#3
.ctnsnet.com/ Name: cid_85f7bf4f457c40a9be37d17b39dda0d9
Value: 1
ads.stickyadstv.com/ Name: UID
Value: ca13c73c8557c1ea999aa5f7ee61c97
ads.stickyadstv.com/ Name: sessionId
Value: 84ebc276efe1a0db2d3454217546f2e
ads.stickyadstv.com/ Name: uid-bp-34673
Value: YY3hh-hBgT.uGKmO4CBSjQAA&1130
beacon.lynx.cognitivlabs.com/ Name: UID
Value: 485a810d-9b8f-4f0e-b9d0-5b5a9c7c902a
beacon.lynx.cognitivlabs.com/ Name: ss
Value: 0wzCldx9AbA8aPNe9zf2JOKLLrDJy2axoYp%2Fgp4ZjHYIo20iy8IJ%2B%2BpNJg3oldFJv3HSEQCafSkkCvTRSpzBEg%3D%3D
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAAPvFyGtoZmxmZmFhZGZhbmK8ShzBNzG3sAQAas977iAAAAA
.casalemedia.com/ Name: CMRUM3
Value: bc618de18b05a00&bf618de18c05a0&98618de18c2760fb11b811-7f6b-44fa-b783-950c97ba75f9&c4618de18c05a0&29618de18b05a0&51618de18c05a0&39618de18c27601991787311400296336&05618de18c05a0&49618de18b05a0&5a618de18c05a0&be618de18c05a0&2f618de18c2760LlpRG4f11MLnnS5&b0618de18b05a00&33618de18705a0&c3618de18c2760av-100b4fc9-99f8-4b85-97b9-d02dd4a6b1c1&f1618de18705a0&04618de18b27602365734668697577057&08618de18b05a00&0a618de18c2760621636589522&ee618de18c2760&e6618de18b2760&ef618de18c05a0&dd618de18c2760&58618de18c05a0&ce618de18c05a0&28618de18827600c139b8f-e206-4a41-8b45-759e91db200a&41618de18b05a0&27618de1870b40&69618de18c05a00&6f618de18c05a0&1f618de18b05a00&82618de18ca8c0&2d618de1882760CAESEDNsXh2tMPR6aZuAd9_tMaI&7b618de18c2760JTTjVY0qS5JtcVusoecQ11vHdko&2e618de18c05a0&40618de18c2760no-consent&da618de18b2760&9c618de18b05a00&03618de18c2760e626618d-e18b-4900-b346-8a6c848cdf60
.criteo.com/ Name: uid
Value: 59a0fd47-78f2-4211-9c1f-b57eb8662cd2
.adscale.de/ Name: cct
Value: 1636688269106
.scoota.co/ Name: tuuid
Value: 250d99ff-4f19-41bf-9933-7171b6bc8197
.scoota.co/ Name: c
Value: 1636688269
.scoota.co/ Name: tuuid_lu
Value: 1636688269
.m6r.eu/ Name: test
Value: true
.ads4.admatic.com.tr/ Name: ARRAffinity
Value: 6d5f484226af83dfdde56afc72d45dddd2d42137481faa4e016eb129cc21a476
.m6r.eu/ Name: cct
Value: 1636688269228
.m6r.eu/ Name: id
Value: 04c4e7fa811ab4a9976792abbb0dc1e6
.ih.adscale.de/ Name: tu
Value: 4#2990083672#48~04c4e7fa811ab4a9976792abbb0dc1e6~454635~0~0#101~~454635~454635~2#39~e626618d-e18b-4900-b346-8a6c848cdf60~454635~0~0#40~59a0fd47-78f2-4211-9c1f-b57eb8662cd2~454635~0~0#42~1034124019680978443~454635~0~0#75~7051991869510472897~454635~0~0#108~e626618d-e18b-4900-b346-8a6c848cdf60~454635~0~0#63~YY3hh-hBgT.uGKmO4CBSjQAA&1130~454635~0~0
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwiIheDA-uWSOhAFEhgKCWJpZHN3aXRjaBILCKq5g9D65ZI6EAUYASABKAIyCwiqsYb9kOaSOhAFOAFaCWJpZHN3aXRjaGAC
.creative-serving.com/ Name: tuuid
Value: ea42f397-30e5-42ff-b633-a265db3204f7
.creative-serving.com/ Name: c
Value: 1636688269
.creative-serving.com/ Name: tuuid_lu
Value: 1636688269
.pubmatic.com/ Name: SPugT
Value: 1636688269
www.oann.com/ Name: _pubcid
Value: 5ae18910-b3eb-416a-bfbf-9c59cd227aa4
www.oann.com/ Name: cto_bidid
Value: kS5YgV9samNMNlplJTJGYTJKZUxUSWVxMnIlMkZZRTJoY0pkMVdqeTlGb1liVm5SNFJob0c1ZXVPSDBsSmNQdlglMkZaOHloTnZQaEslMkZFazJJejMlMkJhWm80aCUyQjl4QWtzczVCRFdpZ0FsM2hRTWZDd3M5dm5udyUzRA
www.oann.com/ Name: cto_bundle
Value: Dp3gR19CSFg1Znp5WnBYVGd3NkFRNlkxZmJFSzFEZFl0b01sb3UlMkY2VGY4ZmZBWExtSkxPaG42UzJud3ZiYW1SQ2RqWnBuckc1Q1NGc0hFRnU4ajhoWCUyRlJuZFJoSG9mQVZkNEwlMkJYSmswbFQ1N2VUbXBtMUtabzdoNFF0WnFkNFdhVmRvZlFaZ01VZ0FwNzJyakFSb0tiVEpEbmclM0QlM0Q
.go.sonobi.com/ Name: HAPLB5A
Value: s56132|YY3hk
.adnxs.com/ Name: icu
Value: ChgI3sJXEAoYAiACKAIwjsO3jAY4AkACSAIQjsO3jAYYAQ..
.gumgum.com/ Name: cs
Value: true
.gumgum.com/ Name: loc
Value: SfolTs1ZIlPB8MVKEK8IyKSvg4rUpAiO8hszRu6MQdzACEQ3JcDkYSa8DRCNeggG0fBGwtx48QFx6rhvmHaJKjYTFocZQy6uZ_Dn94038kpcRXAVFOf9dw
.gumgum.com/ Name: vst
Value: e_bee7f5ba-0941-47a7-ac46-c27fb81a1b49
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qo+y2INraU+Z6Q/Fn9jJ2Tlph+Ceuqbr/f24WPzaViPwUos1AfStxCi3oyl1M4TyBDAUJ+gL7gixUQapqKP+myFAizhfkn5jms=

52 Console Messages

Source Level URL
Text
network error URL: https://content.jwplatform.com/players/qfycdXMQ-fQdxgz20.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Message:
Failed to load resource: the server responded with a status of 403 ()
javascript error URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=c2d18b01-4905-4aba-a83e-e41eac932694' from origin 'https://www.oann.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=c2d18b01-4905-4aba-a83e-e41eac932694
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://aux-log2-ah.adtelligent.com/scoring/request?cmpId=&scoring_type=20&adId=39B6835BB354F397&aid=500592&pubId=305453&sid=&width=300&height=250&env=desktop&country=61&domain=https%3A%2F%2Fwww.oann.com%2Ffederal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe%2F&app_bundle=&app_name=&cb=1757793634&sas_id=157
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=7051991869510472897
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=f84f02358cfc80548d3f33c7
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=59aa3052-ff19-4751-90ca-53cfef66db91
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=869d1979-d4d7-48b6-8296-b1c99ad5eb73
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://sync.adtelligent.com/csync?redir=
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=YY3hh-hBgT.uGKmO4CBSjQAA%261130
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=7051991869510472897
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://id.rlcdn.com/709414.gif?gdpr=1&us_privacy=1---
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=59aa3052-ff19-4751-90ca-53cfef66db91
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=f84f02358cfc80548d3f33c7
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=7a93850a-2288-44dc-46b8-44a249f537ec&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=869d1979-d4d7-48b6-8296-b1c99ad5eb73
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://sync.adtelligent.com/csync?redir=
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=74fce569-a1fb-458a-4d4b-310e90dafe31&reqId=7a93850a-2288-44dc-46b8-44a249f537ec&zdid=1361
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=YY3hh-hBgT.uGKmO4CBSjQAA%261130
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://sync.console.adtarget.com.tr/csync?t=a&ep=307565&extuid=b0dee3192cad4487afdc03251ae66aa7
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://sync.console.adtarget.com.tr/csync?t=a&ep=307565&extuid=b0dee3192cad4487afdc03251ae66aa7
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://sync.console.adtarget.com.tr/csync?t=a&ep=314221&extuid=W2qGeL8bz5ifzoFgKTYZ8pRfsaKvFC5iTcCxYD7t0qNWBKFZWY9INVgP5vsVMiZUihLw86pERq9zpZAGa-BEPA
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://idsync.rlcdn.com/461886.gif?partner_uid=YY3hh-hBgT.uGKmO4CBSjQAA%261130&&gdpr_consent=&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://idsync.rlcdn.com/461886.gif?partner_uid=YY3hh-hBgT.uGKmO4CBSjQAA%261130&&gdpr_consent=&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
security warning URL: https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/
Message:
Mixed Content: The page at 'https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/' was loaded over HTTPS, but requested an insecure element 'http://www.example.com/'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security error URL: https://cdn.pixfuture.com/pbixcw.js
Message:
Mixed Content: The page at 'https://www.oann.com/federal-court-orders-bidens-doj-to-stop-extracting-data-from-phones-of-project-veritas-founder-james-okeefe/' was loaded over HTTPS, but requested an insecure frame 'http://www.example.com/'. This request has been blocked; the content must be served over HTTPS.
network error URL: https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=59aa3052-ff19-4751-90ca-53cfef66db91
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=7051991869510472897
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=f84f02358cfc80548d3f33c7
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=869d1979-d4d7-48b6-8296-b1c99ad5eb73
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://sync.adtelligent.com/csync?redir=
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=YY3hh-hBgT.uGKmO4CBSjQAA%261130
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=ae1ef9dbcc63b13a6494acd785836c22
Message:
Failed to load resource: net::ERR_EMPTY_RESPONSE
network error URL: https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://sync.console.adtarget.com.tr/csync?t=a&ep=307565&extuid=b0dee3192cad4487afdc03251ae66aa7
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://id5-sync.com/c/441/340/2/8.gif?puid=37127328274913860432154452890004927553&gdpr=1&gdpr_consent=
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
a.audrte.com
a.tribalfusion.com
aa.agkn.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad-cdn.technoratimedia.com
ad.turn.com
ad.yieldlab.net
ad4m.at
ads.adaptv.advertising.com
ads.avct.cloud
ads.betweendigital.com
ads.creative-serving.com
ads.playground.xyz
ads.pubmatic.com
ads.stickyadstv.com
ads.us.e-planning.net
ads.yahoo.com
ads01.groovinads.com
ads3.admatic.com.tr
ads4.admatic.com.tr
ads57.adtelligent.com
adscale-emea.adnxs.com
adservice.google.com
adservice.google.de
am-match.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
ap.lijit.com
apex.go.sonobi.com
api.retargetly.com
api.rlcdn.com
app.retargetly.com
aud.pubmatic.com
aux-log2-ah.adtelligent.com
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon-ams3.rubiconproject.com
beacon.krxd.net
beacon.lynx.cognitivlabs.com
biddr.brealtime.com
brain.rvty.net
bttrack.com
c.disquscdn.com
c1.adform.net
c21lg-d.media.net
c2shb.ssp.yahoo.com
c3.taboola.com
casale-match.dotomi.com
cdn.admatic.com.tr
cdn.adnxs.com
cdn.onesignal.com
cdn.pixfuture.com
cdn.syndication.twimg.com
cdn.taboola.com
cdn1.lockerdomecdn.com
cdn2.lockerdomecdn.com
cds.taboola.com
cm.adform.net
cm.adgrx.com
cm.ctnsnet.com
cm.g.doubleclick.net
cm.smadex.com
cms.analytics.yahoo.com
connect.facebook.net
content.jwplatform.com
contextual.media.net
core.iprom.net
cs.admanmedia.com
cs.emxdgt.com
csync.loopme.me
d.adroll.com
d.turn.com
d2pggiv3o55wnc.cloudfront.net
d5p.de17a.com
d75550029ba183372abcd49096ced8df.safeframe.googlesyndication.com
data.ad-score.com
de.tynt.com
dis.criteo.com
disqus.com
dmp.adform.net
dmp.brand-display.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsp.adkernel.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
dzm0ugdauank9.cloudfront.net
engine.widespace.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fra1-ib.adnxs.com
g2.gumgum.com
ghb.adtelligent.com
global.ib-ibi.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
green.erne.co
gu.dyntrk.com
gum.criteo.com
hb.emxdgt.com
hblg.media.net
hbopenbid.pubmatic.com
hnwebcontent.s3-us-west-1.amazonaws.com
i.e-planning.net
ib.adnxs.com
ic.tynt.com
id.rlcdn.com
id5-sync.com
idsync.frontend.weborama.fr
idsync.rlcdn.com
ih.adscale.de
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
images.taboola.com
imasdk.googleapis.com
imprammp.taboola.com
inv-nets.admixer.net
js.ad-score.com
js.adscale.de
js.cookieless-data.com
lg3.media.net
loadeu.exelator.com
lockerdome.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
match.taboola.com
maxcdn.bootstrapcdn.com
mug.criteo.com
mwzeom.zeotap.com
nep.advangelists.com
oann-push.s3-us-west-2.amazonaws.com
oann.disqus.com
obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com
odr.mookie1.com
onesignal.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pbs.twimg.com
pips.taboola.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.mathtag.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.sitescout.com
pixel.tapad.com
pixfuture-inv-nyc.admixer.net
pixfuture.technoratimedia.com
pixfuture2-d.openx.net
platform.twitter.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-match.dotomi.com
prebid-server.rubiconproject.com
prebid.media.net
prebidserver.pixfuture.com
prg.smartadserver.com
ps.eyeota.net
pubmatic-match.dotomi.com
px.owneriq.net
qsearch-a.akamaihd.net
r.scoota.co
referrer.disqus.com
res-a.akamaihd.net
resources-rt.idx.lat
resources.infolinks.com
router.infolinks.com
rt.idx.lat
rtb.adentifi.com
rtb.gumgum.com
rtb.openx.net
s.adtelligent.com
s.adx.opera.com
s.amazon-adsystem.com
s.console.adtarget.com.tr
s.cpx.to
s.e-planning.net
s.tribalfusion.com
s0.2mdn.net
sb.scorecardresearch.com
scripts.poll-maker.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
served-by.pixfuture.com
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssc-cms.33across.com
ssc.33across.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stats.g.doubleclick.net
sync-t1.taboola.com
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.adtelligent.com
sync.console.adtarget.com.tr
sync.crwdcntrl.net
sync.e-planning.net
sync.extend.tv
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.quantumdex.io
sync.richaudience.com
sync.search.spotxchange.com
sync.smartadserver.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync.tidaltv.com
syndication.twitter.com
taboola-supply-partners.tremorhub.com
tag.1rx.io
tags.bluekai.com
tags.crwdcntrl.net
tempest.services.disqus.com
token.rubiconproject.com
tpc.googlesyndication.com
track.adform.net
tracking.m6r.eu
trc.taboola.com
u-ams02.e-planning.net
u.openx.net
uipglob.semasio.net
um.simpli.fi
um2.eqads.com
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
usermatch.krxd.net
usermatch.targeting.unrulymedia.com
vidstat.taboola.com
visitor.fiftyt.com
warp.media.net
wf.taboola.com
ws.rqtrk.eu
www.example.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.oann.com
www.privacypolicies.com
x.bidswitch.net
api.rlcdn.com
aux-log2-ah.adtelligent.com
global.ib-ibi.com
id5-sync.com
images.taboola.com
pixel.quantserve.com
s.adx.opera.com
sync.adtelligent.com
sync.console.adtarget.com.tr
104.111.215.191
104.111.218.85
104.111.242.245
104.111.242.53
104.154.142.214
104.17.120.107
104.22.34.177
104.244.42.72
104.92.74.8
13.225.78.128
13.32.121.17
130.211.115.4
132.226.41.106
135.125.160.160
141.226.224.32
141.226.228.48
142.250.185.130
142.250.185.162
142.250.186.162
143.204.101.81
146.0.227.109
146.59.148.16
151.101.128.134
151.101.130.49
151.101.193.108
151.101.193.44
152.199.22.191
154.59.122.79
157.245.94.128
162.55.233.29
162.55.6.210
169.50.137.182
172.66.41.9
173.231.180.197
174.137.133.49
178.162.133.149
178.162.133.150
178.250.0.157
178.250.0.163
178.62.202.251
18.156.0.31
18.184.122.71
18.193.90.196
18.195.155.181
18.210.180.232
18.66.112.87
185.183.112.155
185.239.173.210
185.29.134.244
185.33.221.184
185.64.189.112
185.64.189.229
185.64.190.79
185.64.190.80
185.86.137.131
185.86.139.95
185.94.180.125
188.132.147.235
192.132.33.46
192.229.233.25
195.5.165.20
198.47.127.19
198.47.127.20
198.8.71.129
199.232.192.134
199.232.196.134
199.232.196.64
2.16.186.43
2.16.186.66
2.18.233.201
2.18.234.233
2.18.235.93
2.21.140.74
2.21.141.148
2.21.141.175
2.21.141.232
2001:678:cb4:bbbb::11
204.62.13.72
205.234.175.175
208.100.17.177
208.100.17.186
212.82.100.182
213.155.156.182
213.19.147.42
213.19.147.44
216.52.2.19
23.111.200.118
23.37.42.132
2600:1f18:612b:4232:542e:84b1:1361:c28e
2600:1f18:6593:f606:b0c3:6468:eab1:934c
2600:1f1c:adc:8702:a95e:4e18:d5c4:5ec8
2600:9000:214f:fe00:1:a3fa:7cc0:93a1
2600:9000:223c:9200:b:6268:b880:93a1
2600:9000:223c:9800:9:da2a:f240:21
2600:9000:224a:2200:6:8656:f5c0:93a1
2600:9000:224a:8600:f:4f64:8940:93a1
2600:9000:2250:ce00:a:deb0:3380:93a1
2600:9000:225e:5200:a:cbb7:a940:93a1
2602:803:c003:200::27
2602:803:c003:200::41
2606:2800:134:1a0d:1429:742:782:b6
2606:2800:220:1:248:1893:25c8:1946
2606:4700:10::6816:118d
2606:4700:10::6816:397e
2606:4700:10::6816:4acb
2606:4700:10::ac43:db6
2606:4700:20::681a:5da
2606:4700:20::681a:a9c
2606:4700:20::ac43:46b8
2606:4700:3039::6815:c057
2606:4700::6812:bcf
2606:4700::6812:c05
2606:4700::6812:e134
2620:112:f002:bbbb::23
2a00:1288:80:800::7000
2a00:1450:4001:801::2002
2a00:1450:4001:801::2003
2a00:1450:4001:802::2001
2a00:1450:4001:803::200e
2a00:1450:4001:80f::2001
2a00:1450:4001:810::2002
2a00:1450:4001:810::2004
2a00:1450:4001:811::200a
2a00:1450:4001:813::2003
2a00:1450:4001:82b::2006
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200a
2a00:1450:400c:c07::9b
2a02:2638::1c
2a02:fa8:8806:12::1400
2a03:2880:f02d:100:face:b00c:0:3
2a04:4e42:600::300
2a05:d018:24:b002:2591:850:d183:b9b4
2a05:d018:d29:3605:dc78:e42b:b41a:32a0
2a0c:5c81:5139::2
2a0c:5c81:5147::2
3.120.154.132
3.121.27.153
3.125.99.7
3.127.51.194
3.216.236.90
3.223.81.219
3.234.149.51
3.69.177.113
34.102.253.54
34.107.148.139
34.149.20.76
34.206.28.97
34.240.234.119
34.251.73.26
34.98.64.218
34.98.67.61
35.156.156.223
35.157.138.20
35.157.246.167
35.158.25.241
35.186.193.173
35.201.81.244
35.201.96.126
35.227.248.159
35.227.252.103
35.241.40.233
35.244.174.68
37.157.4.28
37.157.5.142
37.252.172.250
37.252.173.215
37.252.173.22
38.27.122.101
38.91.45.7
46.249.52.248
5.178.65.245
5.178.65.252
51.15.145.115
51.75.146.160
51.89.9.251
52.17.35.107
52.17.84.146
52.211.82.61
52.212.206.16
52.214.44.171
52.218.197.161
52.219.112.161
52.223.40.198
52.4.244.165
52.46.130.91
52.86.199.207
52.94.222.140
54.174.249.39
54.217.170.69
54.228.52.99
54.36.109.48
54.77.45.99
54.77.47.243
54.78.254.47
54.81.39.163
54.87.192.123
54.93.162.63
63.33.204.129
66.155.71.149
68.183.31.14
69.173.144.138
69.173.144.165
70.42.32.63
72.251.244.142
77.243.60.138
82.145.213.8
85.114.159.93
87.98.242.60
88.214.206.142
89.163.211.233
89.187.169.47
00a57617df99ac957720b7332f9d15449def3ebe11169d68f12c47a3cde5168d
014f2fb8d253cee4da7966e085bf836310d85793e5ab4291489a6add2b123e6a
017c24c0a041dd849371f5f5729cd2f4d0924367580ae9ecdb55df31a37c91cc
0196cfc8f556d47bd607f54161d7333ae82128ef857e827e31c512306f9903ac
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
02f5363481a4d55b7b47f26b738d5fa53cb048002f7abc1b2b9e92e2971fc7c9
03029f972fd23e76501c39218d0397ce49c8a304199e1c7577c28b7143dd3c16
06f3af3fe52542d40ad9bc14ec03e04deaabd09ec369221cc8f536db1c72bf55
06f89ab9c622f568c59c74a39d4de767e5393c83cc66cffe303448ee90635f0e
07da2935c92c8a4a6a27193384d954a4438c92581d2ca37f12cc05201dba955c
0835e007437d5ddb873d5d886cebf2889e941fcd6f35448ea7eb8d1135226320
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
0aac4439e169aeac5ee124b32c7911e6ddcc1f449f1feb5cce5a0c9b74ea5b27
0ab97734a7744ba95b6c3a25f32fc74029cae9a8b0e65b0f7bdeb4d1ba7b2d70
0aef66ae8beacbd1a45728d49fbb1ffd00e3a32df01b917e88ec3774f492203e
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c68188eac99450ac0c0d867b1253b2da1ac0cd4748cb79adc18177c8cd11eb6
0ca2c3cee1dda8ca8de830549e62c096abc0b3dde90e58c72378dc451e068bbb
0e8670554443313b972c10ae1a34baeb408d060fc5e82c6a358f77d7e98dd15e
0ed1c3286a6ba3c0a33bc718523533985e5251a0be066b9662c4cecea592995b
0ef6bb12ff01a4a03c00ae073a6e3d370654e4901f6885d9a527c9258310affd
10f87e4a89b00cc660c5c2a5c6f5fe66dfd1acff76b974157a14153279561645
11c401a81e32b086bea3798c033009907b429fb601411da6ffc266b78184898a
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12aaf2788b6138a9c74705c2d1c2936341d3e7df5a1f090361deb37e445d5eb9
1326c88d831faec75944c75ab8fb61c5e5c18ade4c6a3fa2de16baafdc64ec97
137c0416ec641d0d523a0bd4c8d68d03c3de580545ca756a25255a6532bc5155
139822e4b0e1237d59693b8d48f726883bf1de2d1aef5e5cbb47feafc03577a3
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
14b1cedf41b79647670c249f9d36bf7542bf00123f37e386b2b6cf4357bf2a0e
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a
14d8652ed0f92c5935b9bab14a9544401ebe915c88707c932771c8d8f810a47a
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
162523b35a7ab39f1e12b85b48dc5dc53d51b867c4ac7490a6e1851f72f59b61
16891285b266a3bff718eb9a69c310494b54fc1c0a09634be8eb1644d9d7620e
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18cbfcb608af5885f7916274b60578d32006c90e8fce3d98dbcc89a646707608
1aa48a9de85d1a16d46de251581f3e393675dc13ee98af91e43dd1dee0ef3cf5
1b06f6eded11ff8b7479fc181ceecb377f3513b886274c301b0e92a731311667
1b91dc3d5f6d07d1933b317d9438a9986c835f6a1e7b08353431985339a14b50
1c16d359799173133e18a819d52cc11f512cf022753f70835260515ef8142a1d
1e19cd0114d128362c000a6cc35cd95bc20b8bfd78a637f3cc90a66b86319eca
1e23fb9560e31703b4f578b59d8b95bbaa090e04ed41e03a88809558e433ee00
1e765599e57a6f2aa2cbc16cd2a53d620e4be033ddf93f0ba3ce5adbf037dd20
203a4bdab26266b358deb62aa3878818363aa615edc7e1b361110d1cc2165a51
2069ee225073a115f31dcfbfc8e645967697bcf1d9b8f56d56b0aed8943d9f93
20a91bd509668238b6af8e16475c5e2611bcd2861d0eec2e0d4f6815e81449bd
2203ba5dbc62526475f18514711d21ee4dd08d411feb7fcdfc2f20184c8ff2e6
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
2427ed994cef14dd1cc30416a02b5439ee0201cd32666635fedbe2e67125844a
262e6b45416f835d1aec802b8067d0aed802755980a4ca681b4797d7546da2af
2677df61dcb4f4fe66f3ff2485e53c25c463545841c02470b418b84ac0f927d6
270774d8d3d0a48bbf341155afc69ecd9bc1e0681f7196b1cfc96e82f5b280f6
270b0bec4335dc02366aee6ded737cd4f6700b5b2a313f392deacdfcf9de55c2
279165340fde9c5e5ace9ac2edd77824664af98da8f6e0f55c6b4a7cdea822df
281f947111a733c6009b4fc8381e7d94ff15f0bb6a5f26ef5ebed934543ffae4
282891b3961bb82bfa9850b4b003d09b309c4ac8250ee56592172c165047373a
290cb5d09439fb608eeeb01483d09a76d15f0056e3ff581a1a3d645f5ce9fb21
29201e2275ecd3faf6436840999293d1c29403a6e6b1d7ad010553c0a91e5e68
2962366af5f14c37bae31a5b4a50c018178b239b00d48bff335e28d4142637f6
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2c1582c1dab7b77ffca68fec091dddc182e87610ec23245a3086fd44eeb148ac
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f325ae6eba35146be280cb1b42f68dda3d172bc2e0213ac9c35c4452dad1317
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2fa34589ee4951549fdcd733d7f36ab1c6f68179b0a1b50b98729dae05979228
308120494d42a2dacd0acb8afae08f28abade21a9e73c382339db07b0a001418
3088ffc994cfe5f4d8124fdee9f1d9ee9796d408dc24eabe91f4e3255b24855e
30ad7518daae9ffbd368abe59ea5ee79784e4ef502c36d0db941d4d2a246d5bc
323b6662d9788c619fc12a07918d99a2f0c43fe9913394b0f131bb42c6eef7b3
326d45f48fbcd78c8f93975cbd92fb5b67b062ee4662bc0d9fa5826327aed2f5
3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
33aa4838b28dc0e8a3a432547061468fb23b9ea056acee71149f79048f427329
33f61e1b1da141e3e09aea8f1ec365a3e82eaf521c651746acbbae4d0f273ec7
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
348ee38cb62aba4eb75d387a79fc0a7bbb28db6bf01f5e2ee45face1dd843656
3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8
367b336953d10eea5173c10869a8a0b913a5f473d6a172741d46955afbe9b516
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3728eb45dd0faa881ad853be38741e331181cf409e599c6879c847c55b71fb66
373d499fc663925468122681df40e34455d7883c2c1ebba57aa22990fc38853c
376b71acfc81e9af8b707d78e0734ea7b92836f7b95603e7ee755ca480dfd49e
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
38e1bf8b6674d1c70125bd849347eb61009d66b5d347151e5f34ec9f5bd0f59a
39c4e9e3a5714108a69e934ef49c8530fdc630018fb4eb109a45ea8b6f8dae8e
3c5f344eb440a1e901820708b5cae5266fa6733f9b94b61f2b42fb680866553e
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d79329e6529c7ac5dd55fdbc5221cc4433c2378c5dc1a22dd2d3733df13db05
3e794c04b637d0ab7344e0f70a3c85656bdaf55c59ec00a9ec8c046cfff2f70d
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3eee15d11eb29b6f2258cabfeeca39b3b900a7cae96fc7919b27789f3470b9f9
3f485a122de319ec8a3a203958f96f6002aceb4fbb3fc90112ed5d89c33dd453
3f73deee728e30afb499760c87623eb1bf65458f573f365fe0e28d6fd2a83d92
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
402ad6873594f3308b4c812c4a5e608a6f34a44144d29d6a20a1779675609184
4037ad36db89a971610367dabb16099abf41eb1d29146c2e350e346279426923
4236ada867af85bf8aed5839abd0d5caf64eb90f4e160c8b5f5981a7fa1a538e
432a267b5e20a714faba62a8bb5d8dc1418720c3bb3f30cbcc4de99e4da3d30c
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660
45df10c585e01c07a3602ed16c1c6842d2572d6b15bceff9cb1f58256d330e31
45f5114900c291f2b5d4120d6585cefd6bdee557b3349fe7ba6e66d1e65010ed
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b4c01757303b6567b8c984b5667c981225ea2d78b186759d3a70fce56fda6a8
4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c
4d958aa0fe56b2c9ef407522721c72a3f0ac4f0ae063a2e2d05c134b7a79fa85
4d99030f4ae0496cab5c7cdad10c76e87f764fab489fccf954d6c94ce8e68faf
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e14ce1bd0d4433eee84cbb16196a7a051126f07af888ef7f9d252120f32f907
4e2ff4dda6510591e0123ec9153d0dd7f35a566566df7095694625e6c654e527
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f540b83152e248e6e91fa4a5531491abb7617488015a8f3fd558b0ab123da72
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
4fdfc2bd71909fabfa4c79a8a6a38cc8b84c701490a598bafe53c4009746e9ce
50220e17cab884e8434ddebac500b7f0954f16911908d2eb70608b8994ec10ae
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51cc0d749aebcaec5b799a00addf02b6850608c3bf5a5146ed58b6debcb5ecd1
534308905b03350e6935979797b8aaa1b096eb48fd80f5ec7e98a262ec01eccc
536386f4e5a08dcde004ad0d24c4ea816a2054ba53f5da25ebb12fa4493f693f
54128f43fe22cfade00cfdfc5f1edb418ff90e52d482bd33f6299b3af907f42d
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
556172885a172763c715eace05597d5575ee4d4f2df6b61d723f4666b0a730a9
55cef1e7c3d6b5e16e101f3e5d948830aba8dff4a055eacbf02049b94dd8123b
55ec41b5c759372819d3a13fa2683b3d1372d871e445f19952c86a26e6b2ba4a
5831cf65691e9641ba88d67fecf90d415d799b5b8b8f5fcc8627bde2bdea0f87
58cf8489a2f6023e23bd078d2097b544947563d09741fc8e3d877dc7bd03b870
58ed344732766704ee535508e3dcd8d4a8ec0c9c79d16adf02293adde110926c
5a047caf3001106af3953c7a389cc558b150fb54c95add7f26d037ea543b5290
5aff69d480d13dc5ad5001ac0e4bf82abaaf11e822ee3206272d7d8a5f62e4f7
5b497b3dea8511b361da644850f9a576c982e26ce7b18754c5c82f50f4049024
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5beecaeceee4fae5080c40d2ad96dd7c0b7e5a9bc242fbe2b99ab1276aaaae94
5c8d982e95c7ec847815c750b1948bd3cb2e007cfc04298036fe98f8f6af7756
5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1
5f188be3dcb944ab17761f8d70348dd1aaf1b0cdc1737d16f0651013d1a37975
5f22f93097418fecb40a35a45376b92d57e5dcc08fa809470e94b285c8119f60
5f7c01ee2020bb9618cd98b1647ef05d7178606b6676411baa8d3effc0c564fe
5fae79754e7af92e6afadc3060797e3d35188221e60d63d0625f66cf921e7ebb
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
60baaf4f82b895ab5a9f9947a8aca7148452b756d64fc7844f0e357eeec1b29d
60c6565dc4af986490c60907f5c62642b3435afee9b6ee2af562becfe62f32aa
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
622b2acb1b2c8d4eba45b028583b297a195b839f4684fc02d6906c84779f763d
6258018e9f890f2383a09a2be6df7792affd977d856e7247ace8341f5b5487f0
6260ea4c4d663dec4483a6a7d98f65e5f55d9e82a23195b3d6f9a4d1ea6365a8
62b58b017cf4d54dc404dbc48e49b0429cbbb46678a868a95bf17664cc6340fd
62f3a786e694b5c0ea068b3267e019ec7de62fb98fbebffdfbd425f1cd99a86e
635a679e77bd1aff2de028aeacf8fee3186d3a8fb5cadca8f47323280eb28958
64c41a6752147d6209ab9377bd28d1970be83a0a8d8617dfa4ea8dddf0516194
6572640d21e523ae2e62df79b201ef4956696631333f0edf0a042e9dee698b2e
661c7e52ab729827d1197b6dbcc2354e0502dbc43d707821d7bca06e55e3b611
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17
69e615dc963e9890b35ca128ee5f0ff61730b0de2922ec6ff59924fa706f358d
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c0cdf727021e74378a034573724ec61f489e640d24073bbe3b69ee23081842d
6c3ac5f04e3df9fde31ea8ee0b6f72ead168d628a18411272637ae86f127aade
6e82757514589c6f362b3644143fcede1594f85e1afbf3451800478002138e97
6fb68421a36469862d282355231ad2ed9721295167f92a9dd905ccfb1b85b185
709033745e0a4c31005075fbee6efd0625b52ae985cfbd0dc9efba6cd0e935b2
70a91ff28e00f21ffce781dd7dcd46bf6f51f7f5dc41a1dbbd301651220bc86f
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
727ac58055a5dc2a26c255eb338193b7117889703406214be4de6f90b102bfcc
7409f3121e09f9154aea54dcb9f50fce06993c9af4f8fc13bc314cca4a6b7a8e
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7
78539656ca15b12695cce6f6f08950ce1062fa79d34dd584cdb06e204835c98f
792e8d90eda8320b9bad0aa1aa9b98cb609ac3a72a642e6d370f40131c88ebe4
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
79b780ca7eda8c4620e1ff9152c08980cf1ae11a214984ffe0e678e9e697e684
7a349630f46773b993f243b2ef0f26a88304fde74466717161d74b09c6a9fd2f
7abdd47254800f35ffef0fc434fa7fcf432e13651b27670b2e6f8e08143d4b00
7b3e6aa198b3a8e48f7496e05c31718b21c7e31896b80d2a33b508623fa8ecda
7ca703a20171d4d4440daefb529292d7720e3bb2b0aa1aa6d797228bcd3b762c
7cf9f1cabbd31f0e4b89199b94c1474db634a3c2e14f3f4dd6e0820d30acdd5a
7d7f79852df44c08a9884dc38e91e18bcff7592516a815af7d8bd4041412be68
7da5be1d950ae8789e74fc4ecd37704bb3f8753b04f33bbd446366c05739a4b4
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3
7fc216fee39c00f17a733e086d08aadf680e01adff58039b50acc53dda3ac5c5
7ffd50cc01f20a5a0968fc9f6e8d12e41e19579de86b0f5efd5e12d72b37a94e
8090af20104c50526a349e51793e49b7137541702b1a88e30a204d04e40b394b
81dfa1841c94c956d3535e59d54f5f4911b6bacdf3e4eb7c9ae71acb62a8b272
827e2fb9659d0bd68c134a325e7ca5f990b1b13dbcc74a9cc513cff878f6be9b
82cf013cb80335ea02233a8e96ca1b56f5fe18e0e9cdcc375249f775f103097e
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
835e0f43f4e82cb51c71996064baf3f81f8086a32ebc7076e908d56ab44b07d0
8374538d37b7f0bd9b60b4088b2e6aa893e5bc763d6e738acdaef83df8ffec91
83e252cab3c54193e9c6488bc6422c6c50ad10432db7029c171cf6257e1788c5
84326647214c7d75e10c5f86929914bed369a9319ddd49f66c686b9e6358c3c7
84dca2f378544701cd80e4054a7508a2e073ebd3e859b8040a03f083102b2a09
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8608511f76a65e92cda9d88b8f90dc46a4310d60af3e19d810e9982ba86a1580
86094af8d89a39d87451398f387cf6d59bf48e032492c1b27c3489ed9b2d42f9
86753168014c73316c076268cd4f9859f3240a193ab2334b2839f1f741a7245e
86825242f6d00d72098ec198ad35f620d0543e171ee8d80555f0374a1930b523
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
86d0b0c5c5ac215d1bccc0057a9e5aeaf96554438e7eacc1c8d53f9f3f827b26
890aefc340c1b2efe49d71cad4618a6c13ac793d2ce7e4d51d301c96393836c4
8976261e1c09e6901543f013c604e2e327d4ca2ff3fa2c91b47de824b50233da
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
8b3922fd96f223ef4f5d679419e6091c578c064cb55ab411455bf9d408f4c15c
8b5cbe512fbb056de7aa42963d3bac7e38adb05e32fbe6f502b4fad3cabf57fc
8ba5b2963298db951d653f1a2378652be4bfe1ff9e0285e82db2276851595275
8c279d80304face4fdc120ac0dae45285ed8732be51bdeabf3338779f12e0a59
8c6fd8717d86c8dfe9a40fdc7b86770c0581553efebc75894fa8cf9f2bc501d6
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e60f604f0ca5f472149b3e3a02c184ae1082ad59b54ce7eb26c1b6ff51ccfc4
8e7c0b0b1c36228ba736e564a00405f72bf3b6bcfe6ac826cde2b6b9c14e55ea
8ec557ed8555d3cb93e4466a2637e8bbc8a20efe8aa5aa102544cc168102d7fc
8f17e6ab66f753955a8f620351c7c63951a1a24171826a136c1f7de59487821d
8f1e92edea86889c5da671420464709cd9c01be51e8625864c6d1daf11fb3f1a
90b62f0ed726b758ae26bc50483ca39c9a5dd7f4e49d7114da4cf1c793ba3517
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
9135c54bdc74af02675fa38a2e7fa98b4b90eae92dc62a090f8282b90fbf4b93
91b4eb09154d5ebef46352e922194ec6dbb9547b63f9776ae10133fe1ca66879
924ac8f37c4dfc21e89fc7c2a3ce3c56a82366510c9f14edcef590b0ef05affb
926920b5793853b247a3f9af35fb90b852a2d96b13998d9f548e61e320f891fd
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
954cf82356dc90e3a5c0e1d4ae4eea01026abd90f817835021c3d9a5268a83ac
95c423bf8171e23d66d1b74a7f5bd90ad1806e8a3bea717280f9d71577389230
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
970dd3acc590a51d3e6a25f7fd7fed8f23a19fb0c9a6e7f47d82e02e1bca14c6
9863c7532e26b3e9a2e1ac1d7ee7d96bc03db512a2af9174aa5c1d07046376cd
989a1ca3de18cdb86b7ab664351121e8a469c04c1a76e806510f2efab660c28b
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a100f564ded3c93fd598b36241490797749f34b6106b8d6d5a03e0ac0138599
9a51d368f4b4535ae579968fd1310dc13ca006b5e0aaf43be65114030cce1a9e
9a596350b901576cea15bc919726dd4a8bf883c34de0e87c82726f869bc52f47
9a9221ee8b4730f3592ab36f32fc1a10d849ba192e39e3dca5489c6c60a75b09
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
9de0c624dcd4b5b32b884bf6351dd4adb8bce35cca074e05e2fb7a016598fc31
9f6b10bd30551a0ade08610e627c713f427caef9436c8ab8920faa327cb149cd
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0be76c911338a04a147d23494fe0bba1e96cb78a4c6efce737b072466c8a346
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a3806b2818724156cfafd1ac4f55f7af017ec8e067e64378c20b0cba71877b65
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c16846b9a682488c0d0f6afc74bab563faf25514fddcba5f7309ecb07cfb8c
a569fe02ec65c50d14570786b117a41adc594c4a924e0b4e43728ec44d57e87b
a58aee6e8647697a305cd3d4e54abd6738d0ef436e7ad1f9c70ebce915be740c
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a6d8b4fd932c77f091df092303087ebc50c0200922e2af2cc61c45b6194e486b
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a79955973f6f386e4e317ec831b9580352ba8ca9a29303f1d6b6a50cd98d0740
a7e10dbfb0283c0817331b260e5d431bf49b969e3ff862292752c747bdf39e1d
a9e402d2d19f1057cdea09b2152d8cfd35664182564595e19bb83916c1f00201
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa081436fdbf78060847f4dbd6cc95f88a435c2f995e03aedf16cae94bb48762
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad08bd3100213ec0dee3b3dc030401d6d98c9e61f5719e6296ed7cbdc6ea3588
ae733b9a5011dd7716f6275ac04b36ad3914ab17ce7db3d478b7a3086aa70114
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b0c27484f38fc3167519675628eb57247accdae03d07acae005b8988d0e916fa
b140c537a223b755f3a45d701e25f2557d89dca616066708638c5400c0f3043f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1a85e21ff9fb900f35f49ca67d4904a300f99ec3a318dd419fcf1782b81584b
b3f1f93859a2104ef47ed5748dd9ffb8ac68f057689bc07646cfeb9900b77620
b42eeab1e47440d5c643843a8da40cb28c8ba0bb3e930b5d99281a8dea5772f4
b49c16c9ff5eb6a3215c8fb60d2af437b51553818e478106b24ad635114e6204
b4dcbbe14a62e52bbb905f1f9573264faedf08d615c85c8471802b6a2a1ea7b7
b54f7550fb5c53daaf188123be7a73c666dbcff4f38f8b67af2b659106c3117d
b80503769f93f6a16ff30faad333d7f84dba9d9f710aeccd6bf9730b3090a656
b81b1b23f846c683e794ab0aaef7ddec499721e3f8941ab37e6587794d1309bb
b97e05411def19f898ee5b52a8241d47780894133d4176dbafd074fbc9f90af6
b9a441f9dabed6feda1876c11a790ca636201a388128b3b987693568e87e3588
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b
ba39154bd7149e8299feada594c3dd79d015f723666eab8914be71527d698ec6
ba5bf9aba1e50f7225c71ba355a9a0c03eb83ad935d7229fe1b0b5330e3e596a
bab164d85e467a11e91cec9a64238e29bc0e5b0d6d8c107ebe2a4f19a7e99ac3
bae0b6cbc6f070c5e7422511065ecb1afe95c4bb3bdda660101d1a031f8b53e1
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbb30c5c06dabed2796745f02af57ee71a6dcd45f89448107e24ceecc993313a
bcc298eddb0f020a4cfb205cbd9e1c384fbd450e5506e3b800d34c34c85227be
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bdbbe5e9f87c0197dac7dccdb9272f91fbc97f81ed24bdfe21ef0071708d1941
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
c005bebeb5195e82ff1b44a0fa077fa5caf64c65d6f3b273b44eef2ce156213c
c1953f92894756642d3835b2417dea2ca6d28ee2c1b0a7107046e563f8eb6c03
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c4482b18aa93b29aa8401644ecb3cc7ca605e00ed3e7892db392a9bba073f3dc
c4f47f9a48f357e3dd9cb87e83ad0034056a120e99c5846664bf93a012a4dbf8
c6420ab9ec6ebff1cd61333dade6ba9ac879d3617a59334148672dee6af12fec
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c77635bc84046a156d29be1a71dd276b585139b9b4549975c3b3c8d275d9b53b
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
c8a7ea184c79a6f61c400968314d03aae7c327f03efc03603f6a3cbada7bfb9a
c98f8e5ce9cd7e49eb8eeb510a7bac80e404a64f75d2897b76e34d5a24e43a25
c9d8377d09d9654db42ea9df09415c65c5737cbedd4d7b3d985aa05e7243e126
cabf86a102a56ab21cb1993bb7af697f8a53e0f462032c970b01603b9d206ee6
cac00f312350cd2b09ce67f834aa731eb8efffb4b9ab8f0d26842e677ab94e22
cb34d27bca125b742bee85f479c0bb789630c9f12410df9f4913de21d474a256
cdb4939073b6ab25481d5a68e8bf45ee05433bcdef9f1d3429e76002f96546d3
cea0a05c5af6e21a409875328ed2e3dba79131b7c41f8ea07d0e0e02c7b7b59e
cf1ea092633db48d56088c6998f565e2c0d3103af54dfe7836b8c796fe1c06c8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfdc6f4b2e861359d96877f83a28684ba1033e8c87e432ef4334334fa20aac3f
d032d6b09e7fa595cb942c8ef3f80cea401618adb42195e60e5726dd31ba2c2a
d22884064f4d7b34e4a0c7ef2767d21363923c795416100088d9d910a32a63c5
d287da709652059aee8af366398fb5597fa3bf2e9cbe53b7c8ffe3da44f19ff8
d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f
d490f2efc64637640a21c5282a89dd22344e58974641bc7bbbfa4c7e4dc8648e
d78d4b74032cd48fef0edeb4703055cb67870a4288f2df561cbc049bab44901f
d7c5c35f7746ceb139d99b6117625878ecbeeedffcdbb51022ae7072c87619b0
d7d9c1d4f1f0febaccc2e98ae2589d9e92939768a8e5b7bf54cf594d44e756c6
d837a8bd2d9d0030c7dc50304ecc5f7c83ca5d0992cf58eecd61079d35f83dba
d8a2fc19b3c25b470b6b7a2cb69be14e22328bc0bf9adfe709f0b1477fc61525
d8cfde7308130f69a80a90b1348c7f7c77b3dfdedca2317f5ac41312fdb0527c
d9c895d200224618020ba6c844060d7edf258372a85b9140b36aa4177b895590
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
dab4e8e5049584bfe935b784b24f987bb12df253a775384fd355cf733b2d53d0
db865c8f3642f3485829c0ee0008fe04a32cc66af70867b39f60395a7fed3984
dbffe4825c6ba1f19ff48607381ad4384b0609b64998830502c130f00abe887d
dc44d654c412b485a7400ada34d96858a48749b2adb29c4aefc86db1d2bacc92
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ddc6aec4144b67f0a2a12d687f3c4b8a9faf7c445847d0e25dcb5bd1a9ba9018
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dea787fa2e8aa2e14e3e7b4a165efcac57c45bd84ed28ae8dba9aecd36f69bc7
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
dfbdff6c9f2de2d75edb5ae49d26a9c0af81801b17de08739e32b738ef23058e
e03658321fdfd30bcaa04ac2e4847d993cd8abcb14550362f97580853b436b0c
e0b9d0cc1376193e1d78446be128eb5144880d5b261915637ac790c876f23f2b
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442
e1b4d7a7f8a7d8dbbf69a27da147dd5d5f181388992272b1e731b046e215320c
e2c00e8c51ba79b5cd736fec373f82e5f3394d2ceedad43ba267e7bcc661b034
e36bee9cb76dfe1db7283acdcdb0d9a74776df04ca9f0d80cb73293bcefcd35f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e422b07ca1550e55cd90a518e910fd3cfb4d9337ea6092357f9761aa77ac9e33
e4b08b4c83b80b97cad34596332e5222d097e42f9056d6d6e850ccc4816aa38b
e4e3e8d170cfa0ec8b64e71fa0dee3cb97ab2f20d7bfe2d11745bfc15c46df30
e548abcd8734bfcf8b4ebbbca1af98f9e8ae1e0ff884c0971f29498a4fc108f4
e5666efd9a26f31d299ff0215a2cda39e0130ef2b365b5a18661cbe7ec69bd82
e5e71f609207e1f387db728ac3a8ee88a53cd4e2dc33573c0fbf8541fa5e00ba
e64e67c256798fb5beb64f3e6a7237f9bfa4033995d2094bec58a3887c97086d
e64fdd9ff113af56f4c6fdcc6ee3c4492d6ad8ca3444f42b582209796c3fec12
e701021368721bd45df75ad78eda197dc778c25c50fbafec6e261e81d4114e0d
e7901b9815a7d439aff721b6e19824fef964eda8d4fac16d2fd675e5d9763992
e9ee435bb558cce6a9456b7eab8a24c6606aea5453f092d2c82e67346d3f43eb
ec3d70e648d63289d1283547779064750d191f158d3c04d28d724a339573eb55
ec51195add94402ceaea3b24b63d2ad584d9c28ab69def13f6ac0ab5e409f37a
ecd1f316ff37fc94ab8056f09acba90296150766dbfeacf42179937a5654ebbe
ecde72bc5d9fd5bc5150218535ae8f75ad9161924b91e64b7995c495fc90c246
ed748eabea3237e3fa0cac6fb04d0b8e64f937cf5a717105ed3dc1f3c6e0e20d
ee973cd8f7747455ef48e93aee97bd3cd8175ebb8b67594f7edd2018809ad120
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef391572f9fbb7bab7fef6ce2c4fc92ad68a8c148889a79cb9f9b1452d851fab
f1135dafbb1912c95202ea1cd2394738b62dfbbb4d8ca24697c143e6008b05ce
f16325589ca7976fc981f1ddf10121f470164bf6c326694632c5288e8a608a78
f29d04ee0f5958ea024817ae15ffbd3e6f15dfd6c741c1927a6d8c7b3fbd3e38
f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5
f2bfdbf7d2df8d37016a17d53674d2799bb77996a763bf2bee8b1f604dd31a9f
f6322dd58c45c38fb430b9d673a5bccdcdbcf19681870e03c163e7595fd13646
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
fb603fb9eb626a56cef3f9d4f148dc6b6501d7408b5a35f475459e9099234be9
fc4331ba98f21b5e91c42f93623eac7feff7ef8ce546e3c15cebfd4af4c26d37
fc5f29439ef2baeb44cdeca3a21fa045dfdd4244969aa3d136c96ccba4e98b64
fea09e4a9d33b00dc8fd1c86941b21949588a97b2f0d6331de0174e397e38850
fffe97b001b8fcdf22a1729219a8e6c95a7f2f8b6675253006a261a978ab3863