Submitted URL: https://i-quiz.12up.com/
Effective URL: https://www.12up.com/
Submission: On October 18 via manual from US — Scanned from US

Summary

This website contacted 65 IPs in 4 countries across 43 domains to perform 161 HTTP transactions. The main IP is 2600:9000:2510:aa00:f:8f3b:1200:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.12up.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on July 29th 2024. Valid for: a year.
This is the only time www.12up.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2600:9000:280... 16509 (AMAZON-02)
1 1 44.241.188.24 16509 (AMAZON-02)
1 2600:9000:251... 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2600:9000:261... 16509 (AMAZON-02)
2 2600:9000:251... 16509 (AMAZON-02)
1 2600:9000:251... 16509 (AMAZON-02)
22 2600:9000:23c... 16509 (AMAZON-02)
2 2600:9000:251... 16509 (AMAZON-02)
3 2607:f8b0:400... 15169 (GOOGLE)
2 142.250.80.99 15169 (GOOGLE)
5 2606:4700:20:... 13335 (CLOUDFLAR...)
4 142.250.65.226 15169 (GOOGLE)
1 18.238.80.48 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 108.138.106.56 16509 (AMAZON-02)
2 108.138.115.149 16509 (AMAZON-02)
13 2a02:6ea0:c40... 60068 (CDN77 _)
2 157.240.241.1 32934 (FACEBOOK)
1 151.101.1.91 54113 (FASTLY)
1 4 2620:100:a00b... 19750 (AS-CRITEO)
2 74.119.117.17 19750 (AS-CRITEO)
3 141.95.33.120 16276 (OVH)
1 18.164.96.40 16509 (AMAZON-02)
2 18.164.108.113 16509 (AMAZON-02)
1 13.35.93.23 16509 (AMAZON-02)
4 23.203.179.38 16625 (AKAMAI-AS)
2 108.138.128.124 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
1 18.164.116.85 16509 (AMAZON-02)
1 3.229.119.146 14618 (AMAZON-AES)
2 35.201.67.47 396982 (GOOGLE-CL...)
2 35.190.91.160 15169 (GOOGLE)
2 35.190.59.101 15169 (GOOGLE)
2 4 68.67.179.164 29990 (ASN-APPNEX)
3 195.244.31.11 63140 (IGUANA-WO...)
2 2620:100:a00b... 19750 (AS-CRITEO)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 141.95.98.64 16276 (OVH)
9 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:ae80:145... 25751 (VALUECLICK)
1 11 44.239.104.45 16509 (AMAZON-02)
3 3 15.197.193.217 16509 (AMAZON-02)
2 2 8.28.7.83 62713 (AS-PUBMATIC)
1 2 69.173.146.5 26667 (RUBICONPR...)
3 3 34.111.113.62 396982 (GOOGLE-CL...)
3 4 142.250.176.194 15169 (GOOGLE)
2 172.240.155.108 7979 (SERVERS-COM)
2 69.194.240.13 26120 (RHYTHMONE)
1 1 74.214.194.131 19189 (PULSEPOINT)
4 2600:1f14:5db... 16509 (AMAZON-02)
3 52.85.61.61 16509 (AMAZON-02)
1 142.250.81.232 15169 (GOOGLE)
1 2a04:4e42:200... 54113 (FASTLY)
3 2620:100:a00b::4 19750 (AS-CRITEO)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 172.64.152.89 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2600:9000:251... 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2 34.120.107.143 396982 (GOOGLE-CL...)
1 35.244.159.8 396982 (GOOGLE-CL...)
1 142.251.40.194 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 13.249.91.104 16509 (AMAZON-02)
1 142.251.35.164 15169 (GOOGLE)
1 151.101.129.108 54113 (FASTLY)
1 142.250.65.238 ()
161 65
Apex Domain
Subdomains
Transfer
23 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 1450
a.ad.gt — Cisco Umbrella Rank: 1552
p.ad.gt — Cisco Umbrella Rank: 1739
ids.ad.gt — Cisco Umbrella Rank: 1464
seg.ad.gt — Cisco Umbrella Rank: 1970
pixels.ad.gt — Cisco Umbrella Rank: 1626
proton.ad.gt — Cisco Umbrella Rank: 8121
27 KB
23 minutemediacdn.com
assets.minutemediacdn.com — Cisco Umbrella Rank: 25657
images2.minutemediacdn.com — Cisco Umbrella Rank: 15491
268 KB
17 userway.org
cdn.userway.org — Cisco Umbrella Rank: 3272
api.userway.org — Cisco Umbrella Rank: 3171
cdn77.api.userway.org — Cisco Umbrella Rank: 6982
306 KB
8 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 461
mug.criteo.com — Cisco Umbrella Rank: 3626
bidder.criteo.com — Cisco Umbrella Rank: 745
2 KB
8 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215
cm.g.doubleclick.net — Cisco Umbrella Rank: 283
185 KB
7 skimresources.com
s.skimresources.com — Cisco Umbrella Rank: 5242
t.skimresources.com — Cisco Umbrella Rank: 5359
p.skimresources.com — Cisco Umbrella Rank: 6587
r.skimresources.com — Cisco Umbrella Rank: 4927
23 KB
6 privacymanager.io
launchpad-wrapper.privacymanager.io — Cisco Umbrella Rank: 2496
launchpad.privacymanager.io — Cisco Umbrella Rank: 2070
geo.privacymanager.io — Cisco Umbrella Rank: 1904
ats-wrapper.privacymanager.io — Cisco Umbrella Rank: 1893
100 KB
6 amazon-adsystem.com
c.aps.amazon-adsystem.com — Cisco Umbrella Rank: 5265
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 651
c.amazon-adsystem.com — Cisco Umbrella Rank: 345
aax.amazon-adsystem.com — Cisco Umbrella Rank: 457
83 KB
6 bqstreamer.com
stats.bqstreamer.com — Cisco Umbrella Rank: 24243
config.bqstreamer.com — Cisco Umbrella Rank: 26614
18 KB
5 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 267
secure.adnxs.com — Cisco Umbrella Rank: 479
acdn.adnxs.com — Cisco Umbrella Rank: 613
5 KB
4 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1096
106 KB
4 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 522
cdn.id5-sync.com — Cisco Umbrella Rank: 994
31 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
386 KB
3 adtrafficquality.google
ep1.adtrafficquality.google — Cisco Umbrella Rank: 233245
ep2.adtrafficquality.google — Cisco Umbrella Rank: 204383
19 KB
3 openx.net
oajs.openx.net — Cisco Umbrella Rank: 2849
google-bidout-d.openx.net — Cisco Umbrella Rank: 2781
485 B
3 criteo.net
static.criteo.net — Cisco Umbrella Rank: 776
44 KB
3 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 446
1 KB
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 373
2 KB
3 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4000
visitor.omnitagjs.com — Cisco Umbrella Rank: 806
2 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
21 KB
3 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1011
bcp.crwdcntrl.net — Cisco Umbrella Rank: 976
26 KB
3 privacy-center.org
sdk.privacy-center.org — Cisco Umbrella Rank: 4674
173 KB
3 12up.com
i-quiz.12up.com
12up.com
www.12up.com
46 KB
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 503
197 B
2 colossusssp.com
sync.colossusssp.com — Cisco Umbrella Rank: 1632
404 B
2 rubiconproject.com
token.rubiconproject.com — Cisco Umbrella Rank: 486
2 KB
2 pubmatic.com
image2.pubmatic.com — Cisco Umbrella Rank: 867
727 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
3 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
72 KB
2 gstatic.com
fonts.gstatic.com
36 KB
2 geoedge.be
rumcdn.geoedge.be — Cisco Umbrella Rank: 2158
211 KB
2 mmctsvc.com
cdn.mmctsvc.com — Cisco Umbrella Rank: 23105
186 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 3
1 googlesyndication.com
ab1ed7f8143955b8e254c8d3ceb9ca41.safeframe.googlesyndication.com
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 3694
4 KB
1 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1183
7 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 2261
8 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 311
902 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 541
852 B
1 dotomi.com
proc.ad.cpe.dotomi.com — Cisco Umbrella Rank: 2737
461 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 917
284 B
1 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 1601
12 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
1 KB
161 43
Domain Requested by
22 images2.minutemediacdn.com www.12up.com
11 ids.ad.gt 1 redirects www.12up.com
11 cdn.userway.org rumcdn.geoedge.be
cdn.userway.org
www.12up.com
5 stats.bqstreamer.com cdn.mmctsvc.com
4 api.userway.org cdn.userway.org
4 cm.g.doubleclick.net 3 redirects www.12up.com
4 secure.cdn.fastclick.net rumcdn.geoedge.be
secure.cdn.fastclick.net
4 gum.criteo.com 1 redirects rumcdn.geoedge.be
4 securepubads.g.doubleclick.net cdn.mmctsvc.com
rumcdn.geoedge.be
securepubads.g.doubleclick.net
4 www.googletagmanager.com www.12up.com
www.googletagmanager.com
rumcdn.geoedge.be
3 static.criteo.net rumcdn.geoedge.be
cdn.mmctsvc.com
static.criteo.net
3 seg.ad.gt p.ad.gt
3 geo.privacymanager.io launchpad.privacymanager.io
ats-wrapper.privacymanager.io
3 pixel.tapad.com 3 redirects
3 match.adsrvr.org 3 redirects
3 p.ad.gt a.ad.gt
p.ad.gt
3 www.google-analytics.com www.googletagmanager.com
p.ad.gt
3 id5-sync.com cdn.mmctsvc.com
cdn.id5-sync.com
3 sdk.privacy-center.org www.12up.com
rumcdn.geoedge.be
2 cdn77.api.userway.org cdn.userway.org
2 ep2.adtrafficquality.google rumcdn.geoedge.be
2 oajs.openx.net 1 redirects www.12up.com
2 sync.1rx.io www.12up.com
2 sync.colossusssp.com www.12up.com
2 token.rubiconproject.com 1 redirects www.12up.com
2 image2.pubmatic.com 2 redirects
2 secure.adnxs.com 2 redirects
2 a.ad.gt rumcdn.geoedge.be
p.ad.gt
2 www.facebook.com www.12up.com
2 bidder.criteo.com cdn.mmctsvc.com
2 hb-api.omnitagjs.com cdn.mmctsvc.com
2 ib.adnxs.com cdn.mmctsvc.com
2 r.skimresources.com s.skimresources.com
2 p.skimresources.com www.12up.com
2 t.skimresources.com www.12up.com
s.skimresources.com
2 id.hadron.ad.gt cdn.hadronid.net
2 tags.crwdcntrl.net rumcdn.geoedge.be
2 aax.amazon-adsystem.com c.aps.amazon-adsystem.com
2 mug.criteo.com www.12up.com
2 connect.facebook.net www.12up.com
connect.facebook.net
2 c.amazon-adsystem.com c.aps.amazon-adsystem.com
2 fonts.gstatic.com fonts.googleapis.com
2 rumcdn.geoedge.be www.12up.com
rumcdn.geoedge.be
2 cdn.mmctsvc.com www.12up.com
cdn.mmctsvc.com
1 visitor.omnitagjs.com cdn.mmctsvc.com
1 acdn.adnxs.com cdn.mmctsvc.com
1 www.google.com rumcdn.geoedge.be
1 ats-wrapper.privacymanager.io rumcdn.geoedge.be
1 ep1.adtrafficquality.google securepubads.g.doubleclick.net
1 google-bidout-d.openx.net rumcdn.geoedge.be
1 proton.ad.gt rumcdn.geoedge.be
1 ab1ed7f8143955b8e254c8d3ceb9ca41.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com rumcdn.geoedge.be
1 cdn.id5-sync.com rumcdn.geoedge.be
1 cdn-ima.33across.com rumcdn.geoedge.be
1 oa.openxcdn.net rumcdn.geoedge.be
1 cdn.jsdelivr.net rumcdn.geoedge.be
1 pixels.ad.gt rumcdn.geoedge.be
1 bh.contextweb.com 1 redirects
1 proc.ad.cpe.dotomi.com secure.cdn.fastclick.net
1 lb.eu-1-id5-sync.com cdn.mmctsvc.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 launchpad.privacymanager.io launchpad-wrapper.privacymanager.io
1 cdn.hadronid.net www.12up.com
1 launchpad-wrapper.privacymanager.io rumcdn.geoedge.be
1 s.skimresources.com rumcdn.geoedge.be
1 config.aps.amazon-adsystem.com rumcdn.geoedge.be
1 config.bqstreamer.com cdn.mmctsvc.com
1 c.aps.amazon-adsystem.com cdn.mmctsvc.com
1 assets.minutemediacdn.com www.12up.com
1 fonts.googleapis.com www.12up.com
1 www.12up.com
1 12up.com 1 redirects
1 i-quiz.12up.com 1 redirects
161 74

This site contains links to these domains. Also see Links.

Domain
www.dbltap.com
www.facebook.com
twitter.com
www.instagram.com
www.minutemedia.com
fansided.com
Subject Issuer Validity Valid
api.12up.com
Amazon RSA 2048 M02
2024-07-29 -
2025-08-27
a year crt.sh
upload.video.google.com
WR2
2024-09-30 -
2024-12-23
3 months crt.sh
cdn.mmctsvc.com
Amazon RSA 2048 M02
2024-04-04 -
2025-05-03
a year crt.sh
gw.geoedge.be
Amazon RSA 2048 M03
2024-07-12 -
2025-08-09
a year crt.sh
assets.minutemediacdn.com
Amazon RSA 2048 M02
2024-03-26 -
2025-04-25
a year crt.sh
images.mmctsvc.com
Amazon RSA 2048 M02
2024-04-02 -
2025-05-01
a year crt.sh
*.privacy-center.org
Amazon RSA 2048 M03
2024-03-10 -
2025-04-07
a year crt.sh
*.google-analytics.com
WR2
2024-09-30 -
2024-12-23
3 months crt.sh
*.gstatic.com
WR2
2024-09-30 -
2024-12-23
3 months crt.sh
bqstreamer.com
WE1
2024-08-28 -
2024-11-26
3 months crt.sh
*.g.doubleclick.net
WR2
2024-09-30 -
2024-12-23
3 months crt.sh
c.aps.amazon-adsystem.com
Amazon RSA 2048 M02
2024-05-30 -
2025-06-29
a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02
2024-01-21 -
2025-02-19
a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01
2023-12-30 -
2024-12-04
a year crt.sh
1667503734.rsc.cdn77.org
E6
2024-09-25 -
2024-12-24
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-07-27 -
2024-10-25
3 months crt.sh
*.skimresources.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-07-01 -
2024-12-31
6 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-09-24 -
2024-12-25
3 months crt.sh
*.id5-sync.com
E5
2024-09-01 -
2024-11-30
3 months crt.sh
alt1-3ps.amazon-adsystem.com
Amazon RSA 2048 M03
2024-03-29 -
2025-04-28
a year crt.sh
*.privacymanager.io
Amazon RSA 2048 M03
2024-06-26 -
2025-07-24
a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1
2024-08-07 -
2025-08-07
a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M02
2024-09-07 -
2025-10-07
a year crt.sh
hadronid.net
WE1
2024-09-24 -
2024-12-23
3 months crt.sh
id.hadron.ad.gt
WE1
2024-09-20 -
2024-12-19
3 months crt.sh
skimresources.com
WR3
2024-09-18 -
2024-12-17
3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2024-02-14 -
2025-03-16
a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA
2024-07-02 -
2025-08-01
a year crt.sh
*.eu-1-id5-sync.com
R10
2024-09-01 -
2024-11-30
3 months crt.sh
a.ad.gt
WE1
2024-10-05 -
2025-01-03
3 months crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018
2024-06-17 -
2025-07-19
a year crt.sh
p.ad.gt
WE1
2024-10-08 -
2025-01-06
3 months crt.sh
*.ad.gt
Amazon RSA 2048 M02
2024-03-10 -
2025-04-08
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2024-07-30 -
2025-04-03
8 months crt.sh
*.colossusssp.com
Go Daddy Secure Certificate Authority - G2
2024-09-08 -
2025-10-10
a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA
2024-06-13 -
2025-07-14
a year crt.sh
api.userway.org
Amazon RSA 2048 M02
2024-08-02 -
2025-08-31
a year crt.sh
seg.ad.gt
WE1
2024-09-05 -
2024-12-04
3 months crt.sh
pixels.ad.gt
WE1
2024-09-05 -
2024-12-04
3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3
2024-07-30 -
2025-08-31
a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-09-24 -
2024-12-21
3 months crt.sh
oa.openxcdn.net
WR3
2024-09-16 -
2024-12-15
3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA
2024-09-05 -
2025-09-30
a year crt.sh
id5-sync.com
WE1
2024-09-30 -
2024-12-29
3 months crt.sh
cdn.prod.uidapi.com
E6
2024-09-11 -
2024-12-10
3 months crt.sh
proton.ad.gt
WE1
2024-09-07 -
2024-12-06
3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1
2024-08-14 -
2025-08-18
a year crt.sh
adtrafficquality.google
WR2
2024-09-30 -
2024-12-23
3 months crt.sh
*.google.com
WR2
2024-09-30 -
2024-12-23
3 months crt.sh
1784939676.rsc.cdn77.org
E6
2024-08-09 -
2024-11-07
3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1
2024-04-08 -
2025-05-09
a year crt.sh

This page contains 13 frames:

Primary Page: https://www.12up.com/
Frame ID: FCB707EDF1A6A06AF27BE1E298F7A637
Requests: 143 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi.js
Frame ID: CD905F57475BF719193004FC56956D0C
Requests: 1 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.4800162151810283
Frame ID: 7DC3F8C283D16CCA055391665E7C33B7
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 462A5C05F173F042F4642B44D7259D0F
Requests: 1 HTTP requests in this frame

Frame: https://ab1ed7f8143955b8e254c8d3ceb9ca41.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D8682B26FD3F802F5DC035C3BC5F309C
Requests: 1 HTTP requests in this frame

Frame: https://proton.ad.gt/join-ad-interest-groups.html
Frame ID: E4DC73033A5A85B569BFFC9569A5629A
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.12up.com&gdpr=0&gdpr_consent=
Frame ID: C31659ADE84F0DDA46D82907B1EBF140
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: CD82197C5BB9C57CB321DD3BC9CF137D
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.12up.com&gdpr=0&gdpr_consent=&us_privacy=1YNN
Frame ID: A04278496414DD8FF8AA2DA9ED8B7875
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: 16275DAB81732ECFCC5BC439C74C490D
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B1AA822B5781F2AB0714F2AE5F9404D1
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 4BF5217A30C133A6795D912764611EBC
Requests: 1 HTTP requests in this frame

Frame: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&gdpr=0&gdpr_consent=&us_privacy=1YNN
Frame ID: 933691B95F65FBFE642061FC66BED769
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

24/7 Sports News, Opinions and Videos

Page URL History Show full URLs

  1. https://i-quiz.12up.com/ HTTP 302
    http://12up.com/ HTTP 307
    https://12up.com/ HTTP 301
    https://www.12up.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • sdk\.privacy-center\.org/.*/loader\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • cdn\.userway\.org/widget.*\.js

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

161
Requests

93 %
HTTPS

39 %
IPv6

43
Domains

74
Subdomains

65
IPs

4
Countries

2407 kB
Transfer

9664 kB
Size

60
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://i-quiz.12up.com/ HTTP 302
    http://12up.com/ HTTP 307
    https://12up.com/ HTTP 301
    https://www.12up.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.12up.com%2F&domain=www.12up.com&cw=1&lsw=1&us_privacy=1YNN&gdpr=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=jAI8eXxkeEMzVVpTRTFHNUpIdDd2cU9SdUUvQjFoNUN0TldqSXFDMlBCSEVWYU15Yjk5ZVcremZOVGw0NVNOenZxMEVqMmlDUDh2RzM1amYrTTBsczhPZWtLUjd2RjBrMlR1cTJBQTlGTzdPWEJsa1JvemRSalN1MmN1YlMxMUlFZGk2MHNhZm5oTUp4WXFJVEludlhCdTdFQVJmRHNQYkFhMVhwS1RqY1Irc2h4bmpzUzE4MU0wM0tLeGJzWlhydzJGY0xhcytVUWVaMkhRVG9YL1RQSjUvRTJzQWdwbEkwOHMrZ2xjSUZIMHdTSEJHN3JTRFZUOVkxYzV2SXMyTG15amdEZ1NRU1ZuVU82UXJhYklrZDgvaU82UT09fA&cppv=2
Request Chain 83
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001729278360-DM1T0PRL-WK97&adnxs_id=$UID&gdpr=0 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001729278360-DM1T0PRL-WK97%26adnxs_id%3D%24UID%26gdpr%3D0 HTTP 302
  • https://ids.ad.gt/api/v1/match?id=AU1D-0100-001729278360-DM1T0PRL-WK97&adnxs_id=6661636663103257195&gdpr=0
Request Chain 84
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001729278360-DM1T0PRL-WK97&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001729278360-DM1T0PRL-WK97&gdpr=0 HTTP 302
  • https://ids.ad.gt/api/v1/t_match?tdid=3ee03992-b92f-40fb-be85-11316988fb5d&id=AU1D-0100-001729278360-DM1T0PRL-WK97
Request Chain 85
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001729278360-DM1T0PRL-WK97 HTTP 302
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001729278360-DM1T0PRL-WK97 HTTP 302
  • https://ids.ad.gt/api/v1/pbm_match?pbm=DF4C1C46-AA07-4F00-9C4E-A33A6E4442E7&id=AU1D-0100-001729278360-DM1T0PRL-WK97
Request Chain 87
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001729278360-DM1T0PRL-WK97&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001729278360-DM1T0PRL-WK97%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001729278360-DM1T0PRL-WK97&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001729278360-DM1T0PRL-WK97%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=cb34bcb3-c125-4be6-9642-b4e00a62730f%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fid%25253DAU1D-0100-001729278360-DM1T0PRL-WK97%252526tapad_id%25253Dcb34bcb3-c125-4be6-9642-b4e00a62730f%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=3ee03992-b92f-40fb-be85-11316988fb5d&ttd_puid=cb34bcb3-c125-4be6-9642-b4e00a62730f%2Chttps%253A%252F%252Fids.ad.gt%252Fapi%252Fv1%252Ftapad_match%253Fid%253DAU1D-0100-001729278360-DM1T0PRL-WK97%2526tapad_id%253Dcb34bcb3-c125-4be6-9642-b4e00a62730f%2C HTTP 302
  • https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001729278360-DM1T0PRL-WK97&tapad_id=cb34bcb3-c125-4be6-9642-b4e00a62730f
Request Chain 88
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001729278360-DM1T0PRL-WK97 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=AU1D-0100-001729278360-DM1T0PRL-WK97&google_tc= HTTP 302
  • https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001729278360-DM1T0PRL-WK97&google_error=15
Request Chain 89
  • https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001729278360-DM1T0PRL-WK97 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcyOTI3ODM2MC1ETTFUMFBSTC1XSzk3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcyOTI3ODM2MC1ETTFUMFBSTC1XSzk3&google_tc=
Request Chain 92
  • https://bh.contextweb.com/bh/rtset?pid=562316&ev=1&rurl=https://ids.ad.gt/api/v1/ppnt_match?uid=%%VGUID%%&id=AU1D-0100-001729278360-DM1T0PRL-WK97 HTTP 302
  • https://ids.ad.gt/api/v1/ppnt_match?uid=jwGGBDPmKfvY&ev=1&pid=562316&id=AU1D-0100-001729278360-DM1T0PRL-WK97
Request Chain 123
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.12up.com%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.12up.com%2F&rid=esp&cc=1
Request Chain 139
  • https://token.rubiconproject.com/token?pid=50242&puid=AU1D-0100-001729278360-DM1T0PRL-WK97&gdpr=0 HTTP 302
  • https://ids.ad.gt/api/v1/rub_match?id=AU1D-0100-001729278360-DM1T0PRL-WK97&rub=M2F3OQQT-E-FSNO&gdpr=0

161 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.12up.com/
Redirect Chain
  • https://i-quiz.12up.com/
  • http://12up.com/
  • https://12up.com/
  • https://www.12up.com/
367 KB
46 KB
Document
General
Full URL
https://www.12up.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2510:aa00:f:8f3b:1200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
3cd6aeb0ba37408f48bead1c116588c241f9a734ffc2aaf96a2b84aa20977cbc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
max-age=60, stale-if-error=2592000, stale-while-revalidate=600
content-encoding
gzip
content-type
text/html
date
Fri, 18 Oct 2024 19:05:57 GMT
etag
W/1dbcbe3bd2d393ac19ad79a37ca3767c0237608284deaba3b89b1f67aa0d33fd|b9837a16dfbfde25584eed453a9857e0488a45455f3850a66aa3bced1a208296
last-modified
Fri, 18 Oct 2024 19:05:57 GMT
referrer-policy
no-referrer-when-downgrade
server
CloudFront
vary
Accept-Encoding
via
1.1 241db89625f6ef70a00b0e19e0cfc332.cloudfront.net (CloudFront)
x-amz-cf-id
CEepO9ssIwtFX1uHQsYXLdtHjfApF2X-y87yYR0eDoihu72IowcWZw==
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-from-mm
true

Redirect headers

alt-svc
h3=":443"; ma=2592000
content-length
0
date
Fri, 18 Oct 2024 19:05:56 GMT
location
https://www.12up.com/
server
redirector-service
css
fonts.googleapis.com/
5 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,600,700&display=swap
Requested by
Host: www.12up.com
URL: https://www.12up.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c3e3d7e0bce6022ae66381d04eb4742252d577ba15c5f9cceb49cb14c9eb90b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 18 Oct 2024 19:05:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 19:05:58 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Fri, 18 Oct 2024 17:25:19 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
mz-delivery.js
cdn.mmctsvc.com/
78 KB
24 KB
Script
General
Full URL
https://cdn.mmctsvc.com/mz-delivery.js
Requested by
Host: www.12up.com
URL: https://www.12up.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:261f:d200:19:4ac0:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
d1c346be6b51c63aaf1fbb984ea31338a0121dba9fa36af3a1cd6cf92d901959

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

x-amz-cf-pop
JFK52-P3
cache-control
max-age: 31536000
content-encoding
br
etag
W/"bad3f220694d48d71b8f6d1a24eadce2"
age
268499
via
1.1 8ca7450d970f904109dac7e068234b78.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
3HMpE-LbFJ8ojdxPaP99_yukcY2BOLL1jyXvx4Q9gQSqvNQuEqrpDQ==
date
Tue, 15 Oct 2024 16:31:00 GMT
content-type
text/javascript
vary
Accept-Encoding, Origin
server
CloudFront
last-modified
Tue, 15 Oct 2024 16:30:57 GMT
x-amz-server-side-encryption
AES256
grumi-ip.js
rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/
16 KB
6 KB
Script
General
Full URL
https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Requested by
Host: www.12up.com
URL: https://www.12up.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:bc00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
80650aafb18ccffe3b53515506496cf247df579a0d1a39e1ca6f0137eeb68e5b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

vary
Accept-Encoding
cache-control
public, max-age=14400, stale-while-revalidate=14400, immutable
content-encoding
br
x-amz-version-id
rPi5doo401tE4J9qMVA.sg7AXdJu65mX
etag
W/"8b55646fb4a00da3c52875d685bbc43f"
age
1694
via
1.1 b863f5ba2fad5306016f04b0ec05bd82.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
G7aWeMSvB2x4lHUwMugSQwaQHlR0lA08EEnzZCFsoWh_bh4j5Ugl1A==
date
Fri, 18 Oct 2024 18:37:45 GMT
content-type
application/javascript
last-modified
Sun, 13 Oct 2024 08:00:06 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
x-amz-server-side-encryption
AES256
HomePageParis.bundle.MTAKOSKP.js
assets.minutemediacdn.com/js/
453 KB
123 KB
Script
General
Full URL
https://assets.minutemediacdn.com/js/HomePageParis.bundle.MTAKOSKP.js
Requested by
Host: www.12up.com
URL: https://www.12up.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2514:6600:18:ed96:9000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
9b510244bed7026cfc78521c96e962a2e8b177cffba101f128451ffedbb78a16

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

x-amz-cf-pop
JFK50-P8
cache-control
max-age: 31536000
content-encoding
br
etag
W/"bd41f0f4eed6314f99eb39aa83fd25fb"
age
716455
via
1.1 346bf51bc00fbeaa3f4c461a781bceb0.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
Piu-DmPBDrixtclLKp9RLsFVSEADd4rtPJjXzZRv0OCzOu4jOXXT4g==
date
Thu, 10 Oct 2024 12:05:04 GMT
content-type
application/javascript
vary
Accept-Encoding, Origin
server
CloudFront
last-modified
Thu, 10 Oct 2024 11:56:56 GMT
x-amz-server-side-encryption
AES256
images%2FGettyImages%2Fmmsport%2F12up_en_international_web%2F01jafzjjz0z9zsy11mkf.jpg
images2.minutemediacdn.com/image/upload/c_crop,w_3386,h_1904,x_0,y_0/c_fill,w_720,ar_16:9,f_auto,q_auto,g_auto/
31 KB
31 KB
Image
General
Full URL
https://images2.minutemediacdn.com/image/upload/c_crop,w_3386,h_1904,x_0,y_0/c_fill,w_720,ar_16:9,f_auto,q_auto,g_auto/images%2FGettyImages%2Fmmsport%2F12up_en_international_web%2F01jafzjjz0z9zsy11mkf.jpg
Requested by
Host: www.12up.com
URL: https://www.12up.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23ca:7200:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
8008e9121fdff4d41dcb8361bba9084c222bbdde77abe599f5ac61c8b4e68456

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

x-request-id
9cf4213877b0d2c542f00cc5f2584963
etag
"0011569a17da63836227104ec90bda2c"
surrogate-reporting
width=720,height=405,bytes=31236,owidth=3386,oheight=2376,obytes=3693425,ef=(1,14,17,23)
age
17330
status
200 OK
x-cache
Hit from cloudfront
x-amz-cf-id
BM0FIkPGdZcIh6omJAppDw8ijZrYouth9U1ExNkPeAwyRxihyoQRIA==
date
Fri, 18 Oct 2024 14:17:08 GMT
content-type
image/webp
content-disposition
inline; filename="01jafzjjz0z9zsy11mkf.webp"
x-served-by
cache-iad-kiad7000179-IAD
last-modified
Fri, 18 Oct 2024 14:17:09 GMT
access-control-allow-headers
X-Requested-With
x-cache-hits
0
cache-control
private, max-age=31560000
timing-allow-origin
*
x-timer
S1729261027.805943,VS0,VE1746
via
1.1 ee011275acb236653ac4d031eb9a7092.cloudfront.net (CloudFront), 1.1 varnish, 1.1 ed016821a44f073856f1ffba399e1728.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
31236
x-amz-cf-pop
JFK50-P2
server
CloudFront
loader.js
sdk.privacy-center.org/3810dd55-0181-4ddc-952e-59a8c9a36fe4/
217 KB
42 KB
Script
General
Full URL
https://sdk.privacy-center.org/3810dd55-0181-4ddc-952e-59a8c9a36fe4/loader.js?target_type=notice&target=WHiEUdYM
Requested by
Host: www.12up.com
URL: https://www.12up.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2510:ac00:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ad3f3e9859b6955140575f1ecc09452b9157134817f942bb5c35b489e66af261

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

content-encoding
gzip
etag
W/"d8092408088f63150526b00a86455b28"
age
6071
x-amzn-requestid
c9fe7a79-1221-45e2-98e6-161be4c8e3a4
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
CV_OpezIh-xBZcs-QFOK1QV5Yi-4KJPnrZ9RcboV4cYD7oCrJw2vpQ==
date
Fri, 18 Oct 2024 17:24:47 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=7200, public
x-didomi-remote-config-metadata
multiReg:true;legacyGlobalGdpr:false
x-amzn-trace-id
Root=1-670f612c-6756cfdd68c6c3cd7dc9f2b6;Parent=47dd6880d0a2c201;Sampled=0;Lineage=1:eaae1266:0
via
1.1 6ea9421ec132e3640100792ef9535494.cloudfront.net (CloudFront)
x-didomi-configs-version
112
x-amz-cf-pop
JFK50-P5
gtm.js
www.googletagmanager.com/
404 KB
125 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TCW5HW
Requested by
Host: www.12up.com
URL: https://www.12up.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
412134da64d002ac4534b0e5129556dfaf8fd880dde7b26e3b52841ed4ffab53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Fri, 18 Oct 2024 19:05:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 19:05:58 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 18 Oct 2024 18:38:06 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
127446
x-xss-protection
0
server
Google Tag Manager
gtm.js
www.googletagmanager.com/
221 KB
75 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-524LTF9
Requested by
Host: www.12up.com
URL: https://www.12up.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0db5f4f84aa206f4dd0b4f89ec4adc11d315dff79fb77ef46cbfdfde0297e69c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Fri, 18 Oct 2024 19:05:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 19:05:58 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 18 Oct 2024 18:38:06 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
77113
x-xss-protection
0
server
Google Tag Manager
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
13b0c99b494f2bedfa14d7682d4a3d6f11bd66f8b9978e4815634370d37fcf7c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,600,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.99 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f3.1e100.net
Software
sffe /
Resource Hash
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.12up.com
Referer
https://fonts.googleapis.com/

Response headers

age
271731
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 15 Oct 2025 15:37:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 15 Oct 2024 15:37:07 GMT
last-modified
Thu, 01 Aug 2024 20:41:21 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18596
x-xss-protection
0
server
sffe
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,600,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.99 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f3.1e100.net
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.12up.com
Referer
https://fonts.googleapis.com/

Response headers

age
196886
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 16 Oct 2025 12:24:32 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 12:24:32 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18536
x-xss-protection
0
server
sffe
/
stats.bqstreamer.com/
2 B
501 B
Ping
General
Full URL
https://stats.bqstreamer.com/
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/mz-delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:367 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.12up.com/

Response headers

access-control-max-age
86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kE%2F4IvwhXZrriBFijjn8o2Vs3AIE%2B2EvpKuqr76o7Ak9%2Bf7crr7q35hgsGBRfBbwDxdoBysiA%2B3A%2FgVUHr681JWbmvAvV7yf6tl0pZZzOJR%2FZJmPoFwvttGiE1r7DuifB%2FlLkpT1zw%2B5CQeua0kMRrcj"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, OPTIONS
cf-ray
8d4acd8cbdd91014-LAX
access-control-allow-origin
*
content-length
2
date
Fri, 18 Oct 2024 19:05:58 GMT
content-type
text/plain;charset=UTF-8
vary
Accept-Encoding
server
cloudflare
access-control-allow-headers
*
prebid8.52.1.js
cdn.mmctsvc.com/commercial-api/
512 KB
162 KB
Script
General
Full URL
https://cdn.mmctsvc.com/commercial-api/prebid8.52.1.js
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/mz-delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:261f:d200:19:4ac0:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
4d26354c3a34441bc6d0749595ffd06503539f63afbf97ec1c804fee777b0969

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

x-amz-cf-pop
JFK52-P3
cache-control
max-age: 31536000
content-encoding
gzip
etag
W/"5b99c1db8c93eb6572a48fc0d86416e9"
age
1428248
via
1.1 8ca7450d970f904109dac7e068234b78.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
zoSCkXuzWie_KECwv5lqFqjkIzpNOCveoT8FzEv_Zl-1eL15FyOCQg==
date
Wed, 02 Oct 2024 06:21:51 GMT
content-type
text/javascript
vary
Accept-Encoding, Origin
server
CloudFront
last-modified
Tue, 24 Sep 2024 10:12:26 GMT
x-amz-server-side-encryption
AES256
gpt.js
securepubads.g.doubleclick.net/tag/js/
107 KB
33 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/mz-delivery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
060fbb9a4c445a50a02ad373763796411198f52f04e877c3bb7d1b5a2ae94a6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

content-encoding
br
etag
159 / 20014 / 31088242 / config-hash: 16632934292230237338
x-content-type-options
nosniff
expires
Fri, 18 Oct 2024 19:05:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Fri, 18 Oct 2024 19:05:58 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
33897
x-xss-protection
0
server
cafe
apstag.js
c.aps.amazon-adsystem.com/
336 KB
74 KB
Script
General
Full URL
https://c.aps.amazon-adsystem.com/apstag.js
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/mz-delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.80.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-48.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f11f201fd4dc1d3d6c613f55e673790028bcdb0fd9aada88f006003a2cafbd45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

content-encoding
br
x-amz-version-id
bNSe4XNBU_XzY0br.SpDH86Rydj8m2zK
etag
W/"c4bc290465fb571ad18a0189e7d8828f"
age
1131
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
ueVmuVn5yOclR8zLuhBGcpnT5S_f1BFE8QzYVDxL7KeXbhwYixDnRg==
date
Fri, 18 Oct 2024 18:47:08 GMT
content-type
application/javascript
vary
Accept-Encoding, Origin
last-modified
Fri, 18 Oct 2024 02:16:16 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
cache-control
public, max-age=3600
referrer-policy
strict-origin-when-cross-origin
via
1.1 e774c9e3b514be02964a99136a6cdfda.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
x-amz-cf-pop
JFK52-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
/
config.bqstreamer.com/
73 KB
16 KB
Fetch
General
Full URL
https://config.bqstreamer.com/?currentPage=https%3A%2F%2Fwww.12up.com%2F&variationId=
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/mz-delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4728 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
188be32ed1e8c36515e93f73dad7425af719d037b6d0d7f10596ca4b912e595e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

access-control-max-age
86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QR9AL6xExKL1Oeg4%2BAISYBftPJ6yuoC39s1YZrVkm2COPyUnS2uR7Ey%2FDq9rfzb5A%2FpRLYnDxP885B%2BNQ7R%2FQO9Tss79hdMRFrVs9l%2FXyv5x1pyjbqK7yG2qvOdfEKT27t0Np7jc4yiHM3%2Bqskpf9K6YLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,OPTIONS
cf-ray
8d4acd8cca5e2eb1-LAX
access-control-allow-origin
*
date
Fri, 18 Oct 2024 19:05:58 GMT
content-type
application/json
vary
Accept-Encoding
server
cloudflare
/
stats.bqstreamer.com/
2 B
287 B
Ping
General
Full URL
https://stats.bqstreamer.com/
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/mz-delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:367 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.12up.com/

Response headers

access-control-max-age
86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FW1UrZmCeLuplL7x6IxPzyOvU6yyvjs7YKgZH2WEmPom%2BCHHR8aNrMIe4L1gLJr8WRJ%2BiXqCr4PSrTXQdKgt8DjN2F5YGJuwnqjiWEl80p67AEWNQPYzUcHVNGyMnovyBWGrIrch6ikwfg4GpSQg%2BY4a"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, OPTIONS
cf-ray
8d4acd8ddf8d1014-LAX
access-control-allow-origin
*
content-length
2
date
Fri, 18 Oct 2024 19:05:58 GMT
content-type
text/plain;charset=UTF-8
vary
Accept-Encoding
server
cloudflare
access-control-allow-headers
*
/
stats.bqstreamer.com/
2 B
286 B
Ping
General
Full URL
https://stats.bqstreamer.com/
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/mz-delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:367 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.12up.com/

Response headers

access-control-max-age
86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BeREuFMjJtHuPhV1yg6XLd22bXrB9hkppfs%2FHez9DNVOr5Zp2MonQOyH5qBnXhqijC5wiEDHwov%2Fsy6Fk3RVe35Z6fZNWUPLMQ%2BKVLKCM5zT8VbY4VmkeEn2T5HxZxz2I1uaAtLALVdrPBIjTsG1Mt4o"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, OPTIONS
cf-ray
8d4acd8ddf8f1014-LAX
access-control-allow-origin
*
content-length
2
date
Fri, 18 Oct 2024 19:05:58 GMT
content-type
text/plain;charset=UTF-8
vary
Accept-Encoding
server
cloudflare
access-control-allow-headers
*
grumi.js
rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/ Frame CD90
650 KB
204 KB
Script
General
Full URL
https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:bc00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
edb5b549f72c90d41721162403ae16b89e82e854827986b1d942015eb616f303

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
x-amz-version-id
jL4HKAcvn5rvDR7iP0MHH8432DaJ2svH
etag
W/"18189eceb3dd0bf0bd68c9bdff09bcd3"
age
1694
x-cache
Hit from cloudfront
x-amz-cf-id
wKHr2pj74jyMkPBqhnP3eIvU0-bYng_H84EuBgW8XIiDR64pEqyKEQ==
date
Fri, 18 Oct 2024 18:37:45 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Fri, 18 Oct 2024 18:17:33 GMT
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
timing-allow-origin
*
via
1.1 b863f5ba2fad5306016f04b0ec05bd82.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
sdk.b2a3c17a678ea7062d171089b67919517c588d58.js
sdk.privacy-center.org/sdk/b2a3c17a678ea7062d171089b67919517c588d58/modern/
362 KB
94 KB
Script
General
Full URL
https://sdk.privacy-center.org/sdk/b2a3c17a678ea7062d171089b67919517c588d58/modern/sdk.b2a3c17a678ea7062d171089b67919517c588d58.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2510:ac00:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e5f286a5113e6a94c2ad621e4ffba3f5b598896c744b9781af86782bff104580

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

vary
Accept-Encoding
cache-control
public, max-age=31536000
content-encoding
br
etag
W/"c48f84cdf5d9be4e5212c351f58d4c46-1"
age
295458
via
1.1 6ea9421ec132e3640100792ef9535494.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
ZfYP1ob9-9y8xbwOd86cT3A8EhGibpzfy_Ee4awER9nPcKdu8HMnGA==
date
Tue, 15 Oct 2024 09:01:41 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 15 Oct 2024 09:01:04 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P5
x-amz-server-side-encryption
AES256
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410100101/
481 KB
149 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410100101/pubads_impl.js?cb=31088242
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
f98d5fca3c93eb8086952c200e59dc21fc7b2ad893b5680cec00f4b7f2a38215
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

content-encoding
br
etag
3420270987438694644
age
7699
x-content-type-options
nosniff
expires
Sat, 18 Oct 2025 16:57:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Fri, 18 Oct 2024 16:57:39 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
152663
x-xss-protection
0
server
cafe
3777
config.aps.amazon-adsystem.com/configs/
531 B
797 B
Script
General
Full URL
https://config.aps.amazon-adsystem.com/configs/3777
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-56.jfk50.r.cloudfront.net
Software
CloudFront /
Resource Hash
6598525fb7f424f533cc1e037c324825db29436400b47e15b4272a58857eec33

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

cache-control
max-age=3600
age
1812
via
1.1 d33ed2107293e32734a96656b820e092.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
531
x-amz-cf-id
cmy5siZKciZjW-dhah-SYmPymxdIoPs6sJmJ5Hc1RP8F-8A8AuPpHw==
date
Fri, 18 Oct 2024 18:35:47 GMT
content-type
application/javascript
x-amz-cf-pop
JFK50-P3
server
CloudFront
config
c.amazon-adsystem.com/cdn/prod/
4 KB
4 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3777&u=https%3A%2F%2Fwww.12up.com
Requested by
Host: c.aps.amazon-adsystem.com
URL: https://c.aps.amazon-adsystem.com/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.115.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-115-149.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
9b230d258ebe3e853a47335ae45b8093ade40427b833ccf20702badab80b1c2e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

cache-control
max-age=21550, s-maxage=21600
age
17184
access-control-allow-credentials
true
via
1.1 ed8dbde89917eaa6ca93ba7fad809c48.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.12up.com
x-cache
Hit from cloudfront
content-length
3634
x-amz-cf-id
x5OYUg2F_mys-qEZEJXQ3_ohL14EdnFl5jDt9Zpvw7ClZGrxZD4wSA==
date
Fri, 18 Oct 2024 14:19:34 GMT
content-type
application/json;charset=UTF-8
x-amz-cf-pop
JFK50-P3
server
Server
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.aps.amazon-adsystem.com
URL: https://c.aps.amazon-adsystem.com/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.115.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-115-149.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

access-control-max-age
3000
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
x-amz-version-id
r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
age
70014
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
dG4GsFyYGbju91O8wzasHk7GdVBs-swq3vceBY3A94kIbZWYCU1_lw==
date
Thu, 17 Oct 2024 23:39:06 GMT
content-type
application/javascript
vary
Accept-Encoding,Origin
last-modified
Thu, 29 Feb 2024 02:13:08 GMT
cache-control
public, max-age=86400
via
1.1 44ffe5f6f95421818455d39547956aa4.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
JFK50-P3
server
AmazonS3
x-amz-server-side-encryption
AES256
01j9rwcame2rca5ab888.jpg
images2.minutemediacdn.com/image/upload/c_crop,w_4457,h_2507,x_0,y_0/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/GettyImages/mmsport/12up_en_international_web/
3 KB
4 KB
Image
General
Full URL
https://images2.minutemediacdn.com/image/upload/c_crop,w_4457,h_2507,x_0,y_0/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/GettyImages/mmsport/12up_en_international_web/01j9rwcame2rca5ab888.jpg
Requested by
Host: www.12up.com
URL: https://www.12up.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23ca:7200:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
4f3ad877a3940e48ef16f08adecab5fc0e47b3da13d0efac8f02d07d428c8f8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

etag
"a77c0526d8d37edeeec778a2f46a3a2f"
surrogate-reporting
width=16,height=9,bytes=3412,owidth=4457,oheight=3000,obytes=2865372,ef=(1,14,17,23)
age
17199
x-cache
Hit from cloudfront
x-amz-cf-id
nQw-hHJXOOEjbVC8QWp-UhdYGajqT2BuGgVUzaEvqVAwN14IuHGWlA==
date
Fri, 18 Oct 2024 14:19:20 GMT
content-type
image/webp
x-served-by
cache-iad-kjyo7100085-IAD
x-cache-hits
0
content-disposition
inline; filename="01j9rwcame2rca5ab888.webp"
access-control-allow-headers
X-Requested-With
last-modified
Fri, 11 Oct 2024 15:11:44 GMT
cache-control
private, max-age=31560000
timing-allow-origin
*
x-timer
S1729261160.127142,VS0,VE58
x-orig-request-id
abe017d3f863a816dffb603527010722
via
1.1 dbbdffd5abd9b6fb9357259f8ea93f44.cloudfront.net (CloudFront), 1.1 varnish, 1.1 ed016821a44f073856f1ffba399e1728.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
3412
x-amz-cf-pop
JFK50-P2
server
CloudFront
01j9pr3q06rnrdffsy14.jpg
images2.minutemediacdn.com/image/upload/c_crop,w_6515,h_3664,x_0,y_43/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/GettyImages/mmsport/12up_en_international_web/
3 KB
4 KB
Image
General
Full URL
https://images2.minutemediacdn.com/image/upload/c_crop,w_6515,h_3664,x_0,y_43/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/GettyImages/mmsport/12up_en_international_web/01j9pr3q06rnrdffsy14.jpg
Requested by
Host: www.12up.com
URL: https://www.12up.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23ca:7200:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
c3a0510bac02b32e86bb555bd3a1207bd60d99a59aec33e4d96a4074babcc3a5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

etag
"a7f560ce4faa2eacad94a45d4064c0f9"
surrogate-reporting
width=16,height=9,bytes=3396,owidth=6515,oheight=4345,obytes=4574411,ef=(1,14,17,23)
age
105649
x-cache
Hit from cloudfront
x-amz-cf-id
e_CjBtiYipK5uEsmDPL8miIYqNvNUp8aoF6SWRAr_x74WsPXagebow==
date
Thu, 17 Oct 2024 13:45:10 GMT
content-type
image/webp
x-served-by
cache-lga21926-LGA
x-cache-hits
0
content-disposition
inline; filename="01j9pr3q06rnrdffsy14.webp"
access-control-allow-headers
X-Requested-With
last-modified
Wed, 09 Oct 2024 01:09:08 GMT
cache-control
private, max-age=31560000
timing-allow-origin
*
x-timer
S1729172710.404252,VS0,VE80
x-orig-request-id
2516e29b6fea50b409c428c14c4e5fce
via
1.1 e23983892b1c8fb4d47f943c0ee29028.cloudfront.net (CloudFront), 1.1 varnish, 1.1 ed016821a44f073856f1ffba399e1728.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
3396
x-amz-cf-pop
JFK50-P2
server
CloudFront
01j9m3h9ysq14rfwctea.jpg
images2.minutemediacdn.com/image/upload/c_crop,w_5463,h_3072,x_0,y_0/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/GettyImages/mmsport/12up_en_international_web/
3 KB
4 KB
Image
General
Full URL
https://images2.minutemediacdn.com/image/upload/c_crop,w_5463,h_3072,x_0,y_0/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/GettyImages/mmsport/12up_en_international_web/01j9m3h9ysq14rfwctea.jpg
Requested by
Host: www.12up.com
URL: https://www.12up.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23ca:7200:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
4b338fa9ed7d0c7c63672199d075e6fda7089a9f81ec86e9ee83629973ba7177

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

x-request-id
a9de9cb904af13871518db8038f3e994
etag
"e12359b4dd9987dd7a37e43499d2083c"
surrogate-reporting
width=16,height=9,bytes=3436,owidth=5463,oheight=3642,obytes=3745560,ef=(1,14,17,23)
age
842212
status
200 OK
x-cache
Hit from cloudfront
x-amz-cf-id
us2KjLMkEdnmsyC-b5iL80ryjlzrLFrnAkMKaTlx7MQ3VNTmFAknrQ==
date
Wed, 09 Oct 2024 01:09:07 GMT
content-type
image/webp
content-disposition
inline; filename="01j9m3h9ysq14rfwctea.webp"
x-served-by
cache-lga21976-LGA
last-modified
Wed, 09 Oct 2024 01:09:08 GMT
access-control-allow-headers
X-Requested-With
x-cache-hits
0
cache-control
private, max-age=31560000
timing-allow-origin
*
x-timer
S1728436146.869855,VS0,VE1987
via
1.1 3f65d34f6010e326e59d2f311de6e202.cloudfront.net (CloudFront), 1.1 varnish, 1.1 ed016821a44f073856f1ffba399e1728.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
3436
x-amz-cf-pop
JFK50-P2
server
CloudFront
01j975hx851bjn6hv6eh.jpg
images2.minutemediacdn.com/image/upload/c_crop,w_4676,h_2630,x_0,y_0/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/GettyImages/mmsport/12up_en_international_web/
3 KB
4 KB
Image
General
Full URL
https://images2.minutemediacdn.com/image/upload/c_crop,w_4676,h_2630,x_0,y_0/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/GettyImages/mmsport/12up_en_international_web/01j975hx851bjn6hv6eh.jpg
Requested by
Host: www.12up.com
URL: https://www.12up.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23ca:7200:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
15d58130847c9924c48287f0abdb36d6276a65800f5ae76ba71b5e9eed9f324c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

etag
"8ec9b3cc37be6be4416270f8f2dc4a5d"
surrogate-reporting
width=16,height=9,bytes=3378,owidth=4676,oheight=3117,obytes=2499883,ef=(1,14,17,23)
age
619424
x-cache
Hit from cloudfront
x-amz-cf-id
smWU_Djp4855MNp793bpqoNnDDJTNqE-mUvImGXX0yMgnuCA3Qx19w==
date
Fri, 11 Oct 2024 15:02:15 GMT
content-type
image/webp
x-served-by
cache-lga21942-LGA
x-cache-hits
0
content-disposition
inline; filename="01j975hx851bjn6hv6eh.webp"
access-control-allow-headers
X-Requested-With
last-modified
Thu, 03 Oct 2024 21:16:47 GMT
cache-control
private, max-age=31560000
timing-allow-origin
*
x-timer
S1728658935.474178,VS0,VE88
x-orig-request-id
cad22dde58a5e4bc6c453c5d9dce9a08
via
1.1 e5f49cd65618fc548cd417b060a75e76.cloudfront.net (CloudFront), 1.1 varnish, 1.1 ed016821a44f073856f1ffba399e1728.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
3378
x-amz-cf-pop
JFK50-P2
server
CloudFront
01hse603azx4dtkkmefs.jpg
images2.minutemediacdn.com/image/upload/c_crop,w_6109,h_3436,x_0,y_312/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/GettyImages/mmsport/12up_en_international_web/
1016 B
2 KB
Image
General
Full URL
https://images2.minutemediacdn.com/image/upload/c_crop,w_6109,h_3436,x_0,y_312/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/GettyImages/mmsport/12up_en_international_web/01hse603azx4dtkkmefs.jpg
Requested by
Host: www.12up.com
URL: https://www.12up.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23ca:7200:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
03408ce36df45dba425df4b384a0a9b607883f09744037118aedfa0868869791

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

etag
"04fb13c7fb69fb85edd86ab9707fd34f"
surrogate-reporting
width=16,height=9,bytes=1016,owidth=6109,oheight=4073,obytes=16537294,ef=(1,13,17,23)
age
5015341
x-cache
Hit from cloudfront
x-amz-cf-id
Jyp8a2KltFJI0PDObHLIJ5kNWT44cZs1uCmAqe-7NUI-yalREWsRxg==
date
Wed, 21 Aug 2024 17:56:58 GMT
content-type
image/webp
x-served-by
cache-iad-kiad7000163-IAD
x-cache-hits
0
content-disposition
inline; filename="01hse603azx4dtkkmefs.webp"
access-control-allow-headers
X-Requested-With
last-modified
Sun, 24 Mar 2024 00:18:16 GMT
cache-control
private, max-age=31560000
timing-allow-origin
*
x-timer
S1724263018.180364,VS0,VE2
via
1.1 795b4b6b943fe3d87b1c7e104dc9034c.cloudfront.net (CloudFront), 1.1 varnish, 1.1 ed016821a44f073856f1ffba399e1728.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
1016
x-amz-cf-pop
JFK50-P2
server
CloudFront
01hm7dgyt19fym5zjyhm.jpg
images2.minutemediacdn.com/image/upload/c_crop,w_6627,h_3727,x_0,y_413/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/GettyImages/mmsport/12up_en_international_web/
990 B
2 KB
Image
General
Full URL
https://images2.minutemediacdn.com/image/upload/c_crop,w_6627,h_3727,x_0,y_413/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/GettyImages/mmsport/12up_en_international_web/01hm7dgyt19fym5zjyhm.jpg
Requested by
Host: www.12up.com
URL: https://www.12up.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23ca:7200:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
04a11f63a307b6de927633f140e7fe9ac23198fb7c2896353966bca35d81f900

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

etag
"dd16aaa606bd4fc9d5adf23aa0c54602"
surrogate-reporting
width=16,height=9,bytes=990,owidth=6627,oheight=4420,obytes=14913123,ef=(1,13,17,23)
age
5015341
x-cache
Hit from cloudfront
x-amz-cf-id
otNWVm8-ew5iPqQHi5xT8BHgwnbLbUFYedx4webrmBVEW07s3bPiQA==
date
Wed, 21 Aug 2024 17:56:58 GMT
content-type
image/webp
x-served-by
cache-iad-kiad7000166-IAD
x-cache-hits
0
content-disposition
inline; filename="01hm7dgyt19fym5zjyhm.webp"
access-control-allow-headers
X-Requested-With
last-modified
Tue, 16 Jan 2024 00:01:10 GMT
cache-control
private, max-age=31560000
timing-allow-origin
*
x-timer
S1724263018.180115,VS0,VE51
via
1.1 af714cbe72276e767e61cd6e1fa5ed48.cloudfront.net (CloudFront), 1.1 varnish, 1.1 ed016821a44f073856f1ffba399e1728.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
990
x-amz-cf-pop
JFK50-P2
server
CloudFront
01hkzq3ze253pqe4g442.jpg
images2.minutemediacdn.com/image/upload/c_crop,w_5847,h_3288,x_0,y_208/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/GettyImages/mmsport/12up_en_international_web/
952 B
2 KB
Image
General
Full URL
https://images2.minutemediacdn.com/image/upload/c_crop,w_5847,h_3288,x_0,y_208/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/GettyImages/mmsport/12up_en_international_web/01hkzq3ze253pqe4g442.jpg
Requested by
Host: www.12up.com
URL: https://www.12up.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23ca:7200:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
b990e335530a1a5bc6fe095fb170a9809f379d0448c20204614e9ad7cde443f1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

etag
"49051738ee345b23dbab3128623811cd"
surrogate-reporting
width=16,height=9,bytes=952,owidth=5847,oheight=3898,obytes=12447370,ef=(1,13,17,23)
age
5015341
x-cache
Hit from cloudfront
x-amz-cf-id
YwBqTS7wfUqpmLfQSxYROcMUtNrLNEmlGmnyP5dLcqfIjr_Tpu8kXA==
date
Wed, 21 Aug 2024 17:56:58 GMT
content-type
image/webp
x-served-by
cache-lga21947-LGA
x-cache-hits
0
content-disposition
inline; filename="01hkzq3ze253pqe4g442.webp"
access-control-allow-headers
X-Requested-With
last-modified
Sun, 14 Jan 2024 15:05:15 GMT
cache-control
private, max-age=31560000
timing-allow-origin
*
x-timer
S1724263018.184877,VS0,VE70
via
1.1 33aa60037dccf2345c8ade9dffbf1192.cloudfront.net (CloudFront), 1.1 varnish, 1.1 ed016821a44f073856f1ffba399e1728.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
952
x-amz-cf-pop
JFK50-P2
server
CloudFront
01hkqgsecchpyrbjstss.jpg
images2.minutemediacdn.com/image/upload/c_crop,w_4378,h_2462,x_0,y_0/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/GettyImages/mmsport/12up_en_international_web/
372 B
1 KB
Image
General
Full URL
https://images2.minutemediacdn.com/image/upload/c_crop,w_4378,h_2462,x_0,y_0/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/GettyImages/mmsport/12up_en_international_web/01hkqgsecchpyrbjstss.jpg
Requested by
Host: www.12up.com
URL: https://www.12up.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23ca:7200:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
a2c699b8dad2cde8aa217c1a8f54492504bc0c2a9dbd091d4da1abe47710685e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

etag
"dc3697f94375b08a90d2cba0521b4c7a"
surrogate-reporting
width=16,height=9,bytes=372,owidth=4378,oheight=2919,obytes=2297508,ef=(1,13,17,23)
age
5015341
x-cache
Hit from cloudfront
x-amz-cf-id
O6Mq2FIC4StlyCD9Th9jPxnpPymI8Mmr5BWbCiLPrg3BN9MwpnBnwQ==
date
Wed, 21 Aug 2024 17:56:58 GMT
content-type
image/webp
x-served-by
cache-lga21948-LGA
x-cache-hits
0
content-disposition
inline; filename="01hkqgsecchpyrbjstss.webp"
access-control-allow-headers
X-Requested-With
last-modified
Sun, 14 Jan 2024 15:05:14 GMT
cache-control
private, max-age=31560000
timing-allow-origin
*
x-timer
S1724263018.184562,VS0,VE155
via
1.1 70b043d52df382dd62760368de89949e.cloudfront.net (CloudFront), 1.1 varnish, 1.1 ed016821a44f073856f1ffba399e1728.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
372
x-amz-cf-pop
JFK50-P2
server
CloudFront
01j9c8wjnpjx85wf6nqg.jpg
images2.minutemediacdn.com/image/upload/c_crop,w_4608,h_2592,x_0,y_82/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/GettyImages/mmsport/12up_en_international_web/
3 KB
4 KB
Image
General
Full URL
https://images2.minutemediacdn.com/image/upload/c_crop,w_4608,h_2592,x_0,y_82/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/GettyImages/mmsport/12up_en_international_web/01j9c8wjnpjx85wf6nqg.jpg
Requested by
Host: www.12up.com
URL: https://www.12up.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23ca:7200:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
b0cd4de1fcf441a55e51ccc5a02625de4a5b83fd474a04d038e50ab3906cbcd2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

etag
"65a876623d557a82a8fb9da29adf8397"
surrogate-reporting
width=16,height=9,bytes=3420,owidth=4608,oheight=3072,obytes=2481092,ef=(1,14,17,23)
age
618857
x-cache
Hit from cloudfront
x-amz-cf-id
fWTlnLZavCFLgO-oaMRVhOsSLEAsTv6REXyNdVP5oJ9vz9sODxwDXg==
date
Fri, 11 Oct 2024 15:11:42 GMT
content-type
image/webp
x-served-by
cache-iad-kiad7000048-IAD
x-cache-hits
0
content-disposition
inline; filename="01j9c8wjnpjx85wf6nqg.webp"
access-control-allow-headers
X-Requested-With
last-modified
Wed, 09 Oct 2024 01:09:08 GMT
cache-control
private, max-age=31560000
timing-allow-origin
*
x-timer
S1728659502.396200,VS0,VE95
x-orig-request-id
e0b3d4ce14718afdd5d5d6b4846e15b7
via
1.1 f8513f043bb0905bbc74a0542f2b9082.cloudfront.net (CloudFront), 1.1 varnish, 1.1 ed016821a44f073856f1ffba399e1728.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
3420
x-amz-cf-pop
JFK50-P2
server
CloudFront
01j889h15x8yeem8eyjp.jpg
images2.minutemediacdn.com/image/upload/c_crop,w_4955,h_2787,x_0,y_0/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/GettyImages/mmsport/12up_en_international_web/
3 KB
4 KB
Image
General
Full URL
https://images2.minutemediacdn.com/image/upload/c_crop,w_4955,h_2787,x_0,y_0/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/GettyImages/mmsport/12up_en_international_web/01j889h15x8yeem8eyjp.jpg
Requested by
Host: www.12up.com
URL: https://www.12up.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23ca:7200:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
6641befd5f63e978bd52db55063ff9535f3c2aac8df8b6b5cc19ccbfba1a7efd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

etag
"6c4d89432eb6f3bfe72e8f327a421ac8"
surrogate-reporting
width=16,height=9,bytes=3422,owidth=4955,oheight=3303,obytes=9177690,ef=(1,14,17,23)
age
1477541
x-cache
Hit from cloudfront
x-amz-cf-id
WmnwooNo_89ynA9QT97ISCqP1P1lf1oOJjT1Qi_iquYNKnEKoRYpOA==
date
Tue, 01 Oct 2024 16:40:18 GMT
content-type
image/webp
x-served-by
cache-lga21923-LGA
x-cache-hits
0
content-disposition
inline; filename="01j889h15x8yeem8eyjp.webp"
access-control-allow-headers
X-Requested-With
last-modified
Mon, 23 Sep 2024 20:11:52 GMT
cache-control
private, max-age=31560000
timing-allow-origin
*
x-timer
S1727800819.730974,VS0,VE166
x-orig-request-id
6578598e25fb94e24cf32658ededc84c
via
1.1 0682f7730795782bcea4e80a73e52dc0.cloudfront.net (CloudFront), 1.1 varnish, 1.1 ed016821a44f073856f1ffba399e1728.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
3422
x-amz-cf-pop
JFK50-P2
server
CloudFront
01j713fpnvstn30e6vmd.jpg
images2.minutemediacdn.com/image/upload/c_crop,w_6840,h_3847,x_0,y_0/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/GettyImages/mmsport/12up_en_international_web/
3 KB
4 KB
Image
General
Full URL
https://images2.minutemediacdn.com/image/upload/c_crop,w_6840,h_3847,x_0,y_0/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/GettyImages/mmsport/12up_en_international_web/01j713fpnvstn30e6vmd.jpg
Requested by
Host: www.12up.com
URL: https://www.12up.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23ca:7200:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
8570c24c068626bb6adec27a0dcc06c13fcd747fa78225c16f76166e868a0843

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

x-request-id
64190291d5c34da6a0624d2786df550e
etag
"4a0e7d5eb4a664eaccb08a0695796ccd"
surrogate-reporting
width=16,height=9,bytes=3422,owidth=6840,oheight=4560,obytes=4737686,ef=(1,14,17,23)
age
2830422
status
200 OK
x-cache
Hit from cloudfront
x-amz-cf-id
1q8uuUcWmJxi_McJaophwJeEGXbaq3IQuadtNvut0WLDO4gEfzC8SQ==
date
Mon, 16 Sep 2024 00:52:17 GMT
content-type
image/webp
content-disposition
inline; filename="01j713fpnvstn30e6vmd.webp"
x-served-by
cache-iad-kjyo7100082-IAD
last-modified
Mon, 16 Sep 2024 00:52:18 GMT
access-control-allow-headers
X-Requested-With
x-cache-hits
0
cache-control
private, max-age=31560000
timing-allow-origin
*
x-timer
S1726447935.468888,VS0,VE2319
via
1.1 46a0017ecef439253017ac2cc1624646.cloudfront.net (CloudFront), 1.1 varnish, 1.1 ed016821a44f073856f1ffba399e1728.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
3422
x-amz-cf-pop
JFK50-P2
server
CloudFront
01j65rpe89hmq27cjtjd.jpg
images2.minutemediacdn.com/image/upload/c_crop,w_6521,h_3668,x_0,y_0/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/GettyImages/mmsport/12up_en_international_web/
3 KB
4 KB
Image
General
Full URL
https://images2.minutemediacdn.com/image/upload/c_crop,w_6521,h_3668,x_0,y_0/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/GettyImages/mmsport/12up_en_international_web/01j65rpe89hmq27cjtjd.jpg
Requested by
Host: www.12up.com
URL: https://www.12up.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23ca:7200:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
6b366b7b90a12c3c82ff55e42e8a02a5267c7a8bf57a4a6812c81a88ed8aecca

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

etag
"15cb119309e7ce8e0a4bcab4a2b48223"
surrogate-reporting
width=16,height=9,bytes=3538,owidth=6521,oheight=4349,obytes=5076331,ef=(1,13,17,23)
age
3885643
x-cache
Hit from cloudfront
x-amz-cf-id
_zd-SvAMixSE8pK0XwYOJKq32x3lke5MMyuTP50TOZGMqokzTuDjDA==
date
Tue, 03 Sep 2024 19:45:16 GMT
content-type
image/webp
x-served-by
cache-iad-kiad7000056-IAD
x-cache-hits
0
content-disposition
inline; filename="01j65rpe89hmq27cjtjd.webp"
access-control-allow-headers
X-Requested-With
last-modified
Wed, 28 Aug 2024 04:25:18 GMT
cache-control
private, max-age=31560000
timing-allow-origin
*
x-timer
S1725392716.387109,VS0,VE126
x-orig-request-id
04fedc6e8f554fa02ffe8eaba6dc6f4d
via
1.1 e2cb9339c523d170f53dc64537b22e10.cloudfront.net (CloudFront), 1.1 varnish, 1.1 ed016821a44f073856f1ffba399e1728.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
3538
x-amz-cf-pop
JFK50-P2
server
CloudFront
01j1wrbvrrzktcpgt5vd.jpg
images2.minutemediacdn.com/image/upload/c_crop,w_3794,h_2134,x_0,y_0/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/GettyImages/mmsport/12up_en_international_web/
394 B
1 KB
Image
General
Full URL
https://images2.minutemediacdn.com/image/upload/c_crop,w_3794,h_2134,x_0,y_0/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/GettyImages/mmsport/12up_en_international_web/01j1wrbvrrzktcpgt5vd.jpg
Requested by
Host: www.12up.com
URL: https://www.12up.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23ca:7200:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
3941f58e8f999233c95dc58a0500eaad4aeb5006b0e7cda21bfee9f569342f38

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

etag
"4e5b3b03d13c42ec6bd19a9884d33121"
surrogate-reporting
width=16,height=9,bytes=394,owidth=3794,oheight=2529,obytes=7553878,ef=(1,13,17,23)
age
5015341
x-cache
Hit from cloudfront
x-amz-cf-id
P1VVWmPVA3pVk1u7gmTNC_09i5DUXoDltyR_xXeD_5v9R5vNV7wAWQ==
date
Wed, 21 Aug 2024 17:56:58 GMT
content-type
image/webp
x-served-by
cache-iad-kjyo7100035-IAD
x-cache-hits
0
content-disposition
inline; filename="01j1wrbvrrzktcpgt5vd.webp"
access-control-allow-headers
X-Requested-With
last-modified
Fri, 05 Jul 2024 22:27:08 GMT
cache-control
private, max-age=31560000
timing-allow-origin
*
x-timer
S1724263018.333901,VS0,VE60
x-orig-request-id
b5b20632be38d25cba4bd22452703467
via
1.1 49f322be3af49b998559c8c7dffadf10.cloudfront.net (CloudFront), 1.1 varnish, 1.1 ed016821a44f073856f1ffba399e1728.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
394
x-amz-cf-pop
JFK50-P2
server
CloudFront
01hzqcf58f237q6vdh3s.jpg
images2.minutemediacdn.com/image/upload/c_crop,w_3600,h_2025,x_0,y_96/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/GettyImages/mmsport/12up_en_international_web/
378 B
1 KB
Image
General
Full URL
https://images2.minutemediacdn.com/image/upload/c_crop,w_3600,h_2025,x_0,y_96/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/GettyImages/mmsport/12up_en_international_web/01hzqcf58f237q6vdh3s.jpg
Requested by
Host: www.12up.com
URL: https://www.12up.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23ca:7200:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
a82d87f8daf32c8ed879ffacb97ad32adbd563e9f63356c8a62f5ccc29ad33a3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

etag
"ce55a39e84b115cfa08c1c56393712d2"
surrogate-reporting
width=16,height=9,bytes=378,owidth=3600,oheight=2400,obytes=5409899,ef=(1,13,17,23)
age
5015341
x-cache
Hit from cloudfront
x-amz-cf-id
Fa7d_9kNHFraMDbcpaAysIuRCoeeR0Sz2rNFL8KiX_5XdhJYfiByAg==
date
Wed, 21 Aug 2024 17:56:58 GMT
content-type
image/webp
x-served-by
cache-iad-kiad7000123-IAD
x-cache-hits
0
content-disposition
inline; filename="01hzqcf58f237q6vdh3s.webp"
access-control-allow-headers
X-Requested-With
last-modified
Tue, 11 Jun 2024 03:55:15 GMT
cache-control
private, max-age=31560000
timing-allow-origin
*
x-timer
S1724263018.184025,VS0,VE100
via
1.1 b63906e2da6fa6b0ef48be29690d7a98.cloudfront.net (CloudFront), 1.1 varnish, 1.1 ed016821a44f073856f1ffba399e1728.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
378
x-amz-cf-pop
JFK50-P2
server
CloudFront
01hz7tzfdpfq9bhttmh0.jpg
images2.minutemediacdn.com/image/upload/c_crop,w_5055,h_2843,x_0,y_0/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/GettyImages/mmsport/12up_en_international_web/
954 B
2 KB
Image
General
Full URL
https://images2.minutemediacdn.com/image/upload/c_crop,w_5055,h_2843,x_0,y_0/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/GettyImages/mmsport/12up_en_international_web/01hz7tzfdpfq9bhttmh0.jpg
Requested by
Host: www.12up.com
URL: https://www.12up.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23ca:7200:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
638f7ab715bb0b6ab0a41612423fe0bf7dedc65ba83ded228b76f8187dfaa02b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

etag
"fee929d796766dc1dc1c830e2b6acba5"
surrogate-reporting
width=16,height=9,bytes=954,owidth=5055,oheight=3370,obytes=2711497,ef=(1,13,17,23)
age
5015341
x-cache
Hit from cloudfront
x-amz-cf-id
z5UQeQ50vF2RhSR3W3VoG3NqOT7Jr5tfoZHjcrsBCqdZsP_OaNLABg==
date
Wed, 21 Aug 2024 17:56:58 GMT
content-type
image/webp
x-served-by
cache-iad-kiad7000176-IAD
x-cache-hits
0
content-disposition
inline; filename="01hz7tzfdpfq9bhttmh0.webp"
access-control-allow-headers
X-Requested-With
last-modified
Mon, 10 Jun 2024 18:58:49 GMT
cache-control
private, max-age=31560000
timing-allow-origin
*
x-timer
S1724263018.189360,VS0,VE106
via
1.1 8a5a55219dfdbca831a0a40e05aaa842.cloudfront.net (CloudFront), 1.1 varnish, 1.1 ed016821a44f073856f1ffba399e1728.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
954
x-amz-cf-pop
JFK50-P2
server
CloudFront
01hyzwkc9yd1j372fz12.jpg
images2.minutemediacdn.com/image/upload/c_crop,w_7825,h_4401,x_0,y_0/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/GettyImages/mmsport/12up_en_international_web/
912 B
2 KB
Image
General
Full URL
https://images2.minutemediacdn.com/image/upload/c_crop,w_7825,h_4401,x_0,y_0/c_fill,w_16,ar_16:9,f_auto,q_auto,g_auto/images/GettyImages/mmsport/12up_en_international_web/01hyzwkc9yd1j372fz12.jpg
Requested by
Host: www.12up.com
URL: https://www.12up.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23ca:7200:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
f243c381950fc23d9e7c6ffbbece434c0aaf034f9dc657daaf66039f5b4a13b5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

etag
"c0089d632f570e8530d8fa6695177786"
surrogate-reporting
width=16,height=9,bytes=912,owidth=7825,oheight=5217,obytes=7553476,ef=(1,13,17,23)
age
5015341
x-cache
Hit from cloudfront
x-amz-cf-id
GuFvqSM5YFq8nUhpKmRaLgPKa_iaSR_Wjl52OdE4Z_dYktIORW7pcQ==
date
Wed, 21 Aug 2024 17:56:58 GMT
content-type
image/webp
x-served-by
cache-lga21932-LGA
x-cache-hits
0
content-disposition
inline; filename="01hyzwkc9yd1j372fz12.webp"
access-control-allow-headers
X-Requested-With
last-modified
Wed, 05 Jun 2024 16:18:30 GMT
cache-control
private, max-age=31560000
timing-allow-origin
*
x-timer
S1724263018.190593,VS0,VE133
via
1.1 b63906e2da6fa6b0ef48be29690d7a98.cloudfront.net (CloudFront), 1.1 varnish, 1.1 ed016821a44f073856f1ffba399e1728.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
912
x-amz-cf-pop
JFK50-P2
server
CloudFront
images%2FGettyImages%2Fmmsport%2F12up_en_international_web%2F01j975hx851bjn6hv6eh.jpg
images2.minutemediacdn.com/image/upload/c_crop,w_4676,h_2630,x_0,y_0/c_fill,w_360,ar_16:9,f_auto,q_auto,g_auto/
11 KB
11 KB
Image
General
Full URL
https://images2.minutemediacdn.com/image/upload/c_crop,w_4676,h_2630,x_0,y_0/c_fill,w_360,ar_16:9,f_auto,q_auto,g_auto/images%2FGettyImages%2Fmmsport%2F12up_en_international_web%2F01j975hx851bjn6hv6eh.jpg
Requested by
Host: www.12up.com
URL: https://www.12up.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23ca:7200:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
d15fd404241f93920bfa1548ad3aefdfb119acd347d6679ed5825276a1af33ee

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

etag
"2de5672476be9eb10949ff72dda0370e"
surrogate-reporting
width=360,height=203,bytes=11002,owidth=4676,oheight=3117,obytes=2499883,ef=(1,14,17,23)
age
615974
x-cache
Hit from cloudfront
x-amz-cf-id
2kvDvPbl382H4qtDHUwPWGdsiJ4v8SuGbQRTOun04FvZ2OoQivnDbQ==
date
Fri, 11 Oct 2024 15:59:45 GMT
content-type
image/webp
x-served-by
cache-iad-kiad7000054-IAD
x-cache-hits
0
content-disposition
inline; filename="01j975hx851bjn6hv6eh.webp"
access-control-allow-headers
X-Requested-With
last-modified
Wed, 02 Oct 2024 18:05:48 GMT
cache-control
private, max-age=31560000
timing-allow-origin
*
x-timer
S1728662385.983418,VS0,VE50
x-orig-request-id
428aaa31b8dc9eeb6b8d7dca99e06927
via
1.1 b30e8d5c8b76c102ed260379b18e1d52.cloudfront.net (CloudFront), 1.1 varnish, 1.1 ed016821a44f073856f1ffba399e1728.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
11002
x-amz-cf-pop
JFK50-P2
server
CloudFront
images%2FGettyImages%2Fmmsport%2F12up_en_international_web%2F01j9m3h9ysq14rfwctea.jpg
images2.minutemediacdn.com/image/upload/c_crop,w_5463,h_3072,x_0,y_0/c_fill,w_360,ar_16:9,f_auto,q_auto,g_auto/
15 KB
15 KB
Image
General
Full URL
https://images2.minutemediacdn.com/image/upload/c_crop,w_5463,h_3072,x_0,y_0/c_fill,w_360,ar_16:9,f_auto,q_auto,g_auto/images%2FGettyImages%2Fmmsport%2F12up_en_international_web%2F01j9m3h9ysq14rfwctea.jpg
Requested by
Host: www.12up.com
URL: https://www.12up.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23ca:7200:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
276634df2494ff8b95a18c3496e2ee12d0c247a4680e8872edd29ad56c648526

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

x-request-id
a0ce25476917e0dad59aefefa4491c90
etag
"cac80efc54d70a387f2efeee1b06976f"
surrogate-reporting
width=360,height=203,bytes=15086,owidth=5463,oheight=3642,obytes=3745560,ef=(1,14,17,23)
age
264843
status
200 OK
x-cache
Hit from cloudfront
x-amz-cf-id
erg3jIJ2qPrNgXW_WsTKOWtVlh4GKT0M1IbG8i2axdgFVfFV1SB4Dw==
date
Tue, 15 Oct 2024 17:31:55 GMT
content-type
image/webp
content-disposition
inline; filename="01j9m3h9ysq14rfwctea.webp"
x-served-by
cache-lga21941-LGA
last-modified
Mon, 07 Oct 2024 18:28:22 GMT
access-control-allow-headers
X-Requested-With
x-cache-hits
1
cache-control
private, max-age=31560000
timing-allow-origin
*
x-timer
S1729013516.972503,VS0,VE1
via
1.1 7f9c24c13cc1a16d2c6ea3097e4958fa.cloudfront.net (CloudFront), 1.1 varnish, 1.1 ed016821a44f073856f1ffba399e1728.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
15086
x-amz-cf-pop
JFK50-P2
server
CloudFront
images%2FGettyImages%2Fmmsport%2F12up_en_international_web%2F01j9pr3q06rnrdffsy14.jpg
images2.minutemediacdn.com/image/upload/c_crop,w_6515,h_3664,x_0,y_43/c_fill,w_360,ar_16:9,f_auto,q_auto,g_auto/
12 KB
12 KB
Image
General
Full URL
https://images2.minutemediacdn.com/image/upload/c_crop,w_6515,h_3664,x_0,y_43/c_fill,w_360,ar_16:9,f_auto,q_auto,g_auto/images%2FGettyImages%2Fmmsport%2F12up_en_international_web%2F01j9pr3q06rnrdffsy14.jpg
Requested by
Host: www.12up.com
URL: https://www.12up.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23ca:7200:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
783cdac7c78da290d95cb9df2bbc75504528d7f73d506c1f7af8aa795a839448

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

etag
"5cc1ce7ce345b95460e5f9ff42fe1a30"
surrogate-reporting
width=360,height=203,bytes=11788,owidth=6515,oheight=4345,obytes=4574411,ef=(1,14,17,23)
age
104628
x-cache
Hit from cloudfront
x-amz-cf-id
3n6TKSo89Yk5ASODPEBkQ0CsNY97ihX7VN0jFIWyPDWPzaMDbRvaYg==
date
Thu, 17 Oct 2024 14:02:11 GMT
content-type
image/webp
x-served-by
cache-lga21970-LGA
x-cache-hits
0
content-disposition
inline; filename="01j9pr3q06rnrdffsy14.webp"
access-control-allow-headers
X-Requested-With
last-modified
Tue, 08 Oct 2024 19:14:40 GMT
cache-control
private, max-age=31560000
timing-allow-origin
*
x-timer
S1729173731.145637,VS0,VE2
x-orig-request-id
a97d8534ff30c42a385fc0d866e877b7
via
1.1 7f211c0cbc2233e773b715bc4f4a435c.cloudfront.net (CloudFront), 1.1 varnish, 1.1 ed016821a44f073856f1ffba399e1728.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
11788
x-amz-cf-pop
JFK50-P2
server
CloudFront
images%2FGettyImages%2Fmmsport%2F12up_en_international_web%2F01j9rwcame2rca5ab888.jpg
images2.minutemediacdn.com/image/upload/c_crop,w_4457,h_2507,x_0,y_0/c_fill,w_360,ar_16:9,f_auto,q_auto,g_auto/
15 KB
16 KB
Image
General
Full URL
https://images2.minutemediacdn.com/image/upload/c_crop,w_4457,h_2507,x_0,y_0/c_fill,w_360,ar_16:9,f_auto,q_auto,g_auto/images%2FGettyImages%2Fmmsport%2F12up_en_international_web%2F01j9rwcame2rca5ab888.jpg
Requested by
Host: www.12up.com
URL: https://www.12up.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23ca:7200:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
69a04d963ab81b5e0664d7573c020eb76d19d3c9c99ac883b31407f913bccdbd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

etag
"fee825064d8ca125dd63c36405ef7462"
surrogate-reporting
width=360,height=203,bytes=15310,owidth=4457,oheight=3000,obytes=2865372,ef=(1,14,17,23)
age
16287
x-cache
Hit from cloudfront
x-amz-cf-id
9WrpfAbsi56iCpCs1FMems0yvN6JWWneBT3pbZIhBOs6VRNuzW_eYw==
date
Fri, 18 Oct 2024 14:34:32 GMT
content-type
image/webp
x-served-by
cache-lga21960-LGA
x-cache-hits
0
content-disposition
inline; filename="01j9rwcame2rca5ab888.webp"
access-control-allow-headers
X-Requested-With
last-modified
Wed, 09 Oct 2024 15:06:54 GMT
cache-control
private, max-age=31560000
timing-allow-origin
*
x-timer
S1729262072.470519,VS0,VE2
x-orig-request-id
d7aeb1a4185c5694447e9daad1779504
via
1.1 534f7e815b25f5cd40ef32ea39fc9a8c.cloudfront.net (CloudFront), 1.1 varnish, 1.1 ed016821a44f073856f1ffba399e1728.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
15310
x-amz-cf-pop
JFK50-P2
server
CloudFront
widget.js
cdn.userway.org/
2 KB
2 KB
Script
General
Full URL
https://cdn.userway.org/widget.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::54 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
19aae78d7beaecfaffbb36932e908f578d5a72432ba663accc95815a9f2cd21f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

access-control-max-age
3000
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
content-encoding
gzip
etag
W/"59cd386971c343740f4693f3c7ca2f77"
age
394
x-77-cache
HIT
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
x-amz-cf-id
beZl-73T3Yk9xCGRfKDn0C0T5RjamWmJivDflxsv5Cmml2vzAIHHlQ==
date
Fri, 18 Oct 2024 19:05:59 GMT
content-type
application/javascript
last-modified
Tue, 08 Oct 2024 15:31:48 GMT
vary
Accept-Encoding
x-77-nzt-ray
f03d0613cfb757b597b11267b3775628
x-77-nzt
EgwBT3/O6QH3IQUAAAwBnJI76AG3xAIAAA
cache-control
max-age=3600, public
via
1.1 5fa457dda68a5020725d371f051783e6.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-77-pop
newyorkUSNY
x-77-age
1313
x-amz-cf-pop
JFK50-P7
server
CDN77-Turbo
x-amz-server-side-encryption
AES256
js
www.googletagmanager.com/gtag/
262 KB
92 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-QNYDBQ002V&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TCW5HW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2af998a09e715d8766b8ba01a9b32069d9b5794cf0c520d412f2e1930c5345aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 18 Oct 2024 19:05:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 19:05:59 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
94182
x-xss-protection
0
server
Google Tag Manager
fbevents.js
connect.facebook.net/en_US/
227 KB
58 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.12up.com
URL: https://www.12up.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-lga3.fbcdn.net
Software
/
Resource Hash
f4cfd4a5b95dfb31c47cd567d9719fc12a0453f6ff27e2872147a9740e4b9e56
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 19:05:59 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=130, rtx=0, c=24, mss=1232, tbw=8191, tp=13, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
nD9h79zuAABhag6aOXmJFlXldO+o8XkPv9XH9Tyq2rjnLTjn/hZ6sDIxxj6boJZfei9FaDy+UtEe0J3d5YcbZQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
59352
x-xss-protection
0
origin-agent-cluster
?1
124578X1601916.skimlinks.js
s.skimresources.com/js/
61 KB
22 KB
Script
General
Full URL
https://s.skimresources.com/js/124578X1601916.skimlinks.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Skimlinks V9.0 /
Resource Hash
82eb7a6137dc9f08032d69704dca80785b661b17bce5f2e335a40db19ca391ed

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

cache-control
public, max-age=3600
content-encoding
gzip
x-amz-version-id
_wsPppKLkgr2LTsRvuCrcbiSfDocBPgM
etag
"7de8bd464e15bfa363c7e0a55f9fe483"
accept-ranges
bytes
x-cache
MISS
p3p
policyref="https://s.skimresources.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
22270
date
Fri, 18 Oct 2024 19:05:59 GMT
content-type
text/javascript
x-served-by
cache-lax-kwhp1940123-LAX
server
Skimlinks V9.0
x-cache-hits
0
vary
Accept-Encoding
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.12up.com%2F&domain=www.12up.com&cw=1&lsw=1&us_privacy=1YNN&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a00b::12 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.12up.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.12up.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 18 Oct 2024 19:05:58 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
198000
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.12up.com%2F&domain=www.12up.com&cw=1&lsw=1&us_privacy=1YNN&gdpr=0
  • https://mug.criteo.com/sid?cpp=jAI8eXxkeEMzVVpTRTFHNUpIdDd2cU9SdUUvQjFoNUN0TldqSXFDMlBCSEVWYU15Yjk5ZVcremZOVGw0NVNOenZxMEVqMmlDUDh2RzM1amYrTTBsczhPZWtLUjd2RjBrMlR1cTJBQTlGTzdPWEJsa1JvemRSalN1MmN1Yl...
370 B
929 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=jAI8eXxkeEMzVVpTRTFHNUpIdDd2cU9SdUUvQjFoNUN0TldqSXFDMlBCSEVWYU15Yjk5ZVcremZOVGw0NVNOenZxMEVqMmlDUDh2RzM1amYrTTBsczhPZWtLUjd2RjBrMlR1cTJBQTlGTzdPWEJsa1JvemRSalN1MmN1YlMxMUlFZGk2MHNhZm5oTUp4WXFJVEludlhCdTdFQVJmRHNQYkFhMVhwS1RqY1Irc2h4bmpzUzE4MU0wM0tLeGJzWlhydzJGY0xhcytVUWVaMkhRVG9YL1RQSjUvRTJzQWdwbEkwOHMrZ2xjSUZIMHdTSEJHN3JTRFZUOVkxYzV2SXMyTG15amdEZ1NRU1ZuVU82UXJhYklrZDgvaU82UT09fA&cppv=2
Requested by
Host: www.12up.com
URL: https://www.12up.com/
Protocol
H2
Server
74.119.117.17 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e42d59449e68b571d4ef54deab04b0b283ef38e4b1b5be91d3bf5f661e1f716
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
462198
expires
0
access-control-allow-origin
null
date
Fri, 18 Oct 2024 19:05:59 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
Kestrel

Redirect headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache, no-store, must-revalidate
location
https://mug.criteo.com/sid?cpp=jAI8eXxkeEMzVVpTRTFHNUpIdDd2cU9SdUUvQjFoNUN0TldqSXFDMlBCSEVWYU15Yjk5ZVcremZOVGw0NVNOenZxMEVqMmlDUDh2RzM1amYrTTBsczhPZWtLUjd2RjBrMlR1cTJBQTlGTzdPWEJsa1JvemRSalN1MmN1YlMxMUlFZGk2MHNhZm5oTUp4WXFJVEludlhCdTdFQVJmRHNQYkFhMVhwS1RqY1Irc2h4bmpzUzE4MU0wM0tLeGJzWlhydzJGY0xhcytVUWVaMkhRVG9YL1RQSjUvRTJzQWdwbEkwOHMrZ2xjSUZIMHdTSEJHN3JTRFZUOVkxYzV2SXMyTG15amdEZ1NRU1ZuVU82UXJhYklrZDgvaU82UT09fA&cppv=2
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
279275
expires
0
access-control-allow-origin
https://www.12up.com
content-length
0
date
Fri, 18 Oct 2024 19:05:59 GMT
server
Kestrel
prebid
id5-sync.com/api/config/
195 B
662 B
Fetch
General
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/prebid8.52.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.120 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203256.ip-141-95-33.eu
Software
/
Resource Hash
3520ab6871aac9ce5c67a2f3f8e9b5a312f76a79130e52c387a10c5c56b0cbbb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.12up.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://www.12up.com
p3p
CP="CAO PSA OUR"
date
Fri, 18 Oct 2024 19:05:59 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-credentials
true
ui-cpra.b2a3c17a678ea7062d171089b67919517c588d58.js
sdk.privacy-center.org/sdk/b2a3c17a678ea7062d171089b67919517c588d58/modern/
164 KB
37 KB
Script
General
Full URL
https://sdk.privacy-center.org/sdk/b2a3c17a678ea7062d171089b67919517c588d58/modern/ui-cpra.b2a3c17a678ea7062d171089b67919517c588d58.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.164.96.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-40.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bf21b39e6f44f41ef2844c94b4fe36999b0a19f430fbbc37676a8508c478e80c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

vary
Accept-Encoding
cache-control
public, max-age=31536000
content-encoding
br
etag
W/"f770bece06ca464c0c2fabc6e8cb1ef8-1"
age
295255
via
1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
WV5gdWIZhCF4IagABBT1TGFqpfP_OVoHzEFl9YYTqOWlcaqIqu-MMQ==
date
Tue, 15 Oct 2024 09:05:05 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 15 Oct 2024 09:01:05 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P5
x-amz-server-side-encryption
AES256
bid
aax.amazon-adsystem.com/e/dtb/
64 B
414 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3777&u=https%3A%2F%2Fwww.12up.com%2F&pid=MSJu3JPz4VvZr&cb=0&ws=1600x1200&v=24.819.1704&t=2500&slots=%5B%7B%22sd%22%3A%22175840252%2F12up%2F12up%28dot%29com%2Fsidebar1____no-slot____7_p1_1_a9%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22175840252%2F12up%2F12up.com%2Fsidebar1%22%7D%2C%7B%22sd%22%3A%22175840252%2F12up%2F12up%28dot%29com%2Fsidebar1____no-slot____8_p1_1_a9%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22175840252%2F12up%2F12up.com%2Fsidebar1%22%7D%2C%7B%22sd%22%3A%22175840252%2F12up%2F12up%28dot%29com%2Fsidebar2____no-slot____9_p1_1_a9%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22175840252%2F12up%2F12up.com%2Fsidebar2%22%7D%2C%7B%22sd%22%3A%22175840252%2F12up%2F12up%28dot%29com%2Fsidebar2____no-slot____10_p1_1_a9%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22175840252%2F12up%2F12up.com%2Fsidebar2%22%7D%2C%7B%22sd%22%3A%22175840252%2F12up%2F12up%28dot%29com%2Ftop_d____no-slot____11_p1_1_a9%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%5D%2C%22sn%22%3A%22175840252%2F12up%2F12up.com%2Ftop_d%22%7D%2C%7B%22sd%22%3A%22175840252%2F12up%2F12up%28dot%29com%2Ftop_d____no-slot____12_p1_1_a9%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%5D%2C%22sn%22%3A%22175840252%2F12up%2F12up.com%2Ftop_d%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&sm=4264e5e5-2eb5-400f-bf7c-62c1c0f1ab37&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D&_c=1
Requested by
Host: c.aps.amazon-adsystem.com
URL: https://c.aps.amazon-adsystem.com/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.108.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-108-113.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
via
1.1 c123eaeab0338ee38c9f9a5fe5647218.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.12up.com
x-cache
Miss from cloudfront
content-length
84
x-amz-cf-id
HXqT3ZgB2tTRKCPvgMF9aL0UL9ox3Eg-WyW40o5DJBo5tQgyOw5ULg==
date
Fri, 18 Oct 2024 19:05:59 GMT
content-type
text/javascript;charset=UTF-8
x-amz-cf-pop
JFK50-P6
server
Server
launchpad-liveramp.js
launchpad-wrapper.privacymanager.io/39474863-a748-40f1-9018-27d1ee3c474c/
12 KB
3 KB
Script
General
Full URL
https://launchpad-wrapper.privacymanager.io/39474863-a748-40f1-9018-27d1ee3c474c/launchpad-liveramp.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-23.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1864c515cb8d27edeeb06d1c47b0eac409d3611d6d979efb9e38c66c2484e01a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

content-encoding
gzip
x-amz-version-id
6IIMIgDAOpo3GDT6YNylrbTHNZvzX7pI
etag
W/"8889243b46347876dc5fb4ad3d75e93b"
age
40325
x-cache
Hit from cloudfront
x-amz-cf-id
pctZx1o-HeQ00pdpXvDd0ktB8tvf_pvUpfm5oQU1AO-y9VhnfMewjw==
date
Fri, 18 Oct 2024 07:53:55 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Mon, 01 Jul 2024 14:04:14 GMT
content-disposition
attachment; filename="launchpad-liveramp.js"
x-amz-replication-status
COMPLETED
via
1.1 7c10de2006b7b1d4ae37bbcf905eecd6.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P8
server
AmazonS3
x-amz-server-side-encryption
AES256
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/
54 KB
17 KB
Script
General
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.203.179.38 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-179-38.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

cache-control
max-age=900
content-encoding
gzip
etag
"d734-5f2f3919e751f-gzip"
expires
Fri, 18 Oct 2024 19:20:59 GMT
accept-ranges
bytes
content-length
17407
date
Fri, 18 Oct 2024 19:05:59 GMT
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
content-type
application/javascript
server
Apache
vary
Accept-Encoding
sync.min.js
tags.crwdcntrl.net/lt/c/16576/
43 KB
13 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-124.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5fd7fc4b8be9c2eeb3efb728f0483d444e4a8db80f0597e4ef7950105638bb08

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

vary
Accept-Encoding
cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"ad78eaf46246cac6849005eb8b50ae6f"
age
37853
via
1.1 3155a44b32f22cf1d72a9a7b7439a6e2.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
S1B9uL-BiZEg9peyFExqUYDiT5TyYnrUUlCWzIOTowk755oiqDgrcw==
date
Fri, 18 Oct 2024 08:35:07 GMT
content-type
text/javascript
last-modified
Tue, 20 Aug 2024 18:47:23 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
x-amz-server-side-encryption
AES256
hadron.js
cdn.hadronid.net/
56 KB
12 KB
Script
General
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.12up.com%2F&ref=&_it=amazon&partner_id=454
Requested by
Host: www.12up.com
URL: https://www.12up.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:35ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

cache-control
public, max-age=432000
content-encoding
br
cf-bgj
minify
etag
W/"1e77f38a1df1490d4175e3c4878bd150"
age
16
cf-cache-status
HIT
x-amz-request-id
4GNMNHQXA94JVW78
expires
Wed, 23 Oct 2024 19:05:59 GMT
cf-ray
8d4acd93cbdb7d80-LAX
date
Fri, 18 Oct 2024 19:05:59 GMT
content-type
application/javascript
last-modified
Tue, 04 Jun 2024 15:30:02 GMT
vary
Accept-Encoding
server
cloudflare
x-amz-id-2
FNS8Lc8R9Qji432eQyZbGDDgvyWHvIXmOzDykwh9qe1J2fX8u6aO0aANuFN3vxu6aVi9rB6lRRQ=
launcher-stub.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/
14 KB
5 KB
Script
General
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.203.179.38 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-179-38.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

cache-control
max-age=900
content-encoding
gzip
etag
"38c0-5e92054540ea5-gzip"
expires
Fri, 18 Oct 2024 19:20:59 GMT
accept-ranges
bytes
content-length
5252
date
Fri, 18 Oct 2024 19:05:59 GMT
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
content-type
application/javascript
server
Apache
vary
Accept-Encoding
collect
www.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-QNYDBQ002V&gtm=45je4ah0v887183436z872382166za200zb72382166&_p=1729278358243&gcd=13l3l3l3l1l1&npa=0&dma=0&tcfd=10000&tag_exp=101686685&cid=348420887.1729278360&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&dl=https%3A%2F%2Fwww.12up.com%2F&dt=24%2F7%20Sports%20News%2C%20Opinions%20and%20Videos&dr=&sid=1729278359&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1&ep.sample_rate=100&ep.page_language=en&ep.page_type=HomePage&ep.distribution_channels=none%2C&ep.anonimized=false&ep.traffic_source_to_dfp=Direct&ep.traffic_id_to_dfp=&ep.affiliate_id_hit=&ep.is_article_infinite_scroll_page=false&epn.number_of_article_on_page=1&ep.player_ownership=O%26O&ep.experiment_version_hit=&ep.maxmind_geo_detected_hit=US&epn.unique_event_id_hit=10&ep.post_fs_site_id=12up_en_international_web&ep.post_vertical=unknown&ep.anonymizeIp=true&ep.cookieFlags=samesite%3Dnone%3Bsecure&ep.platform=desktop&ep.article_template=none&ep.is_slideshow=false&ep.finite_scroll_data_exists=false&ep.mm_user_identifier=XX8tL2Z5XfK1nOJg&ep.userid_hit=XX8tL2Z5XfK1nOJg&ep.GTM_event_trigger=GTM%20data%20ready%20to%20GA&ep.property=12up_en_international_web&ep.mmSessionID=Xx6byffcrphuI4DK&ep.mmUserID=XX8tL2Z5XfK1nOJg&ep.custom_timestamp=2024-10-18T19%3A05%3A59.436Z&ep.state=none&ep.GTM_container_name=Minute%20Media&up.affiliate_id_user=&up.experiment_version_user=&up.property=12up.com&up.mmUserID=XX8tL2Z5XfK1nOJg&up.geo_detected_user=US&tfd=3723
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QNYDBQ002V&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.12up.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 19:06:00 GMT
content-type
text/plain
server
Golfe2
hadron.json
id.hadron.ad.gt/v1/
118 B
298 B
XHR
General
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=454&sync=0&domain=www.12up.com&url=https://www.12up.com/
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.12up.com%2F&ref=&_it=amazon&partner_id=454
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b29a15fb002504a605694c95d51fdd0fc45a10bbc0218a507e60a51657adef29

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://www.12up.com/

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
debug
NON-OPTIONS
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-credentials
true
cf-ray
8d4acd95f84e0fe7-LAX
access-control-allow-origin
*
date
Fri, 18 Oct 2024 19:06:00 GMT
content-type
application/json
server
cloudflare
access-control-allow-headers
authorization,content-type
hadron.json
id.hadron.ad.gt/v1/ Frame
0
0
Preflight
General
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=454&sync=0&domain=www.12up.com&url=https://www.12up.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.12up.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cf-cache-status
DYNAMIC
cf-ray
8d4acd956fb90fe7-LAX
content-length
0
content-type
application/json
date
Fri, 18 Oct 2024 19:05:59 GMT
debug
OPTIONS block
server
cloudflare
739763452834773
connect.facebook.net/signals/config/
68 KB
13 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/739763452834773?v=2.9.172&r=stable&domain=www.12up.com&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C28%2C82%2C87%2C47%2C46%2C86%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-lga3.fbcdn.net
Software
/
Resource Hash
d43f69b9bd57c2cb6ccf25144b75357de90eef762f802810dfaa80f9a5d10e59
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 19:05:59 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=130, rtx=0, c=77, mss=1232, tbw=71315, tp=69, tpl=0, uplat=79, ullat=0
pragma
public
x-fb-debug
z0Q+7I0HB3BDgCTQcjweqVWYWzVPq65ZdI9LbNXjIV5EwvYGuh6cqruxww4JuQcVXTgHzUonP7dc3doQFIDehg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
widget_app_base_1728401297040.js
cdn.userway.org/widgetapp/2024-10-08-15-28-17/
126 KB
39 KB
Script
General
Full URL
https://cdn.userway.org/widgetapp/2024-10-08-15-28-17/widget_app_base_1728401297040.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::54 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
fcbd22fcf355f8ca1b4eee520ca2541bb02fa8c77ccfe2d2795570b89a7fd134

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.12up.com
Referer
https://www.12up.com/

Response headers

access-control-max-age
3000
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
content-encoding
gzip
etag
W/"5afeaac7e2e18a97518efd0a8a1bb1fe"
age
393
x-77-cache
HIT
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
x-amz-cf-id
gfJ9zHOsXK_sODahSo-DqnClw7qSpGe9TrxI8RikHTwP1sWsPvPJDw==
date
Fri, 18 Oct 2024 19:06:00 GMT
content-type
application/javascript
last-modified
Tue, 08 Oct 2024 15:31:35 GMT
vary
Accept-Encoding
x-77-nzt-ray
f03d061307cbc3cc98b11267733cbf06
x-77-nzt
EgwBT3/O6QH3v3UEAAwBuTvfFAG3iekIAA
cache-control
max-age=25920000, public
via
1.1 cd1a98ac42a21b663c8fc8cd6f37232e.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-77-pop
newyorkUSNY
x-77-age
292287
x-amz-cf-pop
JFK50-P7
server
CDN77-Turbo
x-amz-server-side-encryption
AES256
launchpad.bundle.js
launchpad.privacymanager.io/latest/
156 KB
35 KB
Script
General
Full URL
https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Requested by
Host: launchpad-wrapper.privacymanager.io
URL: https://launchpad-wrapper.privacymanager.io/39474863-a748-40f1-9018-27d1ee3c474c/launchpad-liveramp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-85.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b2ac0a80c3037e36cc04e4ac63a9fd246542c3c2370504f571ebaeada10be9cc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

vary
Accept-Encoding
cache-control
must-revalidate,public,max-age=3600
content-encoding
gzip
x-amz-version-id
x7kWaBLwDEYA0mEqcxe9AkfgcFFlNf6z
etag
W/"21442f2b8d4d10d9b3feb114c12ad42a"
age
2616
via
1.1 7c55514b62254664b7255cfc5da6dc92.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
3fY_lr7ME47g95RAEFyByWfZb_66_zYIbmfHhIalWDbF9cyDxJkydw==
date
Fri, 18 Oct 2024 19:03:47 GMT
content-type
application/x-javascript
last-modified
Thu, 19 Sep 2024 12:12:59 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
x-amz-server-side-encryption
AES256
map
bcp.crwdcntrl.net/6/
156 B
612 B
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.229.119.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-119-146.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
8143adc8493aa5b324a245e633fb242a4632d14967c252f080b6215b33e14e9d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.12up.com/

Response headers

cache-control
no-cache
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://www.12up.com
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length
156
date
Fri, 18 Oct 2024 19:06:00 GMT
content-type
application/json;charset=utf-8
x-server
10.40.3.98
server
Jetty(9.4.38.v20210224)
robots.txt
t.skimresources.com/api/v2/ Frame 7DC3
0
123 B
Image
General
Full URL
https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.4800162151810283
Requested by
Host: www.12up.com
URL: https://www.12up.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

via
1.1 google
cache-control
private, no-store
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Fri, 18 Oct 2024 19:06:00 GMT
content-type
text/plain
server
nginx
px.gif
p.skimresources.com/
43 B
267 B
Image
General
Full URL
https://p.skimresources.com/px.gif?ch=1&rn=3.7482356636180665
Requested by
Host: www.12up.com
URL: https://www.12up.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
43
date
Fri, 18 Oct 2024 19:06:00 GMT
content-type
image/gif
server
Skimlinks Pixel 1.0
px.gif
p.skimresources.com/
43 B
93 B
Image
General
Full URL
https://p.skimresources.com/px.gif?ch=2&rn=3.7482356636180665
Requested by
Host: www.12up.com
URL: https://www.12up.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
43
date
Fri, 18 Oct 2024 19:06:00 GMT
content-type
image/gif
server
Skimlinks Pixel 1.0
/
r.skimresources.com/api/
176 B
380 B
XHR
General
Full URL
https://r.skimresources.com/api/
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/124578X1601916.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
101.59.190.35.bc.googleusercontent.com
Software
openresty/1.21.4.1 /
Resource Hash
a45d19ccddd46756c70371821d1a74b627fe0628021c8c9a851d821fbbe1f09c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
Referer
https://www.12up.com/

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
access-control-allow-credentials
true
x-content-type-options
nosniff
via
1.1 google
access-control-allow-origin
https://www.12up.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 19:06:00 GMT
content-type
application/json
vary
Accept-Encoding
server
openresty/1.21.4.1
prebid
ib.adnxs.com/ut/v3/
705 B
1 KB
Fetch
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/prebid8.52.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.164 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
f9ae744f373460644da5751ebd67442444c82d08e419c6e128e5025c3a0a0f07
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.12up.com/

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
162.245.206.246; 162.245.206.246; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
https://www.12up.com
an-x-request-uuid
c23d98a3-725c-403b-b25f-5ba7f8629b78
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Fri, 18 Oct 2024 19:06:00 GMT
x-xss-protection
0
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
nginx/1.23.4
v1
hb-api.omnitagjs.com/hb-api/prebid/
1 KB
1 KB
Fetch
General
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.12up.com%2F&PageUrl=https%3A%2F%2Fwww.12up.com%2F&PageReferrer=https%3A%2F%2Fwww.12up.com%2F&CanonicalUrl=https%3A%2F%2Fwww.12up.com%2F
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/prebid8.52.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
a15e071c7f0f3eea048c4da8bcf65f263c5a27cd2ec15b415d29ae6eb367bea7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.12up.com/

Response headers

access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
x-content-type-options
nosniff
expires
0
p3p
CP="CAO PSA OUR"
date
Fri, 18 Oct 2024 19:06:00 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
x-envoy-upstream-service-time
10
access-control-allow-credentials
true
access-control-allow-origin
https://www.12up.com
content-length
1068
server
ayl-lb-usa02
cdb
bidder.criteo.com/
0
219 B
Fetch
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.52.1&cb=65456838146&lsavail=0
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/prebid8.52.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a00b::30 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.12up.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
observe-browsing-topics
?1
access-control-allow-origin
https://www.12up.com
date
Fri, 18 Oct 2024 19:06:00 GMT
vary
Origin
server
Kestrel
/
www.facebook.com/tr/
0
270 B
Image
General
Full URL
https://www.facebook.com/tr/?id=739763452834773&ev=PageView&dl=https%3A%2F%2Fwww.12up.com%2F&rl=&if=false&ts=1729278360011&sw=1600&sh=1200&v=2.9.172&r=stable&ec=0&o=12318&fbp=fb.1.1729278360004.275128335197394111&ler=empty&cdl=API_unavailable&it=1729278359758&coo=false&rqm=GET
Requested by
Host: www.12up.com
URL: https://www.12up.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
GOOD; q=0.7, rtt=130, rtx=0, c=10, mss=1297, tbw=2970, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 18 Oct 2024 19:06:00 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
3 KB
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=739763452834773&ev=PageView&dl=https%3A%2F%2Fwww.12up.com%2F&rl=&if=false&ts=1729278360011&sw=1600&sh=1200&v=2.9.172&r=stable&ec=0&o=12318&fbp=fb.1.1729278360004.275128335197394111&ler=empty&cdl=API_unavailable&it=1729278359758&coo=false&rqm=FGET
Requested by
Host: www.12up.com
URL: https://www.12up.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7427194002223505707"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 18 Oct 2024 19:06:00 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
KjpeaDTVwnv/Lu9vjg8jFTRRDDzroRjlbEjd4qhh7WIAfG0CCHS09TLR1kFEAgN2N7MVwC2hEHHrOXMDwaGRKA==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7427194002223505707", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
GOOD; q=0.7, rtt=130, rtx=0, c=10, mss=1297, tbw=3284, tp=-1, tpl=-1, uplat=89, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
cross-origin-opener-policy-report-only
restrict-properties;report-to="coop_report"
x-xss-protection
0
origin-agent-cluster
?0
v1
lb.eu-1-id5-sync.com/lb/
45 B
284 B
Fetch
General
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/prebid8.52.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
815c6e7ae2d7690a4a286267010e7f5f9db08c536967b5954a84f16fede27b09
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://www.12up.com
date
Fri, 18 Oct 2024 19:05:59 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
launcher.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/
49 KB
17 KB
Script
General
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.203.179.38 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-179-38.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

cache-control
max-age=900
content-encoding
gzip
etag
"c4b6-5e920545406d3-gzip"
expires
Fri, 18 Oct 2024 19:21:00 GMT
accept-ranges
bytes
content-length
17042
date
Fri, 18 Oct 2024 19:06:00 GMT
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
content-type
application/javascript
server
Apache
vary
Accept-Encoding
454
a.ad.gt/api/v1/u/matches/
13 KB
4 KB
Script
General
Full URL
https://a.ad.gt/api/v1/u/matches/454?_it=amazon
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f347fcf1830964ef689cd561b92a8c3644507abe2731a00c40c3e4fdfbd5d1b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

cache-control
max-age=14400
content-encoding
gzip
cf-cache-status
HIT
age
285
cross-origin-resource-policy
cross-origin
cf-ray
8d4acd9779fa7ecb-LAX
date
Fri, 18 Oct 2024 19:06:00 GMT
content-type
application/javascript
last-modified
Fri, 18 Oct 2024 18:56:36 GMT
vary
Accept-Encoding
server
cloudflare
sid
mug.criteo.com/ Frame
0
0
Preflight
General
Full URL
https://mug.criteo.com/sid?cpp=jAI8eXxkeEMzVVpTRTFHNUpIdDd2cU9SdUUvQjFoNUN0TldqSXFDMlBCSEVWYU15Yjk5ZVcremZOVGw0NVNOenZxMEVqMmlDUDh2RzM1amYrTTBsczhPZWtLUjd2RjBrMlR1cTJBQTlGTzdPWEJsa1JvemRSalN1MmN1YlMxMUlFZGk2MHNhZm5oTUp4WXFJVEludlhCdTdFQVJmRHNQYkFhMVhwS1RqY1Irc2h4bmpzUzE4MU0wM0tLeGJzWlhydzJGY0xhcytVUWVaMkhRVG9YL1RQSjUvRTJzQWdwbEkwOHMrZ2xjSUZIMHdTSEJHN3JTRFZUOVkxYzV2SXMyTG15amdEZ1NRU1ZuVU82UXJhYklrZDgvaU82UT09fA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.117.17 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 18 Oct 2024 19:05:59 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
205908
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
/
r.skimresources.com/api/
176 B
205 B
XHR
General
Full URL
https://r.skimresources.com/api/
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/124578X1601916.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
101.59.190.35.bc.googleusercontent.com
Software
openresty/1.21.4.1 /
Resource Hash
a45d19ccddd46756c70371821d1a74b627fe0628021c8c9a851d821fbbe1f09c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
Referer
https://www.12up.com/

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
access-control-allow-credentials
true
x-content-type-options
nosniff
via
1.1 google
access-control-allow-origin
https://www.12up.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 19:06:00 GMT
content-type
application/json
vary
Accept-Encoding
server
openresty/1.21.4.1
launcher
proc.ad.cpe.dotomi.com/cvx/client/direct/
190 B
461 B
XHR
General
Full URL
https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=681
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:ae80:1451:20::1780 , United States, ASN25751 (VALUECLICK, US),
Reverse DNS
Software
nginx /
Resource Hash
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

cache-control
max-age=1800
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
access-control-allow-credentials
true
expires
Fri, 18 Oct 2024 19:36:00 GMT
access-control-allow-origin
https://www.12up.com
content-length
190
date
Fri, 18 Oct 2024 19:06:00 GMT
content-type
application/json
vary
Origin
server
nginx
454
p.ad.gt/api/v1/p/
55 KB
19 KB
Script
General
Full URL
https://p.ad.gt/api/v1/p/454
Requested by
Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/454?_it=amazon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b089cfcd4c5a86666fd5dff409063900fc5561279cd9210939540536ac859290

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

cache-control
max-age=14400
content-encoding
gzip
cf-cache-status
HIT
age
70
cf-ray
8d4acd991a182b55-LAX
date
Fri, 18 Oct 2024 19:06:00 GMT
content-type
application/javascript
last-modified
Fri, 18 Oct 2024 19:02:45 GMT
vary
Accept-Encoding
server
cloudflare
halo_match
ids.ad.gt/api/v1/
43 B
143 B
Image
General
Full URL
https://ids.ad.gt/api/v1/halo_match?id=AU1D-0100-001729278360-DM1T0PRL-WK97&halo_id=060ixe7ju6a65hicigj8bhbjf8jdl7a9lieuom2wi0e0ysuiuqw4gsgwo4wk02e60
Requested by
Host: www.12up.com
URL: https://www.12up.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.104.45 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-104-45.us-west-2.compute.amazonaws.com
Software
nginx/1.27.1 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

cache-control
no-cache
content-length
43
date
Fri, 18 Oct 2024 19:06:00 GMT
content-type
image/gif
server
nginx/1.27.1
ip_match
ids.ad.gt/api/v1/
0
192 B
Image
General
Full URL
https://ids.ad.gt/api/v1/ip_match?id=AU1D-0100-001729278360-DM1T0PRL-WK97
Requested by
Host: www.12up.com
URL: https://www.12up.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.104.45 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-104-45.us-west-2.compute.amazonaws.com
Software
nginx/1.27.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

content-length
0
date
Fri, 18 Oct 2024 19:06:00 GMT
content-type
text/html; charset=utf-8
server
nginx/1.27.1
match
ids.ad.gt/api/v1/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001729278360-DM1T0PRL-WK97&adnxs_id=$UID&gdpr=0
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001729278360-DM1T0PRL-WK97%26adnxs_id%3D%24UID%26gdpr%3D0
  • https://ids.ad.gt/api/v1/match?id=AU1D-0100-001729278360-DM1T0PRL-WK97&adnxs_id=6661636663103257195&gdpr=0
43 B
143 B
Image
General
Full URL
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001729278360-DM1T0PRL-WK97&adnxs_id=6661636663103257195&gdpr=0
Requested by
Host: www.12up.com
URL: https://www.12up.com/
Protocol
H2
Server
44.239.104.45 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-104-45.us-west-2.compute.amazonaws.com
Software
nginx/1.27.1 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

cache-control
no-cache
content-length
43
date
Fri, 18 Oct 2024 19:06:00 GMT
content-type
image/gif
server
nginx/1.27.1

Redirect headers

cache-control
no-store, no-cache, private
location
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001729278360-DM1T0PRL-WK97&adnxs_id=6661636663103257195&gdpr=0
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
162.245.206.246; 162.245.206.246; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
ead9b783-3b68-4513-bdc8-9d0662542a4d
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Fri, 18 Oct 2024 19:06:00 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.23.4
t_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001729278360-DM1T0PRL-WK97&gdpr=0
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001729278360-DM1T0PRL-WK97&gdpr=0
  • https://ids.ad.gt/api/v1/t_match?tdid=3ee03992-b92f-40fb-be85-11316988fb5d&id=AU1D-0100-001729278360-DM1T0PRL-WK97
43 B
143 B
Image
General
Full URL
https://ids.ad.gt/api/v1/t_match?tdid=3ee03992-b92f-40fb-be85-11316988fb5d&id=AU1D-0100-001729278360-DM1T0PRL-WK97
Requested by
Host: www.12up.com
URL: https://www.12up.com/
Protocol
H2
Server
44.239.104.45 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-104-45.us-west-2.compute.amazonaws.com
Software
nginx/1.27.1 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

cache-control
no-cache
content-length
43
date
Fri, 18 Oct 2024 19:06:00 GMT
content-type
image/gif
server
nginx/1.27.1

Redirect headers

location
https://ids.ad.gt/api/v1/t_match?tdid=3ee03992-b92f-40fb-be85-11316988fb5d&id=AU1D-0100-001729278360-DM1T0PRL-WK97
content-length
259
date
Fri, 18 Oct 2024 19:06:00 GMT
server
Kestrel
pbm_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001729278360-DM1T0PRL-WK97
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001729278360-DM1T0PRL-WK97
  • https://ids.ad.gt/api/v1/pbm_match?pbm=DF4C1C46-AA07-4F00-9C4E-A33A6E4442E7&id=AU1D-0100-001729278360-DM1T0PRL-WK97
43 B
143 B
Image
General
Full URL
https://ids.ad.gt/api/v1/pbm_match?pbm=DF4C1C46-AA07-4F00-9C4E-A33A6E4442E7&id=AU1D-0100-001729278360-DM1T0PRL-WK97
Requested by
Host: www.12up.com
URL: https://www.12up.com/
Protocol
H2
Server
44.239.104.45 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-104-45.us-west-2.compute.amazonaws.com
Software
nginx/1.27.1 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

cache-control
no-cache
content-length
43
date
Fri, 18 Oct 2024 19:06:00 GMT
content-type
image/gif
server
nginx/1.27.1

Redirect headers

cache-control
no-store, no-cache, private
location
https://ids.ad.gt/api/v1/pbm_match?pbm=DF4C1C46-AA07-4F00-9C4E-A33A6E4442E7&id=AU1D-0100-001729278360-DM1T0PRL-WK97
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Fri, 18 Oct 2024 19:05:59 GMT
server
nginx
token
token.rubiconproject.com/
0
1 KB
Image
General
Full URL
https://token.rubiconproject.com/token?pid=50242&puid=AU1D-0100-001729278360-DM1T0PRL-WK97&gdpr=0
Requested by
Host: www.12up.com
URL: https://www.12up.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.146.5 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
91c229169a155ea648dbc4d59ef8a3c5
Pragma
no-cache
tapad_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001729278360-DM1T0PRL-WK97&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001729278360...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001729278360-DM1T0PRL-WK97&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001729...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=cb34bcb3-c125-4be6-9642-b4e00a62730f%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fi...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=3ee03992-b92f-40fb-be85-11316988fb5d&ttd_puid=cb34bcb3-c125-4be6-9642-b4e00a62730f%2Chttps%253A%252F%252Fids.ad.gt%252Fap...
  • https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001729278360-DM1T0PRL-WK97&tapad_id=cb34bcb3-c125-4be6-9642-b4e00a62730f
43 B
143 B
Image
General
Full URL
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001729278360-DM1T0PRL-WK97&tapad_id=cb34bcb3-c125-4be6-9642-b4e00a62730f
Requested by
Host: www.12up.com
URL: https://www.12up.com/
Protocol
H2
Server
44.239.104.45 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-104-45.us-west-2.compute.amazonaws.com
Software
nginx/1.27.1 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

cache-control
no-cache
content-length
43
date
Fri, 18 Oct 2024 19:06:01 GMT
content-type
image/gif
server
nginx/1.27.1

Redirect headers

strict-transport-security
max-age=31536000
location
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001729278360-DM1T0PRL-WK97&tapad_id=cb34bcb3-c125-4be6-9642-b4e00a62730f
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length
0
date
Fri, 18 Oct 2024 19:06:00 GMT
server
Jetty(11.0.13)
g_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001729278360-DM1T0PRL-WK97
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=AU1D-0100-001729278360-DM1T0PRL-WK97&google_tc=
  • https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001729278360-DM1T0PRL-WK97&google_error=15
43 B
143 B
Image
General
Full URL
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001729278360-DM1T0PRL-WK97&google_error=15
Requested by
Host: www.12up.com
URL: https://www.12up.com/
Protocol
H2
Server
44.239.104.45 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-104-45.us-west-2.compute.amazonaws.com
Software
nginx/1.27.1 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

cache-control
no-cache
content-length
43
date
Fri, 18 Oct 2024 19:06:01 GMT
content-type
image/gif
server
nginx/1.27.1

Redirect headers

cache-control
no-cache, must-revalidate
location
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001729278360-DM1T0PRL-WK97&google_error=15
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
289
date
Fri, 18 Oct 2024 19:06:00 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001729278360-DM1T0PRL-WK97
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcyOTI3ODM2MC1ETTFUMFBSTC1XSzk3
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcyOTI3ODM2MC1ETTFUMFBSTC1XSzk3&google_tc=
170 B
243 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcyOTI3ODM2MC1ETTFUMFBSTC1XSzk3&google_tc=
Requested by
Host: www.12up.com
URL: https://www.12up.com/
Protocol
H2
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
date
Fri, 18 Oct 2024 19:06:00 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)

Redirect headers

cache-control
no-cache, must-revalidate
location
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcyOTI3ODM2MC1ETTFUMFBSTC1XSzk3&google_tc=
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
345
date
Fri, 18 Oct 2024 19:06:00 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
ebfa23da174faa55634171c5e49d0152.gif
sync.colossusssp.com/
0
202 B
Image
General
Full URL
https://sync.colossusssp.com/ebfa23da174faa55634171c5e49d0152.gif?puid=AU1D-0100-001729278360-DM1T0PRL-WK97&redir=http%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fcolossus%3Fcls_id%3D%5BUID%5D%26id%3DAU1D-0100-001729278360-DM1T0PRL-WK97
Requested by
Host: www.12up.com
URL: https://www.12up.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.240.155.108 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Date
Fri, 18 Oct 2024 19:06:00 GMT
Content-Type
text/plain
Server
nginx
Connection
keep-alive
0
sync.1rx.io/usersync/audigent/
0
99 B
Image
General
Full URL
https://sync.1rx.io/usersync/audigent/0?dspret=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001729278360-DM1T0PRL-WK97%26unruly_id%3D%5BRX_UUID%5D
Requested by
Host: www.12up.com
URL: https://www.12up.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.194.240.13 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

expires
0
cache-control
no-store, no-cache, must-revalidate
date
Fri, 18 Oct 2024 19:06:06 GMT
pragma
no-cache
ppnt_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562316&ev=1&rurl=https://ids.ad.gt/api/v1/ppnt_match?uid=%%VGUID%%&id=AU1D-0100-001729278360-DM1T0PRL-WK97
  • https://ids.ad.gt/api/v1/ppnt_match?uid=jwGGBDPmKfvY&ev=1&pid=562316&id=AU1D-0100-001729278360-DM1T0PRL-WK97
43 B
143 B
Image
General
Full URL
https://ids.ad.gt/api/v1/ppnt_match?uid=jwGGBDPmKfvY&ev=1&pid=562316&id=AU1D-0100-001729278360-DM1T0PRL-WK97
Requested by
Host: www.12up.com
URL: https://www.12up.com/
Protocol
H2
Server
44.239.104.45 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-104-45.us-west-2.compute.amazonaws.com
Software
nginx/1.27.1 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

cache-control
no-cache
content-length
43
date
Fri, 18 Oct 2024 19:06:01 GMT
content-type
image/gif
server
nginx/1.27.1

Redirect headers

cache-control
private, max-age=0, no-cache, no-store
location
https://ids.ad.gt/api/v1/ppnt_match?uid=jwGGBDPmKfvY&ev=1&pid=562316&id=AU1D-0100-001729278360-DM1T0PRL-WK97
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cw-server
bh-deployment-5bdc7dc56b-kf9jk
expires
-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
server
Jetty(10.0.14)
page
t.skimresources.com/api/v2/
22 B
348 B
XHR
General
Full URL
https://t.skimresources.com/api/v2/page
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/124578X1601916.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.11 aiohttp/3.8.6 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
text/plain
Referer
https://www.12up.com/

Response headers

cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
x-content-type-options
nosniff
via
1.1 google
access-control-allow-origin
https://www.12up.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22
date
Fri, 18 Oct 2024 19:06:00 GMT
content-type
text/plain; charset=utf-8, application/javascript
server
Python/3.11 aiohttp/3.8.6
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
p0xG3SZhEr
api.userway.org/api/tunings/
2 KB
2 KB
XHR
General
Full URL
https://api.userway.org/api/tunings/p0xG3SZhEr
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-10-08-15-28-17/widget_app_base_1728401297040.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f14:5db:eb22:5692:bcde:179:4a32 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
3db21afcae9e63b21aefe9806020b94b92fed43dfec55b50849caff7a138c1f9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.12up.com/

Response headers

access-control-max-age
3000
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
no-cache, no-store, must-revalidate
x-service-request-id
usr9b3605389efe489
etag
W/"6d1-0QZiGskjYRsnpI91RfMqI15hq98"
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin
*
content-length
1745
date
Fri, 18 Oct 2024 19:06:00 GMT
content-type
application/json; charset=utf-8
x-service-version
uw-pr
access-control-allow-headers
*
/
geo.privacymanager.io/
30 B
625 B
Fetch
General
Full URL
https://geo.privacymanager.io/
Requested by
Host: launchpad.privacymanager.io
URL: https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-61.ewr53.r.cloudfront.net
Software
/
Resource Hash
df790197e64683df0e6a96ff423dc23bd96010b5aa6bee119c148b70f6dc33ca

Request headers

Referer
https://www.12up.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/json

Response headers

x-amz-apigw-id
f2YFtFP6DoEEQ0w=
age
17474
x-amzn-trace-id
Root=1-67126d57-7472b8a404b2b3a53637c536;Parent=33fd197646cd501e;Sampled=0;Lineage=1:06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
x-amzn-requestid
f7d2c7f4-8036-4e25-84de-114eca4ded9c
via
1.1 1ffcb4016d0c1224c9505d74a866e6a8.cloudfront.net (CloudFront), 1.1 b8d8693cc4ac05b6a9cebe2651a2c8b8.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
30
x-amz-cf-id
TwkUKDHWojFoybQsIGcc9cKs2Ao1ba5CzEygko1eJ-mYi3vpUQhvWQ==
date
Fri, 18 Oct 2024 14:14:47 GMT
content-type
application/json
x-amz-cf-pop
IAD61-P2, EWR53-P1
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
/
geo.privacymanager.io/ Frame
0
0
Preflight
General
Full URL
https://geo.privacymanager.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-61.ewr53.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.12up.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Fri, 18 Oct 2024 19:06:00 GMT
via
1.1 0bc560bfbdf419589e7d5b642ae14678.cloudfront.net (CloudFront), 1.1 b8d8693cc4ac05b6a9cebe2651a2c8b8.cloudfront.net (CloudFront)
x-amz-apigw-id
f3Cv8En0joEEpZw=
x-amz-cf-id
Kfz0K4ywikfIu9w16xxqXMyPXTLCssVzLoi3g3-QNDddQ5s9KJFW-w==
x-amz-cf-pop
JFK50-P6 EWR53-P1
x-amzn-requestid
e946ca77-9a64-4dbe-82f1-a5326a333c68
x-cache
Miss from cloudfront
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/454
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

content-encoding
gzip
age
3596
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Fri, 18 Oct 2024 20:06:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 18:06:04 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
js
www.googletagmanager.com/gtag/
265 KB
93 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-FVWZ0RM4DH&l=audDataLayer
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.81.232 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
b7f0fc303cfb4498c6f2cf45a099fdd35bd7d53e7157a19c447311839e7cc35e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 18 Oct 2024 19:06:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 19:06:00 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
95053
x-xss-protection
0
server
Google Tag Manager
match
seg.ad.gt/api/v2/ Frame
0
0
Preflight
General
Full URL
https://seg.ad.gt/api/v2/match
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.12up.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
*
access-control-allow-origin
*
allow
POST
cf-cache-status
DYNAMIC
cf-ray
8d4acd9adec6dbe5-LAX
date
Fri, 18 Oct 2024 19:06:00 GMT
server
cloudflare
vary
origin, access-control-request-method, access-control-request-headers
collect
a.ad.gt/api/v1/
0
91 B
XHR
General
Full URL
https://a.ad.gt/api/v1/collect
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/454
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
text/plain
Referer
https://www.12up.com/

Response headers

cf-ray
8d4acd99cc417ecb-LAX
access-control-allow-origin
https://www.12up.com
cf-cache-status
DYNAMIC
date
Fri, 18 Oct 2024 19:06:00 GMT
vary
Origin
server
cloudflare
access-control-allow-credentials
true
getpixels
pixels.ad.gt/api/v1/
0
88 B
Script
General
Full URL
https://pixels.ad.gt/api/v1/getpixels?tagger_id=21c4220d63c4c248958ecb71e6658ba2&url=https%3A%2F%2Fwww.12up.com%2F&code=%27none%27
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

cf-ray
8d4acd9ae8ae7bf8-LAX
cf-cache-status
DYNAMIC
date
Fri, 18 Oct 2024 19:06:00 GMT
server
cloudflare
match
seg.ad.gt/api/v2/
2 KB
298 B
XHR
General
Full URL
https://seg.ad.gt/api/v2/match
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/454
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21219dc6148ff4a0ac627b0edbd14caec1e8d225b75d34d8dd9fd16654f155bb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/json
Referer
https://www.12up.com/

Response headers

access-control-expose-headers
*
content-encoding
br
cf-cache-status
DYNAMIC
cf-ray
8d4acd9b9fa4dbe5-LAX
access-control-allow-origin
*
date
Fri, 18 Oct 2024 19:06:00 GMT
content-type
application/json
vary
origin, access-control-request-method, access-control-request-headers, accept-encoding
server
cloudflare
segments
seg.ad.gt/api/v1/
16 B
134 B
XHR
General
Full URL
https://seg.ad.gt/api/v1/segments?url=https%253A%252F%252Fwww.12up.com%252F&partner_id=454&tagger_id=21c4220d63c4c248958ecb71e6658ba2&au_id=AU1D-0100-001729278360-DM1T0PRL-WK97
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/454
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33c70c297b1a729f965a6aca60b7b3bb7a3b06bd13efe07698516fa98ac8b9f9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8d4acd9adec3dbe5-LAX
access-control-allow-origin
https://www.12up.com
content-length
16
date
Fri, 18 Oct 2024 19:06:00 GMT
content-type
application/json
vary
Origin
server
cloudflare
topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 462A
0
0
Document
General
Full URL
https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.12up.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
354
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000, stale-while-revalidate=3600
content-encoding
br
content-length
29415
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Oct 2024 19:00:07 GMT
expires
Fri, 18 Oct 2024 19:50:07 GMT
last-modified
Mon, 14 Oct 2024 19:44:52 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/
732 B
902 B
Script
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
age
14987
x-content-type-options
nosniff
x-jsd-version-type
branch
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Fri, 18 Oct 2024 19:06:00 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-eddf8230042-FRA, cache-lax-kwhp1940053-LAX
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
439
x-jsd-version
master
publishertag.ids.js
static.criteo.net/js/ld/
42 KB
13 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a00b::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
1635d2075d3343c86490d2229c1fb868ad59d92958ef65e04cb65767c703e9f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
max-age=86400, public
timing-allow-origin
*
content-encoding
gzip
etag
W/"670e3454-a69c"
cross-origin-resource-policy
cross-origin
expires
Sat, 19 Oct 2024 19:06:01 GMT
access-control-allow-origin
*
date
Fri, 18 Oct 2024 19:06:01 GMT
content-type
text/javascript
last-modified
Tue, 15 Oct 2024 09:22:28 GMT
server
nginx
esp.js
oa.openxcdn.net/
24 KB
8 KB
Script
General
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

x-goog-metageneration
1
content-encoding
gzip
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
etag
"df5542b88bc0e368c6999754a5b9e2ba"
age
12762
x-goog-stored-content-encoding
gzip
expires
Sat, 18 Oct 2025 15:33:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
7927
date
Fri, 18 Oct 2024 15:33:19 GMT
last-modified
Thu, 27 May 2021 18:30:51 GMT
content-type
application/javascript
x-guploader-uploadid
AHmUCY0G_PswZEr73oTB0zhD-QGXZ1snDVJsSUuaz8HitP35x2_cOtlR5W6c2IxKn8x47xdYnbY
cache-control
no-transform
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
x-goog-generation
1622140251693895
content-length
7927
server
UploadServer
ob.js
cdn-ima.33across.com/
17 KB
7 KB
Script
General
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.89 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a2ab36c83d5d55e311fbf787dbc7de0a17b89eb0b30b1772f518a79db334001

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

cache-control
public, max-age=259200
content-encoding
gzip
cf-cache-status
HIT
etag
W/"66ce3644-43df"
age
162361
cf-ray
8d4acd9caf4c69a9-LAX
expires
Mon, 21 Oct 2024 19:06:01 GMT
date
Fri, 18 Oct 2024 19:06:01 GMT
content-type
application/javascript
last-modified
Tue, 27 Aug 2024 20:25:40 GMT
vary
Accept-Encoding
server
cloudflare
esp.js
cdn.id5-sync.com/api/1.0/
99 KB
29 KB
Script
General
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae33c40aa889646f2c2b3383d8be2cb2a29f4c84e27cc856536bf576dcd82f33
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

x-amz-id-2
p5Aw4Ngk/j8vbvvHiOBP40a6YuPoMx/diCjNdj5UAjXpU6DN1aJvz0kr606/3m5S4omx7j9Jc1k=
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=3600
content-encoding
br
cf-cache-status
HIT
etag
W/"851c43b3dfc1b13c6814012a69b7a390"
age
3316
x-amz-request-id
X5Q1HB9649X8SPBD
cf-ray
8d4acd9d4ad808dc-LAX
date
Fri, 18 Oct 2024 19:06:01 GMT
content-type
text/javascript;charset=utf-8
last-modified
Wed, 02 Oct 2024 12:26:13 GMT
vary
Accept-Encoding
server
cloudflare
x-amz-server-side-encryption
AES256
sync.min.js
tags.crwdcntrl.net/lt/c/16589/
43 KB
13 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-124.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
30b32e97f2e3e06deb742bf2e19daeb4f4657a956e836c2a25a7df2bc72f7500

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

vary
Accept-Encoding
cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"7db46e1255a018ecf02f47b2c19c26c4"
age
37854
via
1.1 3155a44b32f22cf1d72a9a7b7439a6e2.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
3D6JznZWQaxY_JAqXuxnZ_zgalLskdx7WnsVwZIepxyp2nve3I-8UQ==
date
Fri, 18 Oct 2024 08:35:07 GMT
content-type
text/javascript
last-modified
Tue, 20 Aug 2024 18:47:40 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
x-amz-server-side-encryption
AES256
uid2SecureSignal.js
cdn.prod.uidapi.com/
3 KB
4 KB
Script
General
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:5000:a:e047:754:afe1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1764e898369c24be8d7d1cbcb82079c27f3898fbc1883f388a5c1008dd30c9e8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

x-amz-version-id
0u1R0tyw.MUCZY63NwBE.7D35dRY5mh8
ETag
"0537d8d06dd9dfbe911ad6bf6504f4bf"
Age
46707
Connection
keep-alive
Via
1.1 00266a01055b9f1e1ad959f077c1d96a.cloudfront.net (CloudFront)
Accept-Ranges
bytes
X-Cache
Hit from cloudfront
Content-Length
3181
X-Amz-Cf-Id
j3TCl7R21QvkZJ58TBJf1HKQzDoymupEuBFBw91oyhjdhQ_DY3uEFg==
Date
Fri, 18 Oct 2024 06:07:35 GMT
Content-Type
text/javascript
Last-Modified
Wed, 31 Jul 2024 16:30:07 GMT
Server
AmazonS3
X-Amz-Cf-Pop
JFK50-P6
x-amz-server-side-encryption
AES256
ads
securepubads.g.doubleclick.net/gampad/
767 B
375 B
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=699439471406442&correlator=4087964400783146&eid=31079956%2C31083340%2C31088186%2C31088242&output=ldjh&gdfp_req=1&vrg=202410100101&ptt=17&impl=fifs&gdpr=0&us_privacy=1YNN&iu_parts=175840252%2C12up%2C12up.com%2Ctop_d&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=970x250%7C728x90&ifi=1&didk=1828506920&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1729278360701&lmt=1729278357&adxs=315&adys=220&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.12up.com%2F&vis=1&psz=970x0&msz=970x0&fws=0&ohw=0&td=1&egid=44736&tan=72100d9d-508a-46f7-84df-a96357c3a4da&tdf=2&topics=9&tps=9&htps=10&a3p=EhkKCnB1YmNpZC5vcmcY9PiWiKoySABSAghkEhwKDWNyd2RjbnRybC5uZXQY9PiWiKoySABSAghkEh0KDmVzcC5jcml0ZW8uY29tGPT4loiqMkgAUgIIZBIZCgp1aWRhcGkuY29tGPT4loiqMkgAUgIIZBIbCgxpZDUtc3luYy5jb20Y9PiWiKoySABSAghkEhQKBW9wZW54GPT4loiqMkgAUgIIZBIbCgwzM2Fjcm9zcy5jb20Y9PiWiKoySABSAghk&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1729278357802&idt=1722&prev_scp=hb_bidder%3DnoBids%26mm_hb_pb%3D0.00%26amznbid%3D2%26amznp%3D2%26pb_bid%3D0.0%26mmdf%3D0%26mm_viewability%3D0.65%26slotid%3D175840252%252F12up%252F12up.com%252Ftop_d%26page_number%3D1%26ad_type%3Ddisplay%26commercial-version%3Dcommercial-wrapper%26slot_position%3D1-1%26page_url%3Dhttps%253A%252F%252Fwww.12up.com%252F%26isRefresh%3D0%26SkinEnable%3Dtrue%26pageType%3DHomePage&cust_params=articleId%3D%26mmUserIdentifier%3D2%26contentTags%3D%26distributionChannels%3D%26commercialTags%3D%26sessionid%3DXx6byffcrphuI4DK%26experiment%3D&adks=3091458793&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410100101/pubads_impl.js?cb=31088242
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
ba570e8b52c53393e2a4bdae99ff51c5dc10a749cea9b2f248731417582cc163
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

content-encoding
br
google-lineitem-id
-1
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Fri, 18 Oct 2024 19:06:01 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-1
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.12up.com
content-length
347
x-xss-protection
0
server
cafe
container.html
ab1ed7f8143955b8e254c8d3ceb9ca41.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D868
0
0
Document
General
Full URL
https://ab1ed7f8143955b8e254c8d3ceb9ca41.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410100101/pubads_impl.js?cb=31088242
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.12up.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Oct 2024 19:06:01 GMT
expires
Fri, 18 Oct 2024 19:06:01 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
coreid.min.js
secure.cdn.fastclick.net/js/cnvr-coreid/latest/
229 KB
66 KB
Script
General
Full URL
https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.203.179.38 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-179-38.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

cache-control
max-age=900
content-encoding
gzip
etag
"394d0-60864a57eaadc-gzip"
expires
Fri, 18 Oct 2024 19:21:00 GMT
accept-ranges
bytes
content-length
67550
date
Fri, 18 Oct 2024 19:06:00 GMT
last-modified
Mon, 23 Oct 2023 16:23:46 GMT
content-type
application/javascript
server
Apache
vary
Accept-Encoding
/
stats.bqstreamer.com/
2 B
312 B
Ping
General
Full URL
https://stats.bqstreamer.com/
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/mz-delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:367 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.12up.com/

Response headers

access-control-max-age
86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dn0HJXo2nYG8gUBT2VgasflcUoJXhgJPvARcYV4OtZTx%2BK7ly9Pad7jFflLJhNcnQ%2FvZnRe2UC8rB38Mv8bWydGJDSgq6KJbKSIwyDcxSZBA01N%2B%2FY2AiAl9GJEazaEGDLSLpyaINe2x7IBB%2FIf%2Bq5z2"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, OPTIONS
cf-ray
8d4acd9ad9d71014-LAX
access-control-allow-origin
*
content-length
2
date
Fri, 18 Oct 2024 19:06:01 GMT
content-type
text/plain;charset=UTF-8
vary
Accept-Encoding
server
cloudflare
access-control-allow-headers
*
en-US.json
cdn.userway.org/widgetapp/2024-10-08-15-28-17/locales/
607 B
942 B
XHR
General
Full URL
https://cdn.userway.org/widgetapp/2024-10-08-15-28-17/locales/en-US.json
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-10-08-15-28-17/widget_app_base_1728401297040.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::54 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
c46936850cfa993988f2c32b0b04a5c4b0f94c30d36aca502626befbd2b802de

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

access-control-max-age
3000
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
content-encoding
gzip
etag
W/"971644f50e2020e1ff22e37edcad46f6"
age
281
x-77-cache
HIT
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
x-amz-cf-id
7Wk6bL5chCLq6Qx1I3QANOYm2oCefVrnnP1-CbLH29s3cRldkNGksw==
date
Fri, 18 Oct 2024 19:06:00 GMT
content-type
application/json
last-modified
Tue, 08 Oct 2024 15:31:34 GMT
x-77-nzt-ray
f03d061307cbc3cc98b1126701b0e730
vary
Accept-Encoding
x-77-nzt
EgwBT3/O6QH3vnUEAAwBnJI73wG3+ekIAA
cache-control
max-age=25920000, public
via
1.1 16af463a01c5a83f3019835cbbb82152.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-77-pop
newyorkUSNY
x-77-age
292286
x-amz-cf-pop
JFK50-P7
server
CDN77-Turbo
x-amz-server-side-encryption
AES256
1127.json
id5-sync.com/g/v2/
632 B
1 KB
Fetch
General
Full URL
https://id5-sync.com/g/v2/1127.json
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/prebid8.52.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.120 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203256.ip-141-95-33.eu
Software
/
Resource Hash
53f4bc0f602c941f5ae8fb2164ddee6f83983c9004aac2fcc872f83499268666
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.12up.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin
https://www.12up.com
p3p
CP="CAO PSA OUR"
date
Fri, 18 Oct 2024 19:06:00 GMT
content-type
application/json
vary
Origin
v1
hb-api.omnitagjs.com/hb-api/prebid/
357 B
497 B
Fetch
General
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.12up.com%2F&PageUrl=https%3A%2F%2Fwww.12up.com%2F&PageReferrer=https%3A%2F%2Fwww.12up.com%2F&CanonicalUrl=https%3A%2F%2Fwww.12up.com%2F
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/prebid8.52.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
04d19a4933576336de80d6d9817c98c13ff1f98d0d970b9f386e414b9ea0d395
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.12up.com/

Response headers

access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
x-content-type-options
nosniff
expires
0
p3p
CP="CAO PSA OUR"
date
Fri, 18 Oct 2024 19:06:00 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
x-envoy-upstream-service-time
16
access-control-allow-credentials
true
access-control-allow-origin
https://www.12up.com
content-length
357
server
ayl-lb-usa02
prebid
ib.adnxs.com/ut/v3/
256 B
1 KB
Fetch
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/prebid8.52.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.164 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
02f259d7df7cf810f7571ba6fe76416f24e1f2b3467511636975413512f749ec
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.12up.com/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
162.245.206.246; 162.245.206.246; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
https://www.12up.com
an-x-request-uuid
ba94574e-aa98-4428-9e89-58c848d4b245
content-length
256
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Fri, 18 Oct 2024 19:06:01 GMT
x-xss-protection
0
content-type
application/json; charset=utf-8
server
nginx/1.23.4
cdb
bidder.criteo.com/
0
218 B
Fetch
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.52.1&cb=10441076237&lsavail=0
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/prebid8.52.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a00b::30 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.12up.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
observe-browsing-topics
?1
access-control-allow-origin
https://www.12up.com
date
Fri, 18 Oct 2024 19:06:00 GMT
vary
Origin
server
Kestrel
bid
aax.amazon-adsystem.com/e/dtb/
23 B
372 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3777&u=https%3A%2F%2Fwww.12up.com%2F&pid=MSJu3JPz4VvZr&cb=1&ws=1600x1200&v=24.819.1704&t=2500&slots=%5B%7B%22sd%22%3A%22175840252%2F12up%2F12up%28dot%29com%2Ftop_d____top_d_1_1_slot0____21_1_a9%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%5D%2C%22sn%22%3A%22175840252%2F12up%2F12up.com%2Ftop_d%22%7D%2C%7B%22sd%22%3A%22175840252%2F12up%2F12up%28dot%29com%2Ftop_d____top_d_1_1_slot0____22_1_a9%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%5D%2C%22sn%22%3A%22175840252%2F12up%2F12up.com%2Ftop_d%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&cfgv=1&sm=4264e5e5-2eb5-400f-bf7c-62c1c0f1ab37&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D&vm=%7B%22ids%22%3A%7B%22audigent%22%3A%22060ixe7ju6a65hicigj8bhbjf8jdl7a9lieuom2wi0e0ysuiuqw4gsgwo4wk02e60%22%2C%22id5%22%3A%22ID5*vI_4woIV6RdkGXXLrb3Hl6gSOVAKtQTTHTDlZ9CbLSnPyC3VTRO41nUI45vUEEb4%22%2C%22pubcommon%22%3A%22f14eff70-161e-4de1-b2a9-fe7714681890%22%7D%7D&_c=1
Requested by
Host: c.aps.amazon-adsystem.com
URL: https://c.aps.amazon-adsystem.com/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.108.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-108-113.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
via
1.1 c123eaeab0338ee38c9f9a5fe5647218.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.12up.com
x-cache
Miss from cloudfront
content-length
43
x-amz-cf-id
5Z3RdH2TJprVJ9pEwGCzmNHpYOFHZn9yeTxaVrqCs-prC70te4jvmQ==
date
Fri, 18 Oct 2024 19:06:00 GMT
content-type
text/javascript;charset=UTF-8
x-amz-cf-pop
JFK50-P6
server
Server
join-ad-interest-groups.html
proton.ad.gt/ Frame E4DC
0
0
Document
General
Full URL
https://proton.ad.gt/join-ad-interest-groups.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.12up.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
ad-auction-allowed
true
age
2364
apigw-requestid
f27Dogf0vHcEPLA=
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
8d4acd9d69097cec-LAX
content-encoding
br
content-type
text/html
date
Fri, 18 Oct 2024 19:06:01 GMT
last-modified
Fri, 18 Oct 2024 18:13:30 GMT
server
cloudflare
supports-loading-mode
fenced-frame
vary
Accept-Encoding
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.12up.com%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.12up.com%2F&rid=esp&cc=1
85 B
192 B
Fetch
General
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.12up.com%2F&rid=esp&cc=1
Requested by
Host: www.12up.com
URL: https://www.12up.com/
Protocol
H2
Server
34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
32a5c1f550ac3d96904217255db35c7da1270cf727f5827b6d2052dae92a941b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

etag
W/"55-C1l3ThopQtlV3eFj2Bjy4eeF/1U"
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.12up.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85
date
Fri, 18 Oct 2024 19:06:01 GMT
content-type
application/json; charset=utf-8
x-powered-by
Express
vary
Origin

Redirect headers

location
/esp?url=https%3A%2F%2Fwww.12up.com%2F&rid=esp&cc=1
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.12up.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Fri, 18 Oct 2024 19:06:01 GMT
x-powered-by
Express
vary
Origin
remediation_1728401297040.js
cdn.userway.org/widgetapp/2024-10-08-15-28-17/remediation/
95 KB
27 KB
Script
General
Full URL
https://cdn.userway.org/widgetapp/2024-10-08-15-28-17/remediation/remediation_1728401297040.js
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-10-08-15-28-17/widget_app_base_1728401297040.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::54 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
fe66f91eae12efca0ac117ae0505e43f25e81f9da5ad13cd2e563bf7fe1508ee

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.12up.com
Referer
https://www.12up.com/

Response headers

access-control-max-age
3000
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
content-encoding
gzip
etag
W/"3b66deb8c3b5ba2c3da9501471856693"
age
392
x-77-cache
HIT
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
x-amz-cf-id
stkT0LpDZ_efpjW0y4TfQOh72eoKF_Z_XNmXr8_bIu_pM0FAsz5W3g==
date
Fri, 18 Oct 2024 19:06:01 GMT
content-type
application/javascript
last-modified
Tue, 08 Oct 2024 15:31:35 GMT
vary
Accept-Encoding
x-77-nzt-ray
f03d061307cbc3cc99b11267c58f5312
x-77-nzt
EgwBT3/O6QH3vXUEAAwBuTvfFAG3i+kIAA
cache-control
max-age=25920000, public
via
1.1 f54bc880c0d35571a4883f7c10838532.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-77-pop
newyorkUSNY
x-77-age
292285
x-amz-cf-pop
JFK50-P7
server
CDN77-Turbo
x-amz-server-side-encryption
AES256
xiyMWJ4uQw9XMwur.json
cdn.userway.org/remediations/consolidated/3505942/
1 MB
193 KB
XHR
General
Full URL
https://cdn.userway.org/remediations/consolidated/3505942/xiyMWJ4uQw9XMwur.json
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-10-08-15-28-17/widget_app_base_1728401297040.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::54 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
f121cd64be0220a99970f8822704db033385f36c7cfae93bbee1c28ad64e8df0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

access-control-max-age
3000
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
content-encoding
gzip
etag
W/"ec7c1228f047a108642c2b16eb3d95d4"
age
352
x-77-cache
HIT
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
x-amz-cf-id
OKxPHX7XL-mIRky4QPgadyj-MhRKTH_hOETZoY-9Hf8ljN-uMOP6rA==
date
Fri, 18 Oct 2024 19:06:01 GMT
content-type
application/json
last-modified
Fri, 18 Oct 2024 18:33:50 GMT
vary
Accept-Encoding
x-77-nzt-ray
f03d061307cbc3cc99b112675a275912
x-77-nzt
EggBT3/O6QFBDAGckjvfAbfDBQAA
cache-control
public, max-age=31536000
via
1.1 812385435e4a24499dabb443924e6b50.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-77-pop
newyorkUSNY
x-77-age
1475
x-amz-cf-pop
JFK50-P7
server
CDN77-Turbo
x-amz-server-side-encryption
AES256
widget_base.css
cdn.userway.org/styles/2024-10-08-15-28-17/
30 KB
5 KB
Stylesheet
General
Full URL
https://cdn.userway.org/styles/2024-10-08-15-28-17/widget_base.css?v=1728401297040
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-10-08-15-28-17/widget_app_base_1728401297040.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::54 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
92a186a4d39702090ae3d539a1cf7cc0187b99203ed928fb4514fa3fdabf566d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

access-control-max-age
3000
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
content-encoding
gzip
etag
W/"fa9ef3811ff36e9e81b054c454f9365f"
age
392
x-77-cache
HIT
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
x-amz-cf-id
h2YKRLwuveHufea2ShueDLS6Ba4oBaafg4atkgpfGt1CD8t046qhDw==
date
Fri, 18 Oct 2024 19:06:01 GMT
content-type
text/css
last-modified
Tue, 08 Oct 2024 15:30:57 GMT
vary
Accept-Encoding
x-77-nzt-ray
f03d0613cfb757b599b112676682ae12
x-77-nzt
EgwBT3/O6QH3RzAAAAwBWbuxDAG3iukIAA
cache-control
max-age=864000, public
via
1.1 af81a253e57ed5b111fa0052bfc87f2e.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-77-pop
newyorkUSNY
x-77-age
12359
x-amz-cf-pop
JFK50-P7
server
CDN77-Turbo
x-amz-server-side-encryption
AES256
event
p.ad.gt/api/v1/
0
34 B
XHR
General
Full URL
https://p.ad.gt/api/v1/event
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/454
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/json
Referer
https://www.12up.com/

Response headers

cf-ray
8d4acd9fabeedb66-LAX
access-control-allow-origin
https://www.12up.com
cf-cache-status
DYNAMIC
date
Fri, 18 Oct 2024 19:06:01 GMT
vary
Origin
server
cloudflare
access-control-allow-credentials
true
event
p.ad.gt/api/v1/ Frame
0
0
Preflight
General
Full URL
https://p.ad.gt/api/v1/event
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.12up.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
https://www.12up.com
allow
OPTIONS, POST
cf-cache-status
DYNAMIC
cf-ray
8d4acd9eeb38db66-LAX
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 18 Oct 2024 19:06:01 GMT
server
cloudflare
vary
Origin
increment
id5-sync.com/api/esp/
0
228 B
XHR
General
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.120 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203256.ip-141-95-33.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.12up.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://www.12up.com
date
Fri, 18 Oct 2024 19:06:01 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-credentials
true
syncframe
gum.criteo.com/ Frame C316
0
0
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.12up.com&gdpr=0&gdpr_consent=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a00b::12 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.12up.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 18 Oct 2024 19:06:00 GMT
server
Kestrel
server-processing-duration-in-ticks
750887
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
body_wh.svg
cdn.userway.org/widgetapp/images/
4 KB
3 KB
Image
General
Full URL
https://cdn.userway.org/widgetapp/images/body_wh.svg
Requested by
Host: www.12up.com
URL: https://www.12up.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::54 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
21eb1e487c899c6192c31800445bfb81caa7ff1fca550ea3fdb3444834d85710

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

access-control-max-age
3000
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
content-encoding
gzip
etag
W/"1d8b1582fe82bd329041cc1982ad42e4"
x-77-cache
HIT
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
x-amz-cf-id
suPkBZ0qzdeEyo2CqCPuWg_pfErkmvPpeU2vsA1Ub2pmR-IGrWc0SA==
date
Fri, 18 Oct 2024 19:06:01 GMT
content-type
image/svg+xml
x-77-nzt-ray
f03d0613cfb757b599b112670a8d391d
vary
Accept-Encoding
last-modified
Tue, 08 Oct 2024 15:31:36 GMT
x-77-nzt
EgwBT3/O6QH3vnUEAAwBnJI76AG3i+kIAA
cache-control
max-age=25920000, public
via
1.1 33b70e58e860e3444a806072eb0401a6.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-77-pop
newyorkUSNY
x-77-age
292286
x-amz-cf-pop
JFK50-P7
server
CDN77-Turbo
x-amz-server-side-encryption
AES256
spin_wh.svg
cdn.userway.org/widgetapp/images/
2 KB
1 KB
Image
General
Full URL
https://cdn.userway.org/widgetapp/images/spin_wh.svg
Requested by
Host: www.12up.com
URL: https://www.12up.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::54 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

access-control-max-age
3000
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
content-encoding
gzip
etag
W/"8e0a35946bf39d10f46a1f1653366a0a"
x-77-cache
HIT
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
x-amz-cf-id
W9T_Spg6u9nRIoKY-5aPb85Brm9eH5v6gGklRvBI64BzkACFMFn_4g==
date
Fri, 18 Oct 2024 19:06:01 GMT
content-type
image/svg+xml
x-77-nzt-ray
f03d0613cfb757b599b11267cbf43d1d
vary
Accept-Encoding
last-modified
Tue, 08 Oct 2024 15:31:37 GMT
x-77-nzt
EgwBT3/O6QH3vnUEAAwBuTvfFAG3i+kIAA
cache-control
max-age=25920000, public
via
1.1 100ce1d37f67e6c59753cd4c9c473afc.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-77-pop
newyorkUSNY
x-77-age
292286
x-amz-cf-pop
JFK50-P7
server
CDN77-Turbo
x-amz-server-side-encryption
AES256
remediation-tool.js
cdn.userway.org/remediation/2024-10-08-15-28-17/paid/
65 KB
23 KB
Script
General
Full URL
https://cdn.userway.org/remediation/2024-10-08-15-28-17/paid/remediation-tool.js?ts=1728401297040
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-10-08-15-28-17/widget_app_base_1728401297040.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::54 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
42c1ddeaf8478b1f54eedb7829ea19fc7ab4490e6efd70247dd1660f73dd1b73

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.12up.com
Referer
https://www.12up.com/

Response headers

access-control-max-age
3000
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
content-encoding
gzip
etag
W/"0a1e52174fad9eceaf8a9d7d6617173f"
age
391
x-77-cache
HIT
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
x-amz-cf-id
u4vsdH4l5IcIz7dCE5uSBGyeeMgclzicfVgxpuFcB27ZwerJNY0kKQ==
date
Fri, 18 Oct 2024 19:06:01 GMT
content-type
application/javascript
last-modified
Tue, 08 Oct 2024 15:31:45 GMT
vary
Accept-Encoding
x-77-nzt-ray
f03d061307cbc3cc99b1126786d09e1e
x-77-nzt
EgwBT3/O6QH3vXUEAAwBuTvfFAG3i+kIAA
cache-control
max-age=25920000, public
via
1.1 65cf746d404c73d4aef0b35e7fcab946.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-77-pop
newyorkUSNY
x-77-age
292285
x-amz-cf-pop
JFK50-P7
server
CDN77-Turbo
x-amz-server-side-encryption
AES256
pd
google-bidout-d.openx.net/w/1.0/ Frame CD82
0
0
Document
General
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash

Request headers

Referer
https://www.12up.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
455
content-type
text/html
date
Fri, 18 Oct 2024 19:06:01 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
/
stats.bqstreamer.com/
2 B
284 B
Ping
General
Full URL
https://stats.bqstreamer.com/
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/mz-delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:367 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.12up.com/

Response headers

access-control-max-age
86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S4g3a7neiuPetLQvs8ufgJHNDy7W3ntUpMoyV05q1ujcaP%2BedfvPOTN1bMSIcO3zHVN%2BIIgmXNnqkuUGo6IFiT2KJR2AIxooOPEhsVz9XSDMpD%2FQ13AwGuRqDb8FPKeObKXMq5MA7YIbzXcVvl2VJ4LR"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, OPTIONS
cf-ray
8d4acda10a6c1014-LAX
access-control-allow-origin
*
content-length
2
date
Fri, 18 Oct 2024 19:06:01 GMT
content-type
text/plain;charset=UTF-8
vary
Accept-Encoding
server
cloudflare
access-control-allow-headers
*
xiyMWJ4uQw9XMwur.json
cdn.userway.org/remediations/consolidated/3505942/
1 MB
0
Fetch
General
Full URL
https://cdn.userway.org/remediations/consolidated/3505942/xiyMWJ4uQw9XMwur.json
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/remediation/2024-10-08-15-28-17/paid/remediation-tool.js?ts=1728401297040
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::54 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
f121cd64be0220a99970f8822704db033385f36c7cfae93bbee1c28ad64e8df0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

access-control-max-age
3000
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
content-encoding
gzip
etag
W/"ec7c1228f047a108642c2b16eb3d95d4"
age
352
x-77-cache
HIT
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
x-amz-cf-id
OKxPHX7XL-mIRky4QPgadyj-MhRKTH_hOETZoY-9Hf8ljN-uMOP6rA==
date
Fri, 18 Oct 2024 19:06:01 GMT
content-type
application/json
last-modified
Fri, 18 Oct 2024 18:33:50 GMT
vary
Accept-Encoding
x-77-nzt-ray
f03d061307cbc3cc99b112675a275912
x-77-nzt
EggBT3/O6QFBDAGckjvfAbfDBQAA
cache-control
public, max-age=31536000
via
1.1 812385435e4a24499dabb443924e6b50.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-77-pop
newyorkUSNY
x-77-age
1475
x-amz-cf-pop
JFK50-P7
server
CDN77-Turbo
x-amz-server-side-encryption
AES256
sodar
ep1.adtrafficquality.google/getconfig/
17 KB
13 KB
XHR
General
Full URL
https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202410100101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410100101/pubads_impl.js?cb=31088242
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
cafe /
Resource Hash
c24ceb797dacfd5cb8ffd470280cbd64681ccdb7a74647111dc0837e2e8a0c3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
12872
date
Fri, 18 Oct 2024 19:06:02 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
ip_match
ids.ad.gt/api/v1/
0
191 B
Image
General
Full URL
https://ids.ad.gt/api/v1/ip_match?id=AU1D-0100-001729278360-DM1T0PRL-WK97
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.104.45 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-104-45.us-west-2.compute.amazonaws.com
Software
nginx/1.27.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

content-length
0
date
Fri, 18 Oct 2024 19:06:02 GMT
content-type
text/html; charset=utf-8
server
nginx/1.27.1
rub_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://token.rubiconproject.com/token?pid=50242&puid=AU1D-0100-001729278360-DM1T0PRL-WK97&gdpr=0
  • https://ids.ad.gt/api/v1/rub_match?id=AU1D-0100-001729278360-DM1T0PRL-WK97&rub=M2F3OQQT-E-FSNO&gdpr=0
43 B
143 B
Image
General
Full URL
https://ids.ad.gt/api/v1/rub_match?id=AU1D-0100-001729278360-DM1T0PRL-WK97&rub=M2F3OQQT-E-FSNO&gdpr=0
Protocol
H2
Server
44.239.104.45 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-104-45.us-west-2.compute.amazonaws.com
Software
nginx/1.27.1 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

cache-control
no-cache
content-length
43
date
Fri, 18 Oct 2024 19:06:02 GMT
content-type
image/gif
server
nginx/1.27.1

Redirect headers

Expires
0
Cache-Control
no-cache,no-store,must-revalidate
Location
https://ids.ad.gt/api/v1/rub_match?id=AU1D-0100-001729278360-DM1T0PRL-WK97&rub=M2F3OQQT-E-FSNO&gdpr=0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
91c229169a155ea648dbc4d59ef8a3c5
Pragma
no-cache
content-length
0
ebfa23da174faa55634171c5e49d0152.gif
sync.colossusssp.com/
0
202 B
Image
General
Full URL
https://sync.colossusssp.com/ebfa23da174faa55634171c5e49d0152.gif?puid=AU1D-0100-001729278360-DM1T0PRL-WK97&redir=http%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fcolossus%3Fcls_id%3D%5BUID%5D%26id%3DAU1D-0100-001729278360-DM1T0PRL-WK97
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.240.155.108 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Date
Fri, 18 Oct 2024 19:06:02 GMT
Content-Type
text/plain
Server
nginx
Connection
keep-alive
0
sync.1rx.io/usersync/audigent/
0
98 B
Image
General
Full URL
https://sync.1rx.io/usersync/audigent/0?dspret=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001729278360-DM1T0PRL-WK97%26unruly_id%3D%5BRX_UUID%5D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.194.240.13 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

expires
0
cache-control
no-store, no-cache, must-revalidate
date
Fri, 18 Oct 2024 19:06:07 GMT
pragma
no-cache
12up-favicon.png
images2.minutemediacdn.com/image/upload/c_fill,w_1440,ar_1:1,f_auto,q_auto,g_auto/frontier/favicons/
15 KB
15 KB
Other
General
Full URL
https://images2.minutemediacdn.com/image/upload/c_fill,w_1440,ar_1:1,f_auto,q_auto,g_auto/frontier/favicons/12up-favicon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23ca:7200:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
30caacff9f7f2ae34525318fcc8cbe42a56ac9a9ac503a29733048baf2cae8f2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

etag
"14ab78afe5640a87e555bdee970325cd"
surrogate-reporting
width=1440,height=1440,owidth=480,oheight=480,obytes=7289
age
5015691
x-cache
Hit from cloudfront
x-amz-cf-id
oPNR8GcFw7JWfaPBT73f369jOimzSWWMZiuUm9fW6ujECSFI0K2P6Q==
date
Wed, 21 Aug 2024 17:51:11 GMT
content-type
image/webp
x-served-by
cache-lga21946-LGA
x-cache-hits
0
content-disposition
inline; filename="12up-favicon.webp"
access-control-allow-headers
X-Requested-With
last-modified
Tue, 12 Apr 2022 09:12:52 GMT
cache-control
private, max-age=31560000
timing-allow-origin
*
x-timer
S1724262671.456660,VS0,VE102
via
1.1 7f211c0cbc2233e773b715bc4f4a435c.cloudfront.net (CloudFront), 1.1 varnish, 1.1 ed016821a44f073856f1ffba399e1728.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
14886
x-amz-cf-pop
JFK50-P2
server
CloudFront
publishertag.prebid.144.js
static.criteo.net/js/ld/
96 KB
31 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.144.js
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/prebid8.52.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a00b::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
max-age=86400, public
timing-allow-origin
*
content-encoding
gzip
etag
W/"653b5c0e-1811e"
cross-origin-resource-policy
cross-origin
expires
Sat, 19 Oct 2024 19:06:02 GMT
access-control-allow-origin
*
date
Fri, 18 Oct 2024 19:06:02 GMT
content-type
text/javascript
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
nav_menu_helper_1728401297040.js
cdn.userway.org/widgetapp/2024-10-08-15-28-17/remediation/
23 KB
7 KB
Script
General
Full URL
https://cdn.userway.org/widgetapp/2024-10-08-15-28-17/remediation/nav_menu_helper_1728401297040.js
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-10-08-15-28-17/widget_app_base_1728401297040.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::54 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
48eef7fe61a3e2c7c88ac1c6a263bd851b6a05363607e52fd2be4e4472d42255

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.12up.com
Referer
https://www.12up.com/

Response headers

access-control-max-age
3000
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
content-encoding
gzip
etag
W/"d5babf1f477d0f7bf4044b0693b956d9"
age
391
x-77-cache
HIT
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
x-amz-cf-id
Jk5PMs1upqDQ7Vcn7X7TMi8-TR8hatbJG3KjbIbTC9zX-r3ALKhzZA==
date
Fri, 18 Oct 2024 19:06:02 GMT
content-type
application/javascript
last-modified
Tue, 08 Oct 2024 15:31:35 GMT
vary
Accept-Encoding
x-77-nzt-ray
f03d061307cbc3cc9ab11267242cbe1e
x-77-nzt
EgwBT3/O6QH3u3UEAAwBuTvfFAG3jekIAA
cache-control
max-age=25920000, public
via
1.1 f6acfb143216fabf7be9b3a603a486ae.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-77-pop
newyorkUSNY
x-77-age
292283
x-amz-cf-pop
JFK50-P7
server
CDN77-Turbo
x-amz-server-side-encryption
AES256
sodar2.js
ep2.adtrafficquality.google/sodar/
18 KB
7 KB
Script
General
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

content-encoding
gzip
etag
"1727224258380615"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Fri, 18 Oct 2024 19:06:03 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 19:06:03 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
6445
x-xss-protection
0
server
sffe
syncframe
gum.criteo.com/ Frame A042
0
0
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.12up.com&gdpr=0&gdpr_consent=&us_privacy=1YNN
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a00b::12 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.12up.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 18 Oct 2024 19:06:02 GMT
server
Kestrel
server-processing-duration-in-ticks
1092227
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
publishertag.prebid.144.js
static.criteo.net/js/ld/
96 KB
0
XHR
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.144.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.144.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a00b::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

cache-control
max-age=86400, public
timing-allow-origin
*
content-encoding
gzip
etag
W/"653b5c0e-1811e"
cross-origin-resource-policy
cross-origin
expires
Sat, 19 Oct 2024 19:06:02 GMT
access-control-allow-origin
*
date
Fri, 18 Oct 2024 19:06:02 GMT
content-type
text/javascript
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
ats.js
ats-wrapper.privacymanager.io/ats-modules/c77a7cdd-fb29-4ac0-bc41-84011afce9b3/
186 KB
61 KB
Script
General
Full URL
https://ats-wrapper.privacymanager.io/ats-modules/c77a7cdd-fb29-4ac0-bc41-84011afce9b3/ats.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.91.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-91-104.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
30de3246206b38b390d4d119eb5377bbae3a5110606d11e4a4e60ca4881884cd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

vary
Accept-Encoding
cache-control
must-revalidate,public,max-age=3600
content-encoding
gzip
x-amz-version-id
._rYFdFPum1CJzYnmF0MGDx1OkmFaaiR
etag
W/"2c9f87c24b729cf79e18c4d6c27c488b"
age
655
via
1.1 e90cf336d9fb5e5789ae3c5966f7fbfe.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
qvZrLZqYGQ53y2sxW-1qnB2D1an4cACF8wPY1m1sWYuG45JkhG4kMQ==
date
Fri, 18 Oct 2024 18:55:09 GMT
content-type
application/javascript
last-modified
Tue, 10 Sep 2024 21:11:44 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P9
x-amz-server-side-encryption
AES256
runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame 1627
0
0
Document
General
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.12up.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
2322
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5005
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Oct 2024 18:27:21 GMT
expires
Fri, 18 Oct 2024 19:17:21 GMT
last-modified
Mon, 23 Sep 2024 18:12:21 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame B1AA
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/88548f72-daef-4151-a115-1c124613fd1e/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.35.164 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-89iw2mo9W5maVG_TMMDk3A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.12up.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-89iw2mo9W5maVG_TMMDk3A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Oct 2024 19:06:03 GMT
expires
Fri, 18 Oct 2024 19:06:03 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
alts.json
cdn77.api.userway.org/api/img-dscr/v2/p0xG3SZhEr/3505942/I1n1sSFNl1A04DxR/ Frame
0
0
Preflight
General
Full URL
https://cdn77.api.userway.org/api/img-dscr/v2/p0xG3SZhEr/3505942/I1n1sSFNl1A04DxR/alts.json?dto=%7B%22sorted%22%3A%5B%7B%22src%22%3A%22https%3A%2F%2Fimages2.minutemediacdn.com%2Fimage%2Fupload%2Fc_crop%2Cw_3386%2Ch_1904%2Cx_0%2Cy_0%2Fc_fill%2Cw_720%2Car_16%3A9%2Cf_auto%2Cq_auto%2Cg_auto%2Fimages%252FGettyImages%252Fmmsport%252F12up_en_international_web%252F01jafzjjz0z9zsy11mkf.jpg%22%2C%22alt%22%3A%22Dallas%20Cowboys%20v%20New%20York%20Giants%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fimages2.minutemediacdn.com%2Fimage%2Fupload%2Fc_crop%2Cw_4457%2Ch_2507%2Cx_0%2Cy_0%2Fc_fill%2Cw_360%2Car_16%3A9%2Cf_auto%2Cq_auto%2Cg_auto%2Fimages%252FGettyImages%252Fmmsport%252F12up_en_international_web%252F01j9rwcame2rca5ab888.jpg%22%2C%22alt%22%3A%22Buffalo%20Bills%20v%20Houston%20Texans%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fimages2.minutemediacdn.com%2Fimage%2Fupload%2Fc_crop%2Cw_4676%2Ch_2630%2Cx_0%2Cy_0%2Fc_fill%2Cw_360%2Car_16%3A9%2Cf_auto%2Cq_auto%2Cg_auto%2Fimages%252FGettyImages%252Fmmsport%252F12up_en_international_web%252F01j975hx851bjn6hv6eh.jpg%22%2C%22alt%22%3A%22Carolina%20Panthers%20v%20Las%20Vegas%20Raiders%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fimages2.minutemediacdn.com%2Fimage%2Fupload%2Fc_crop%2Cw_5463%2Ch_3072%2Cx_0%2Cy_0%2Fc_fill%2Cw_360%2Car_16%3A9%2Cf_auto%2Cq_auto%2Cg_auto%2Fimages%252FGettyImages%252Fmmsport%252F12up_en_international_web%252F01j9m3h9ysq14rfwctea.jpg%22%2C%22alt%22%3A%22Dallas%20Cowboys%20v%20Pittsburgh%20Steelers%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fimages2.minutemediacdn.com%2Fimage%2Fupload%2Fc_crop%2Cw_6515%2Ch_3664%2Cx_0%2Cy_43%2Fc_fill%2Cw_360%2Car_16%3A9%2Cf_auto%2Cq_auto%2Cg_auto%2Fimages%252FGettyImages%252Fmmsport%252F12up_en_international_web%252F01j9pr3q06rnrdffsy14.jpg%22%2C%22alt%22%3A%22Denver%20Broncos%20v%20New%20York%20Jets%22%2C%22dir%22%3A%22RO%22%7D%5D%2C%22tier%22%3A%22PAID_QUOTA_TIER%22%2C%22pageUrl%22%3A%22https%3A%2F%2Fwww.12up.com%2F%22%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::54 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.12up.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
access-control-max-age
3000
cache-control
max-age=604800
date
Fri, 18 Oct 2024 19:06:04 GMT
server
CDN77-Turbo
x-77-cache
MISS
x-77-nzt
EggBT3/O6QAACAG5O98UAAA
x-77-nzt-ray
f03d0613b0d845c39bb11267bd79623a
x-77-pop
newyorkUSNY
x-service-version
img-dscr-srv-a922622f
alts.json
cdn77.api.userway.org/api/img-dscr/v2/p0xG3SZhEr/3505942/I1n1sSFNl1A04DxR/
2 KB
913 B
Fetch
General
Full URL
https://cdn77.api.userway.org/api/img-dscr/v2/p0xG3SZhEr/3505942/I1n1sSFNl1A04DxR/alts.json?dto=%7B%22sorted%22%3A%5B%7B%22src%22%3A%22https%3A%2F%2Fimages2.minutemediacdn.com%2Fimage%2Fupload%2Fc_crop%2Cw_3386%2Ch_1904%2Cx_0%2Cy_0%2Fc_fill%2Cw_720%2Car_16%3A9%2Cf_auto%2Cq_auto%2Cg_auto%2Fimages%252FGettyImages%252Fmmsport%252F12up_en_international_web%252F01jafzjjz0z9zsy11mkf.jpg%22%2C%22alt%22%3A%22Dallas%20Cowboys%20v%20New%20York%20Giants%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fimages2.minutemediacdn.com%2Fimage%2Fupload%2Fc_crop%2Cw_4457%2Ch_2507%2Cx_0%2Cy_0%2Fc_fill%2Cw_360%2Car_16%3A9%2Cf_auto%2Cq_auto%2Cg_auto%2Fimages%252FGettyImages%252Fmmsport%252F12up_en_international_web%252F01j9rwcame2rca5ab888.jpg%22%2C%22alt%22%3A%22Buffalo%20Bills%20v%20Houston%20Texans%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fimages2.minutemediacdn.com%2Fimage%2Fupload%2Fc_crop%2Cw_4676%2Ch_2630%2Cx_0%2Cy_0%2Fc_fill%2Cw_360%2Car_16%3A9%2Cf_auto%2Cq_auto%2Cg_auto%2Fimages%252FGettyImages%252Fmmsport%252F12up_en_international_web%252F01j975hx851bjn6hv6eh.jpg%22%2C%22alt%22%3A%22Carolina%20Panthers%20v%20Las%20Vegas%20Raiders%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fimages2.minutemediacdn.com%2Fimage%2Fupload%2Fc_crop%2Cw_5463%2Ch_3072%2Cx_0%2Cy_0%2Fc_fill%2Cw_360%2Car_16%3A9%2Cf_auto%2Cq_auto%2Cg_auto%2Fimages%252FGettyImages%252Fmmsport%252F12up_en_international_web%252F01j9m3h9ysq14rfwctea.jpg%22%2C%22alt%22%3A%22Dallas%20Cowboys%20v%20Pittsburgh%20Steelers%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fimages2.minutemediacdn.com%2Fimage%2Fupload%2Fc_crop%2Cw_6515%2Ch_3664%2Cx_0%2Cy_43%2Fc_fill%2Cw_360%2Car_16%3A9%2Cf_auto%2Cq_auto%2Cg_auto%2Fimages%252FGettyImages%252Fmmsport%252F12up_en_international_web%252F01j9pr3q06rnrdffsy14.jpg%22%2C%22alt%22%3A%22Denver%20Broncos%20v%20New%20York%20Jets%22%2C%22dir%22%3A%22RO%22%7D%5D%2C%22tier%22%3A%22PAID_QUOTA_TIER%22%2C%22pageUrl%22%3A%22https%3A%2F%2Fwww.12up.com%2F%22%7D
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/remediation/2024-10-08-15-28-17/paid/remediation-tool.js?ts=1728401297040
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::54 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
1635fe069344f247f0e45d35a4da413e68c15fdce556b74e20d7d72672979196

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://www.12up.com/

Response headers

access-control-max-age
3000
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
content-encoding
gzip
etag
W/"6a5-f88ksHmcYjd3HhfuhZGOj8BJBko"
x-77-cache
MISS
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
date
Fri, 18 Oct 2024 19:06:04 GMT
content-type
application/json; charset=utf-8
x-77-nzt-ray
f03d0613b0d845c39cb112678bc1960c
vary
Accept-Encoding
access-control-allow-headers
*
x-77-nzt
EggBT3/O6QFBCAG5O98UAQE
cache-control
max-age=604800
access-control-allow-origin
*
x-77-pop
newyorkUSNY
x-service-version
img-dscr-srv-a922622f
server
CDN77-Turbo
/
geo.privacymanager.io/
30 B
626 B
Fetch
General
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats-wrapper.privacymanager.io
URL: https://ats-wrapper.privacymanager.io/ats-modules/c77a7cdd-fb29-4ac0-bc41-84011afce9b3/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-61.ewr53.r.cloudfront.net
Software
/
Resource Hash
df790197e64683df0e6a96ff423dc23bd96010b5aa6bee119c148b70f6dc33ca

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

x-amz-apigw-id
f2YFtFP6DoEEQ0w=
age
17476
x-amzn-trace-id
Root=1-67126d57-7472b8a404b2b3a53637c536;Parent=33fd197646cd501e;Sampled=0;Lineage=1:06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
x-amzn-requestid
f7d2c7f4-8036-4e25-84de-114eca4ded9c
via
1.1 1ffcb4016d0c1224c9505d74a866e6a8.cloudfront.net (CloudFront), 1.1 b8d8693cc4ac05b6a9cebe2651a2c8b8.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
30
x-amz-cf-id
-NQ7biJbP6TbQFlLF5AyV_0yJrcuSmC2KtFBctHZYLlh_vSmZTQ2pg==
date
Fri, 18 Oct 2024 14:14:47 GMT
content-type
application/json
x-amz-cf-pop
IAD61-P2, EWR53-P1
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
3505942
api.userway.org/api/br-links/v0/contribute/
51 B
429 B
Fetch
General
Full URL
https://api.userway.org/api/br-links/v0/contribute/3505942
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/remediation/2024-10-08-15-28-17/paid/remediation-tool.js?ts=1728401297040
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f14:5db:eb22:5692:bcde:179:4a32 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a371978536745668f9c16dcbdbf0d5ca436d146906664dcc0529f16d70567fdf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

access-control-max-age
3000
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
no-cache, no-store, must-revalidate
etag
W/"33-H+KjAZZBE0PpJIInQTjCoPBRoaQ"
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin
*
content-length
51
date
Fri, 18 Oct 2024 19:06:04 GMT
content-type
application/json; charset=utf-8
x-service-version
apps-5b4b97f5
vary
Accept-Encoding
access-control-allow-headers
*
3505942
api.userway.org/api/br-links/v0/links/
234 B
601 B
Fetch
General
Full URL
https://api.userway.org/api/br-links/v0/links/3505942
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/remediation/2024-10-08-15-28-17/paid/remediation-tool.js?ts=1728401297040
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f14:5db:eb22:5692:bcde:179:4a32 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
c5556fa028def01c7725448835b49427810e1aceb7e0deae70f260ffc6ce7109

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

access-control-max-age
3000
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=300, public
etag
W/"ea-5Tg3kRqkXPZQJmNiHkkgndrx0uY"
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin
*
content-length
234
date
Fri, 18 Oct 2024 19:06:04 GMT
content-type
application/json; charset=utf-8
x-service-version
apps-5b4b97f5
vary
Accept-Encoding
access-control-allow-headers
*
sodar
ep1.adtrafficquality.google/pagead/
0
0

async_usersync.html
acdn.adnxs.com/dmp/ Frame 4BF5
0
0
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/prebid8.52.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.12up.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
28645
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 18 Oct 2024 19:06:05 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 17 May 2024 08:31:56 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
3183213, 31728
X-Served-By
cache-lga21993-LGA, cache-lax-kwhp1940086-LAX
X-Timer
S1729278366.810402,VS0,VE0
isync
visitor.omnitagjs.com/visitor/ Frame 9336
0
0
Document
General
Full URL
https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&gdpr=0&gdpr_consent=&us_privacy=1YNN
Requested by
Host: cdn.mmctsvc.com
URL: https://cdn.mmctsvc.com/commercial-api/prebid8.52.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.12up.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
1858
content-type
text/html; charset=UTF-8
date
Fri, 18 Oct 2024 19:06:05 GMT
expires
0
p3p
CP="CAO PSA OUR"
pragma
no-cache
server
ayl-lb-usa02
vary
Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
1
status
api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fwww.12up.com%2F/DESKTOP/WIDGET_ON/
77 B
454 B
Fetch
General
Full URL
https://api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fwww.12up.com%2F/DESKTOP/WIDGET_ON/status
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-10-08-15-28-17/widget_app_base_1728401297040.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f14:5db:eb22:5692:bcde:179:4a32 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d2f13447bd89c56bad76bac2e4e551ac6b611f40503104b70ee26812afe5a94c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

access-control-max-age
3000
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
no-cache, no-store, must-revalidate
etag
W/"4d-wYLRLrbWidRwnfhEvoB+Y2U04NY"
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin
*
content-length
77
date
Fri, 18 Oct 2024 19:06:06 GMT
content-type
application/json; charset=utf-8
x-service-version
seo-w-eb3c4543
vary
Accept-Encoding
access-control-allow-headers
*
collect
www.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-QNYDBQ002V&gtm=45je4ah0v887183436z872382166za200zb72382166&_p=1729278358243&gcd=13l3l3l3l1l1&npa=0&dma=0&tcfd=10000&tag_exp=101686685&cid=348420887.1729278360&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=2&dl=https%3A%2F%2Fwww.12up.com%2F&dt=24%2F7%20Sports%20News%2C%20Opinions%20and%20Videos&dr=&sid=1729278359&sct=1&seg=0&en=Scroll%2025%25&ep.sample_rate=100&ep.page_language=en&ep.page_type=HomePage&ep.distribution_channels=none%2C&ep.anonimized=false&ep.traffic_source_to_dfp=Direct&ep.traffic_id_to_dfp=&ep.affiliate_id_hit=&ep.is_article_infinite_scroll_page=false&epn.number_of_article_on_page=1&ep.player_ownership=O%26O&ep.experiment_version_hit=&ep.maxmind_geo_detected_hit=US&epn.unique_event_id_hit=159&ep.post_fs_site_id=12up_en_international_web&ep.post_vertical=unknown&ep.anonymizeIp=true&ep.cookieFlags=samesite%3Dnone%3Bsecure&ep.platform=desktop&ep.article_template=none&ep.is_slideshow=false&ep.finite_scroll_data_exists=false&ep.mm_user_identifier=XX8tL2Z5XfK1nOJg&ep.userid_hit=XX8tL2Z5XfK1nOJg&ep.GTM_event_trigger=gtm.scrollDepth&ep.property=12up_en_international_web&ep.mmSessionID=Xx6byffcrphuI4DK&ep.mmUserID=XX8tL2Z5XfK1nOJg&ep.custom_timestamp=2024-10-18T19%3A06%3A02.344Z&ep.state=none&ep.GTM_container_name=Minute%20Media&ep.event_category=Scroll&epn.event_label=25&_et=2719&tfd=11445
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QNYDBQ002V&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.238 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.12up.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.12up.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 19:06:07 GMT
content-type
text/plain
server
Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ep1.adtrafficquality.google
URL
https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gpt_m202410100101&jk=699439471406442&bg=!e3ileDfNAAaUWUsktFk7ADQBe5WfOCGfjPjEHCBqNfNf2OkctpHkvZvH5Q84Eh1LBspMMQkYRviR1dJtaW_0MbGUPDFWAgAAAEZSAAAABWgBB34ANhtDGNJKNvXnK1kGYSpAQQPa4hxjHdTLyRHmcTcLhdQaAqY4o4ompXCirBBRgQiVSixtBwtXGZkCkwWYCf0A-TdtkaMnaWwR1djsM09_CMkycy6q2Tw6d8ufRrZSvVXNR0t00az6WzClD6T10oM-8EMWAZYqsrIV1szBNwmbpRIBADiEMzU7emBGsVAMPmkyPfcduDZuwVMih5HR78wafipaDwOTzU8TaIoTW8enUGhHGcV9gKsBvAQwTLvsMgNGRDylHg3flQmaBxZYK85xLGLNOeqx5Fmhz7M1fZeaWfMK9HugYOLhCkADPlAgFj9SvjVEAUZVZ6Oikfiybf1HpOCGaZo0_RelblO75iG6bPfpIAoz8ulOdKwXhD9Y10Rj-K8xzv5eaeh5tFNy0AWaCmPqmsKlnRtTMPHR_YOShGCc2Eyuykh9YVxuO1WoaLwpeW3vEphRKg1ID4Ntfo2JgMieqAXr8uhSeTynq92C2L9DC3s1aHMGjJP64W0g5No8A_DwVcGwnmf-RTgC_9CELI95YE87nZDxT3pBmKKcbtaEUx2kC6aAJfHUpsKdibs5XH6TgLcWau_PNnsglXL4q30dmezE65ux168KuDbZ-l6tYEkedYdSb715KOP78RowvrR_moWNhcOwmhxRUUdNaWMybvubDb3tGpIl3GDy4dirVXxH6pWaZfYC-9rI7Gj7BJfBqmEAXGSjRnHZr6nKRQC6zaj-9qiKTevmpTnoFEKffIYPGzUTrsaPmAiuYG36RFG-pGUC1yIxh6we3IaXdEB9bD2SvYmsqZkl9C2DypokOk_NMY987GoMJc6u7r5oaam2iaOgrSlB27WOml_JkimsRC-8t81v1uC5jf6PQ-794LkqXBRlSMrvHOuGp9WyVq0MHIpYweK6D5nvllu_rloKgnis3GYjtghlUMJAh13Q7B5X3ISsRP0qdgvk

Verdicts & Comments Add Verdict or Comment

409 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| webVitals string| cc string| id object| didomiConfig function| __tcfapi object| didomiEventListeners function| __uspapi object| dataLayer object| mmClientApi object| placeholders object| grumi object| __RENDERED_CLASS_NAMES__ object| __PRELOADED_STATE__ function| createUserIdentifier function| createAffiliateValue object| apstag object| mmPrebid object| googletag object| __tcfapiBuffer object| win object| doc object| mmPrebidChunk object| _pbjsGlobals object| regeneratorRuntime object| didomiRemoteConfig string| didomiCountry string| didomiRegion object| didomiGeoRegulations object| ggeac object| google_tag_data object| google_js_reporting_queue object| _aps boolean| apstagLOADED object| apscustom object| device object| __mmClientApiSubscriptions__ object| webpackChunkDidomi object| Didomi object| didomiOnReady object| google_tag_manager function| postscribe object| google_tag_manager_external object| mmPageData function| fbq function| _fbq object| s1 function| mmTrackError function| mmGetDefaultData function| mmTrackEvent function| validateElementType object| params string| country string| platform string| clientID string| distributionChannels string| mmSessionId string| mmUserId function| onAdImpressionReports function| trackPlayerEmbed function| registerToEventsPlayer object| DidomiSanitizing object| didomiState object| lotame_sync_16576 function| ha object| cnvr_launcher_options object| google_reactive_ads_global_state object| gaGlobal object| hadron boolean| __halo_loaded__ object| UserWayWidgetApp object| launchPad object| launchPadConfiguration object| nodeScript function| __launchpad function| lotameIsCompatible function| sync16576_aa function| sync16576_c function| sync16576_f object| sync16576_h function| sync16576_ca function| sync16576_j function| sync16576_da object| sync16576_ object| sync16576_ia object| sync16576_ja object| sync16576_s object| sync16576_wa function| sync16576_a function| sync16576_b function| sync16576_g function| sync16576_i function| sync16576_k function| sync16576_l function| sync16576_m function| sync16576_n function| sync16576_o function| sync16576_p function| sync16576_q function| sync16576_r function| sync16576_fa function| sync16576_ea function| sync16576_ga function| sync16576_ha function| sync16576_t function| sync16576_v function| sync16576_w function| sync16576_x function| sync16576_ka function| sync16576_la function| sync16576_y function| sync16576_ma function| sync16576_z function| sync16576_A function| sync16576_u function| sync16576_C function| sync16576_na function| sync16576_oa function| sync16576_pa function| sync16576_D function| sync16576_E function| sync16576_F function| sync16576_qa function| sync16576_G function| sync16576_H function| sync16576_I function| sync16576_K function| sync16576_M function| sync16576_L function| sync16576_N function| sync16576_O function| sync16576_J function| sync16576_ra function| sync16576_sa function| sync16576_ta function| sync16576_ua function| sync16576_va function| sync16576_P function| sync16576_Q function| sync16576_xa function| sync16576_R function| sync16576_ya function| sync16576_za function| sync16576_Aa function| sync16576_S function| sync16576_Ba function| sync16576_Ca function| sync16576_Da function| sync16576_Ea function| sync16576_T function| sync16576_Fa function| sync16576_U function| sync16576_V function| sync16576_W function| sync16576_X function| sync16576_Ga function| sync16576_Y function| sync16576_Z function| sync16576__ function| sync16576_0 function| sync16576_1 function| sync16576_2 function| sync16576_Ha function| sync16576_3 function| sync16576_Ja function| sync16576_Ia function| sync16576_4 function| sync16576_La function| sync16576_Ma function| sync16576_Ka function| sync16576_Na function| sync16576_Qa function| sync16576_Pa function| sync16576_Oa function| sync16576_Sa function| sync16576_Ua function| sync16576_Ra function| sync16576_6 function| sync16576_Ta function| sync16576_Xa function| sync16576_Wa function| sync16576_Va function| sync16576_7 function| sync16576_5 function| sync16576_8 function| sync16576_Ya function| sync16576_Za function| sync16576__a function| sync16576_0a function| sync16576_9 function| sync16576_1a function| sync16576_$ function| sync16576_2a function| sync16576_3a function| sync16576_4a function| get_real_link object| __SKIM_JS_GLOBAL__ object| skimlinksAPI object| Criteo object| PublisherCommonId object| conversant object| au object| auvars function| __assign function| __read function| __spreadArray function| __values string| LS_KEY string| CDN_BASE string| LOCALES string| VERSION object| CONTROLS_WITH_TEXT_TAGS object| INPUT_TYPES_WITH_TEXT_CONTENT function| isInputElementWithText function| isDirectParentOfText object| FuncKeys object| DEFAULT_OPEN_HOTKEY object| userwaySupportedLanguages object| userwayMapToSupportedLanguages object| userwaySupportedLocales string| USERWAY_DEFAULT_FALLBACK_LANGUAGE function| userwaySupports function| formatLangCode function| __rest object| messageStream object| _userway_config boolean| _userway function| docReady object| autag string| GoogleAnalyticsObject function| ga object| audDataLayer function| audGtag object| google_tag_topics_state number| google_unique_id string| slotElement object| publink_options object| gaplugins object| gaData function| sync16589_aa function| sync16589_c function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ia object| sync16589_ja object| sync16589_s object| sync16589_wa function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_ga function| sync16589_ha function| sync16589_t function| sync16589_v function| sync16589_w function| sync16589_x function| sync16589_ka function| sync16589_la function| sync16589_y function| sync16589_ma function| sync16589_z function| sync16589_A function| sync16589_u function| sync16589_C function| sync16589_na function| sync16589_oa function| sync16589_pa function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_qa function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_K function| sync16589_M function| sync16589_L function| sync16589_N function| sync16589_O function| sync16589_J function| sync16589_ra function| sync16589_sa function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_P function| sync16589_Q function| sync16589_xa function| sync16589_R function| sync16589_ya function| sync16589_za function| sync16589_Aa function| sync16589_S function| sync16589_Ba function| sync16589_Ca function| sync16589_Da function| sync16589_Ea function| sync16589_T function| sync16589_Fa function| sync16589_U function| sync16589_V function| sync16589_W function| sync16589_X function| sync16589_Ga function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_1 function| sync16589_2 function| sync16589_Ha function| sync16589_3 function| sync16589_Ja function| sync16589_Ia function| sync16589_4 function| sync16589_La function| sync16589_Ma function| sync16589_Ka function| sync16589_Na function| sync16589_Qa function| sync16589_Pa function| sync16589_Oa function| sync16589_Sa function| sync16589_Ua function| sync16589_Ra function| sync16589_6 function| sync16589_Ta function| sync16589_Xa function| sync16589_Wa function| sync16589_Va function| sync16589_7 function| sync16589_5 function| sync16589_8 function| sync16589_Ya function| sync16589_Za function| sync16589__a function| sync16589_0a function| sync16589_9 function| sync16589_1a function| sync16589_$ function| sync16589_2a function| sync16589_3a function| sync16589_4a object| lotame_sync_16589 object| au_seg object| coreid object| pbjs object| ox_esp object| _33across object| UserWay object| __id5_finalization_registry object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_159 object| Criteo_identitytag_159 object| __uid2SecureSignalProvider object| __uid2 function| __awaiter function| __generator function| __defProp function| __defProps function| __getOwnPropDescs function| __getOwnPropSymbols function| __hasOwnProp function| __propIsEnum function| __defNormalProp function| __spreadValues function| __spreadProps function| __objRest function| __async function| runMenuRemediationScript object| GoogleGcLKhOms object| criteo_pubtag_prebid_144 object| Criteo_prebid_144 function| clearImmediate function| setImmediate object| atsdetectionmodule object| atsenvelopemodule object| ats boolean| envelopeModuleReady object| google_image_requests

60 Cookies

Domain/Path Name / Value
www.12up.com/ Name: cityCode
Value: NA
www.12up.com/ Name: stateCode
Value: CA
www.12up.com/ Name: countryCode
Value: US
www.12up.com/ Name: mm-session-id
Value: Xx6byffcrphuI4DK
www.12up.com/ Name: mm-user-id
Value: XX8tL2Z5XfK1nOJg
www.12up.com/ Name: mm-session-interval
Value: 83
www.12up.com/ Name: mm-user-interval
Value: 51
www.12up.com/ Name: mm-referrer
Value: noreferrer
www.12up.com/ Name: mmSession
Value: cbadeb11-3c97-4535-81a1-6f25afebc002
www.12up.com/ Name: mmPageNum
Value: 1
www.12up.com/ Name: mmVariationId
Value: 01hv3p2gmqg1m0rdgq
.12up.com/ Name: _fbp
Value: fb.1.1729278360004.275128335197394111
.ad.gt/ Name: au_3p_check
Value: 1
.12up.com/ Name: _au_1d
Value: AU1D-0100-001729278360-DM1T0PRL-WK97
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: e53a5aa7858c7656bcae552422d4251c
.12up.com/ Name: lotame_domain_check
Value: 12up.com
.12up.com/ Name: _cc_id
Value: e53a5aa7858c7656bcae552422d4251c
.12up.com/ Name: panoramaId_expiry
Value: 1729364760233
.omnitagjs.com/ Name: ayl_visitor
Value: 22d6314cdd86f385b997b76679f5745e
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adsrvr.org/ Name: TDID
Value: 3ee03992-b92f-40fb-be85-11316988fb5d
.ad.gt/ Name: au_id
Value: AU1D-0100-001729278360-DM1T0PRL-WK97
.adnxs.com/ Name: XANDR_PANID
Value: 9h3HArhuTjFLRX7U7pOXhFWxoEfDKiiDnpnHssqElfPHak0nHQAtLKPWxK7OLzgDVbJa_5Tdn4KN8WbMCNe_3N5bkjl55LppURPILai-jHo.
.adnxs.com/ Name: uuid2
Value: 6661636663103257195
.tapad.com/ Name: TapAd_TS
Value: 1729278360623
.tapad.com/ Name: TapAd_DID
Value: cb34bcb3-c125-4be6-9642-b4e00a62730f
.pubmatic.com/ Name: KTPCACOOKIE
Value: true
.rubiconproject.com/ Name: khaos
Value: M2F3OQQT-E-FSNO
.rubiconproject.com/ Name: khaos_p
Value: M2F3OQQT-E-FSNO
.12up.com/ Name: _ga
Value: GA1.2.348420887.1729278360
.12up.com/ Name: _gid
Value: GA1.2.1862241633.1729278361
.pubmatic.com/ Name: KADUSERCOOKIE
Value: DF4C1C46-AA07-4F00-9C4E-A33A6E4442E7
.criteo.com/ Name: cto_bundle
Value: rM4jMV9VVUlEYWhmdWRaclZLOEdyNElDRXZEcGFjbUZ0aWNDSDJHQzN6Y0RROGpTbXIlMkJ2R0RCUDlRUUVyUWFZdURLQkVvaW5tSmRjTndvZ29FUTliczhaZmY1VSUyQnpqUDJ3NE85NnlzRzBZWWc5djQlM0Q
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.12up.com/ Name: cto_bidid
Value: v2mHeV84cjU4d3d6MkxYbTQlMkZKQ0lDJTJCUzV4WVhMRDNZT0dXdCUyRm1JdTNDQmU4eEExak5vcFUlMkZ4dnhJYk5XSXByeTVqdVJoajdCb21SRVAlMkJYN1RsM1o4Y3R1QlElM0QlM0Q
.id5-sync.com/ Name: id5
Value: 9c4c431e-be51-706c-aae5-727c88d89667#1729278359902#2
.contextweb.com/ Name: V
Value: jwGGBDPmKfvY
.contextweb.com/ Name: VP
Value: part_jwGGBDPmKfvY
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: c78072bbc92b451c
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!7027
.adnxs.com/ Name: icu
Value: ChgI7OpMEAoYAiACKAIwmePKuAY4AkACSAIQmePKuAYYAQ..
.openx.net/ Name: i
Value: 440ec213-51c1-4307-87c7-129f053dd7ac|1729278361
.12up.com/ Name: __gads
Value: ID=2000f4524f7589c6:T=1729278360:RT=1729278360:S=ALNI_MZAZ_0e_qJPuFptHS-3T3DOmjnz2g
.12up.com/ Name: __gpi
Value: UID=00000a5fdf96a20d:T=1729278360:RT=1729278360:S=ALNI_MZue_T9snyNppTXdSnvixLUVSGHOA
.12up.com/ Name: __eoi
Value: ID=f19fdd1072eb2605:T=1729278360:RT=1729278360:S=AA-AfjYcabH75v8SPbxAkBU6g-iv
.criteo.com/ Name: uid
Value: 55ad4da6-c96a-4bba-a0f2-ea14dcd6de32
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.openx.net/ Name: pd
Value: v2|1729278361|vMgavPkWgy
.yahoo.com/ Name: A3
Value: d=AQABBJqxEmcCEFjMsc3KrcFirmGn3mJFqyoFEgEBAQEDFGccZwAAAAAA_eMAAA&S=AQAAAr6i4qCUwfLcINXIyBIA1L4
.amazon-adsystem.com/ Name: ad-id
Value: AwQzsnJz5U3chlsespKIyXo
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.12up.com/ Name: _ga_QNYDBQ002V
Value: GS1.1.1729278359.1.0.1729278362.0.0.0
.rubiconproject.com/ Name: audit_p
Value: 1|JWqwzNN1ujMP924WiSVAbaAg/kf84x/c9zu6piasI9KCZIg+tqclAeLHYXLRqt58GjNOS2a5TDTyUhTWCqUS/Pv31DA4fHDqMp0HTDw5gZ7V/IjBlWfcnecfabkNY0PF4ig/nczRIdWe+KCbeqbYoDL9Z7MS+4eVYPDxny9O7hNPVHjylZIeXNAPlTu0R9RN
.rubiconproject.com/ Name: audit
Value: 1|JWqwzNN1ujMP924WiSVAbaAg/kf84x/c9zu6piasI9KCZIg+tqclAeLHYXLRqt58GjNOS2a5TDTyUhTWCqUS/Pv31DA4fHDqMp0HTDw5gZ7V/IjBlWfcnecfabkNY0PF4ig/nczRIdWe+KCbeqbYoDL9Z7MS+4eVYPDxny9O7hNPVHjylZIeXNAPlTu0R9RN
.12up.com/ Name: cto_bundle
Value: aqDxF19BUXZlJTJGeVJyUEtycWZoTlVJYW5tZ0hJNXlmTEJ1cWdLZWRsVjQ2ZGJ2akxQc2s1ck1TUzZvUVBnVUV4QzZvY2ZwVEFDQ1VsVlVWYjRISVlWYTYzZlBZdyUyQkVFSTdnSzhXQSUyQk1aOEppMURZNGR5a3hFY2dsajU2R09TT0hVTnlJUyUyQndBUHA0TE9pMDJTdmlaajVnYjRhUSUzRCUzRA
www.12up.com/ Name: _lr_geo_location_state
Value: CA
www.12up.com/ Name: _lr_geo_location
Value: US
.adsrvr.org/ Name: TDCPM
Value: CAESFAoFdGFwYWQSCwjwivyCvuy3PRAFGAEgASgCMgsI7N7m4dTstz0QBTgBWgdrMmozZ3FwYAI.
.aidemsrv.com/ Name: __cf_bm
Value: H6rXC6khe.TOYAf8YNL3obREE7j1LEmSrS8K1QuIymY-1729278366-1.0.1.1-szvhm7xPyFLYfbkEmQZNluEN_p79HMcIBfVKAJjDcoMQY0Qur6pOc.LdmbO.V.Z.UoYqKHQfJ2U2CF4CcwvGnQ

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12up.com
a.ad.gt
aax.amazon-adsystem.com
ab1ed7f8143955b8e254c8d3ceb9ca41.safeframe.googlesyndication.com
acdn.adnxs.com
api.userway.org
assets.minutemediacdn.com
ats-wrapper.privacymanager.io
bcp.crwdcntrl.net
bh.contextweb.com
bidder.criteo.com
c.amazon-adsystem.com
c.aps.amazon-adsystem.com
cdn-ima.33across.com
cdn.hadronid.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.mmctsvc.com
cdn.prod.uidapi.com
cdn.userway.org
cdn77.api.userway.org
cm.g.doubleclick.net
config.aps.amazon-adsystem.com
config.bqstreamer.com
connect.facebook.net
ep1.adtrafficquality.google
ep2.adtrafficquality.google
fonts.googleapis.com
fonts.gstatic.com
geo.privacymanager.io
google-bidout-d.openx.net
gum.criteo.com
hb-api.omnitagjs.com
i-quiz.12up.com
ib.adnxs.com
id.hadron.ad.gt
id5-sync.com
ids.ad.gt
image2.pubmatic.com
images2.minutemediacdn.com
launchpad-wrapper.privacymanager.io
launchpad.privacymanager.io
lb.eu-1-id5-sync.com
match.adsrvr.org
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
p.ad.gt
p.skimresources.com
pixel.tapad.com
pixels.ad.gt
proc.ad.cpe.dotomi.com
proton.ad.gt
r.skimresources.com
rumcdn.geoedge.be
s.skimresources.com
sdk.privacy-center.org
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
seg.ad.gt
static.criteo.net
stats.bqstreamer.com
sync.1rx.io
sync.colossusssp.com
t.skimresources.com
tags.crwdcntrl.net
token.rubiconproject.com
visitor.omnitagjs.com
www.12up.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
ep1.adtrafficquality.google
108.138.106.56
108.138.115.149
108.138.128.124
13.249.91.104
13.35.93.23
141.95.33.120
141.95.98.64
142.250.176.194
142.250.65.226
142.250.65.238
142.250.80.99
142.250.81.232
142.251.35.164
142.251.40.194
15.197.193.217
151.101.1.91
151.101.129.108
157.240.241.1
172.240.155.108
172.64.152.89
18.164.108.113
18.164.116.85
18.164.96.40
18.238.80.48
195.244.31.11
23.203.179.38
2600:1f14:5db:eb22:5692:bcde:179:4a32
2600:9000:23ca:7200:14:3f07:afc0:93a1
2600:9000:2510:aa00:f:8f3b:1200:93a1
2600:9000:2510:ac00:5:b7cc:d3c0:93a1
2600:9000:2511:5000:a:e047:754:afe1
2600:9000:2511:bc00:4:b37b:9440:93a1
2600:9000:2514:6600:18:ed96:9000:93a1
2600:9000:261f:d200:19:4ac0:c3c0:93a1
2600:9000:2807:e600:10:8a57:ed40:93a1
2606:4700:10::6816:35ad
2606:4700:10::6816:445
2606:4700:10::6816:545
2606:4700:10::ac43:266a
2606:4700:20::681a:367
2606:4700:20::ac43:4728
2606:ae80:1451:20::1780
2607:f8b0:4006:817::2001
2607:f8b0:4006:81c::2008
2607:f8b0:4006:81e::2001
2607:f8b0:4006:81e::200a
2607:f8b0:4006:81e::200e
2620:100:a00b::12
2620:100:a00b::30
2620:100:a00b::4
2a02:6ea0:c400::54
2a03:2880:f112:182:face:b00c:0:25de
2a04:4e42:200::485
3.229.119.146
34.102.146.192
34.111.113.62
34.120.107.143
35.190.59.101
35.190.91.160
35.201.67.47
35.244.159.8
44.239.104.45
44.241.188.24
52.85.61.61
68.67.179.164
69.173.146.5
69.194.240.13
74.119.117.17
74.214.194.131
8.28.7.83
02f259d7df7cf810f7571ba6fe76416f24e1f2b3467511636975413512f749ec
03408ce36df45dba425df4b384a0a9b607883f09744037118aedfa0868869791
04a11f63a307b6de927633f140e7fe9ac23198fb7c2896353966bca35d81f900
04d19a4933576336de80d6d9817c98c13ff1f98d0d970b9f386e414b9ea0d395
060fbb9a4c445a50a02ad373763796411198f52f04e877c3bb7d1b5a2ae94a6c
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0db5f4f84aa206f4dd0b4f89ec4adc11d315dff79fb77ef46cbfdfde0297e69c
13b0c99b494f2bedfa14d7682d4a3d6f11bd66f8b9978e4815634370d37fcf7c
15d58130847c9924c48287f0abdb36d6276a65800f5ae76ba71b5e9eed9f324c
1635d2075d3343c86490d2229c1fb868ad59d92958ef65e04cb65767c703e9f6
1635fe069344f247f0e45d35a4da413e68c15fdce556b74e20d7d72672979196
1764e898369c24be8d7d1cbcb82079c27f3898fbc1883f388a5c1008dd30c9e8
1864c515cb8d27edeeb06d1c47b0eac409d3611d6d979efb9e38c66c2484e01a
188be32ed1e8c36515e93f73dad7425af719d037b6d0d7f10596ca4b912e595e
19aae78d7beaecfaffbb36932e908f578d5a72432ba663accc95815a9f2cd21f
21219dc6148ff4a0ac627b0edbd14caec1e8d225b75d34d8dd9fd16654f155bb
21eb1e487c899c6192c31800445bfb81caa7ff1fca550ea3fdb3444834d85710
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
276634df2494ff8b95a18c3496e2ee12d0c247a4680e8872edd29ad56c648526
2af998a09e715d8766b8ba01a9b32069d9b5794cf0c520d412f2e1930c5345aa
30b32e97f2e3e06deb742bf2e19daeb4f4657a956e836c2a25a7df2bc72f7500
30caacff9f7f2ae34525318fcc8cbe42a56ac9a9ac503a29733048baf2cae8f2
30de3246206b38b390d4d119eb5377bbae3a5110606d11e4a4e60ca4881884cd
32a5c1f550ac3d96904217255db35c7da1270cf727f5827b6d2052dae92a941b
33c70c297b1a729f965a6aca60b7b3bb7a3b06bd13efe07698516fa98ac8b9f9
3520ab6871aac9ce5c67a2f3f8e9b5a312f76a79130e52c387a10c5c56b0cbbb
3941f58e8f999233c95dc58a0500eaad4aeb5006b0e7cda21bfee9f569342f38
3cd6aeb0ba37408f48bead1c116588c241f9a734ffc2aaf96a2b84aa20977cbc
3db21afcae9e63b21aefe9806020b94b92fed43dfec55b50849caff7a138c1f9
412134da64d002ac4534b0e5129556dfaf8fd880dde7b26e3b52841ed4ffab53
42c1ddeaf8478b1f54eedb7829ea19fc7ab4490e6efd70247dd1660f73dd1b73
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
48eef7fe61a3e2c7c88ac1c6a263bd851b6a05363607e52fd2be4e4472d42255
492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586
4b338fa9ed7d0c7c63672199d075e6fda7089a9f81ec86e9ee83629973ba7177
4d26354c3a34441bc6d0749595ffd06503539f63afbf97ec1c804fee777b0969
4e42d59449e68b571d4ef54deab04b0b283ef38e4b1b5be91d3bf5f661e1f716
4f3ad877a3940e48ef16f08adecab5fc0e47b3da13d0efac8f02d07d428c8f8a
53f4bc0f602c941f5ae8fb2164ddee6f83983c9004aac2fcc872f83499268666
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
5fd7fc4b8be9c2eeb3efb728f0483d444e4a8db80f0597e4ef7950105638bb08
638f7ab715bb0b6ab0a41612423fe0bf7dedc65ba83ded228b76f8187dfaa02b
6598525fb7f424f533cc1e037c324825db29436400b47e15b4272a58857eec33
6641befd5f63e978bd52db55063ff9535f3c2aac8df8b6b5cc19ccbfba1a7efd
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
69a04d963ab81b5e0664d7573c020eb76d19d3c9c99ac883b31407f913bccdbd
6b366b7b90a12c3c82ff55e42e8a02a5267c7a8bf57a4a6812c81a88ed8aecca
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36
783cdac7c78da290d95cb9df2bbc75504528d7f73d506c1f7af8aa795a839448
8008e9121fdff4d41dcb8361bba9084c222bbdde77abe599f5ac61c8b4e68456
80650aafb18ccffe3b53515506496cf247df579a0d1a39e1ca6f0137eeb68e5b
8143adc8493aa5b324a245e633fb242a4632d14967c252f080b6215b33e14e9d
815c6e7ae2d7690a4a286267010e7f5f9db08c536967b5954a84f16fede27b09
82eb7a6137dc9f08032d69704dca80785b661b17bce5f2e335a40db19ca391ed
8570c24c068626bb6adec27a0dcc06c13fcd747fa78225c16f76166e868a0843
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8a2ab36c83d5d55e311fbf787dbc7de0a17b89eb0b30b1772f518a79db334001
92a186a4d39702090ae3d539a1cf7cc0187b99203ed928fb4514fa3fdabf566d
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb
9b230d258ebe3e853a47335ae45b8093ade40427b833ccf20702badab80b1c2e
9b510244bed7026cfc78521c96e962a2e8b177cffba101f128451ffedbb78a16
9f347fcf1830964ef689cd561b92a8c3644507abe2731a00c40c3e4fdfbd5d1b
a15e071c7f0f3eea048c4da8bcf65f263c5a27cd2ec15b415d29ae6eb367bea7
a2c699b8dad2cde8aa217c1a8f54492504bc0c2a9dbd091d4da1abe47710685e
a371978536745668f9c16dcbdbf0d5ca436d146906664dcc0529f16d70567fdf
a45d19ccddd46756c70371821d1a74b627fe0628021c8c9a851d821fbbe1f09c
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a82d87f8daf32c8ed879ffacb97ad32adbd563e9f63356c8a62f5ccc29ad33a3
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ad3f3e9859b6955140575f1ecc09452b9157134817f942bb5c35b489e66af261
ae33c40aa889646f2c2b3383d8be2cb2a29f4c84e27cc856536bf576dcd82f33
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b089cfcd4c5a86666fd5dff409063900fc5561279cd9210939540536ac859290
b0cd4de1fcf441a55e51ccc5a02625de4a5b83fd474a04d038e50ab3906cbcd2
b29a15fb002504a605694c95d51fdd0fc45a10bbc0218a507e60a51657adef29
b2ac0a80c3037e36cc04e4ac63a9fd246542c3c2370504f571ebaeada10be9cc
b7f0fc303cfb4498c6f2cf45a099fdd35bd7d53e7157a19c447311839e7cc35e
b990e335530a1a5bc6fe095fb170a9809f379d0448c20204614e9ad7cde443f1
ba570e8b52c53393e2a4bdae99ff51c5dc10a749cea9b2f248731417582cc163
bf21b39e6f44f41ef2844c94b4fe36999b0a19f430fbbc37676a8508c478e80c
c24ceb797dacfd5cb8ffd470280cbd64681ccdb7a74647111dc0837e2e8a0c3f
c3a0510bac02b32e86bb555bd3a1207bd60d99a59aec33e4d96a4074babcc3a5
c3e3d7e0bce6022ae66381d04eb4742252d577ba15c5f9cceb49cb14c9eb90b1
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
c46936850cfa993988f2c32b0b04a5c4b0f94c30d36aca502626befbd2b802de
c5556fa028def01c7725448835b49427810e1aceb7e0deae70f260ffc6ce7109
d15fd404241f93920bfa1548ad3aefdfb119acd347d6679ed5825276a1af33ee
d1c346be6b51c63aaf1fbb984ea31338a0121dba9fa36af3a1cd6cf92d901959
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d2f13447bd89c56bad76bac2e4e551ac6b611f40503104b70ee26812afe5a94c
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f
d43f69b9bd57c2cb6ccf25144b75357de90eef762f802810dfaa80f9a5d10e59
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df790197e64683df0e6a96ff423dc23bd96010b5aa6bee119c148b70f6dc33ca
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5f286a5113e6a94c2ad621e4ffba3f5b598896c744b9781af86782bff104580
eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce
edb5b549f72c90d41721162403ae16b89e82e854827986b1d942015eb616f303
f11f201fd4dc1d3d6c613f55e673790028bcdb0fd9aada88f006003a2cafbd45
f121cd64be0220a99970f8822704db033385f36c7cfae93bbee1c28ad64e8df0
f243c381950fc23d9e7c6ffbbece434c0aaf034f9dc657daaf66039f5b4a13b5
f4cfd4a5b95dfb31c47cd567d9719fc12a0453f6ff27e2872147a9740e4b9e56
f98d5fca3c93eb8086952c200e59dc21fc7b2ad893b5680cec00f4b7f2a38215
f9ae744f373460644da5751ebd67442444c82d08e419c6e128e5025c3a0a0f07
fcbd22fcf355f8ca1b4eee520ca2541bb02fa8c77ccfe2d2795570b89a7fd134
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
fe66f91eae12efca0ac117ae0505e43f25e81f9da5ad13cd2e563bf7fe1508ee
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99