www.flomarching.com Open in urlscan Pro
151.101.130.114 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://flomarching.com/
Effective URL:
https://www.flomarching.com/
Submission: On August 14 via manual (August 14th 2021, 12:43:43 am UTC) from US

Summary HTTP 299 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 89 IPs in 10 countries across 75 domains to perform 299 HTTP transactions. The main IP is 151.101.130.114, located in United States and belongs to FASTLY, US. The main domain is www.flomarching.com.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2020 on June 15th 2021. Valid for: a year.

This is the only time www.flomarching.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	151.101.2.114 151.101.2.114	54113 (FASTLY) (FASTLY)
27	151.101.130.114 151.101.130.114	54113 (FASTLY) (FASTLY)
4	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
7	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
5	52.84.44.170 52.84.44.170	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
5	2a03:2880:f04... 2a03:2880:f045:10:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
18	2600:9000:210... 2600:9000:2104:4a00:6:3e38:9800:21	16509 (AMAZON-02) (AMAZON-02)
7	151.101.194.114 151.101.194.114	54113 (FASTLY) (FASTLY)
3	52.84.45.121 52.84.45.121	16509 (AMAZON-02) (AMAZON-02)
1	13.224.193.90 13.224.193.90	16509 (AMAZON-02) (AMAZON-02)
2	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
6	2620:116:800d... 2620:116:800d:21:8c6e:cf2c:8d6:9fb5	16509 (AMAZON-02) (AMAZON-02)
2	65.9.73.18 65.9.73.18	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:20e... 2600:9000:20eb:d400:18:1fcd:34f:cdc1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:210... 2600:9000:2104:b200:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	54.88.105.93 54.88.105.93	14618 (AMAZON-AES) (AMAZON-AES)
1	52.19.154.16 52.19.154.16	16509 (AMAZON-02) (AMAZON-02)
4	52.202.228.151 52.202.228.151	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:21f... 2600:9000:21f3:3a00:13:c079:7880:93a1	16509 (AMAZON-02) (AMAZON-02)
1	65.9.78.118 65.9.78.118	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:21f... 2600:9000:21f3:1c00:17:5c81:fb80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c08::9d	15169 (GOOGLE) (GOOGLE)
6	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 4	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	3.126.220.154 3.126.220.154	16509 (AMAZON-02) (AMAZON-02)
2	35.156.78.196 35.156.78.196	16509 (AMAZON-02) (AMAZON-02)
2	52.28.203.152 52.28.203.152	16509 (AMAZON-02) (AMAZON-02)
6	185.64.189.116 185.64.189.116	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 14	185.33.221.53 185.33.221.53	29990 (ASN-APPNEX) (ASN-APPNEX)
2	184.31.84.150 184.31.84.150	16625 (AKAMAI-AS) (AKAMAI-AS)
2	213.19.162.61 213.19.162.61	26667 (RUBICONPR...) (RUBICONPROJECT)
2 16	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2.18.232.130 2.18.232.130	16625 (AKAMAI-AS) (AKAMAI-AS)
4	104.109.78.125 104.109.78.125	16625 (AKAMAI-AS) (AKAMAI-AS)
2 12	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1 19	52.208.210.171 52.208.210.171	16509 (AMAZON-02) (AMAZON-02)
1 2	2600:1f18:612... 2600:1f18:612b:4200:3aa:8894:1069:c551	14618 (AMAZON-AES) (AMAZON-AES)
1 1	18.195.58.36 18.195.58.36	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:13::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	37.157.4.23 37.157.4.23	198622 (ADFORM) (ADFORM)
1	213.155.156.168 213.155.156.168	1299 (TELIANET ...) (TELIANET Telia Carrier)
1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
10 22	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
5 5	185.29.135.227 185.29.135.227	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2	185.64.189.114 185.64.189.114	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 3	51.210.112.236 51.210.112.236	16276 (OVH) (OVH)
2 2	52.208.103.128 52.208.103.128	16509 (AMAZON-02) (AMAZON-02)
5 10	13.248.242.197 13.248.242.197	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700:10:... 2606:4700:10::6816:1857	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	159.253.128.188 159.253.128.188	36351 (SOFTLAYER) (SOFTLAYER)
3	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 6	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
3	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
3 6	52.46.130.91 52.46.130.91	16509 (AMAZON-02) (AMAZON-02)
1	35.241.40.233 35.241.40.233	15169 (GOOGLE) (GOOGLE)
2 2	3.123.143.157 3.123.143.157	16509 (AMAZON-02) (AMAZON-02)
1 2	18.233.75.25 18.233.75.25	14618 (AMAZON-AES) (AMAZON-AES)
8	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
2	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2006	15169 (GOOGLE) (GOOGLE)
1 2	37.252.172.36 37.252.172.36	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (TURN) (TURN)
1 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1 1	54.90.144.255 54.90.144.255	14618 (AMAZON-AES) (AMAZON-AES)
3 4	52.59.115.28 52.59.115.28	16509 (AMAZON-02) (AMAZON-02)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3 3	64.202.112.127 64.202.112.127	23352 (SERVERCEN...) (SERVERCENTRAL)
2 2	54.194.211.3 54.194.211.3	16509 (AMAZON-02) (AMAZON-02)
1 1	54.87.192.123 54.87.192.123	14618 (AMAZON-AES) (AMAZON-AES)
3 3	213.19.147.45 213.19.147.45	26120 (RHYTHMONE) (RHYTHMONE)
1 1	198.148.27.140 198.148.27.140	19189 (PULSEPOINT) (PULSEPOINT)
3 3	70.42.32.95 70.42.32.95	13789 (INTERNAP-...) (INTERNAP-BLK3)
1 1	185.64.190.79 185.64.190.79	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1 1	52.205.83.58 52.205.83.58	14618 (AMAZON-AES) (AMAZON-AES)
1	193.122.128.135 193.122.128.135	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
1	169.197.150.8 169.197.150.8	398989 (DEEPINTENT) (DEEPINTENT)
2 2	18.157.193.56 18.157.193.56	16509 (AMAZON-02) (AMAZON-02)
1 1	185.86.139.104 185.86.139.104	201081 (SMARTADSE...) (SMARTADSERVER)
1 1	2.19.35.65 2.19.35.65	16625 (AKAMAI-AS) (AKAMAI-AS)
4 4	151.101.14.49 151.101.14.49	54113 (FASTLY) (FASTLY)
1	208.100.17.171 208.100.17.171	32748 (STEADFAST) (STEADFAST)
1	18.195.155.181 18.195.155.181	16509 (AMAZON-02) (AMAZON-02)
1 1	202.241.208.100 202.241.208.100	4694 (IDCF IDC ...) (IDCF IDC Frontier Inc.)
1 1	193.0.160.128 193.0.160.128	54312 (ROCKETFUEL) (ROCKETFUEL)
2 2	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
3	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	34.120.133.55 34.120.133.55	15169 (GOOGLE) (GOOGLE)
2	185.64.189.226 185.64.189.226	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	185.64.190.81 185.64.190.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 8	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2	2600:9000:20e... 2600:9000:20eb:b800:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	54.186.42.192 54.186.42.192	16509 (AMAZON-02) (AMAZON-02)
1	52.30.148.233 52.30.148.233	16509 (AMAZON-02) (AMAZON-02)
1	65.9.73.41 65.9.73.41	16509 (AMAZON-02) (AMAZON-02)
1	65.9.73.23 65.9.73.23	16509 (AMAZON-02) (AMAZON-02)
299	89

1 151.101.2.114 (United States) 1 redirects

ASN54113 (FASTLY, US)

flomarching.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 151.101.130.114 (United States)

ASN54113 (FASTLY, US)

www.flomarching.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
siop.flosports.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.84.44.170 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-44-170.mrs52.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f045:10:face:b00c:0:3 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2600:9000:2104:4a00:6:3e38:9800:21 (United States)

ASN16509 (AMAZON-02, US)

d2779tscntxxsw.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.101.194.114 (United States)

ASN54113 (FASTLY, US)

live-api-3.flosports.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
siop.flosports.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.84.45.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-45-121.mrs52.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.193.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-90.fra2.r.cloudfront.net

app30.flosports.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.73.18 (United States)

ASN16509 (AMAZON-02, US)

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:d400:18:1fcd:34f:cdc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2104:b200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.88.105.93 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-88-105-93.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.19.154.16 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-154-16.eu-west-1.compute.amazonaws.com

resources.xg4ken.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.202.228.151 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-228-151.compute-1.amazonaws.com

tags.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:3a00:13:c079:7880:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.78.118 (United States)

ASN16509 (AMAZON-02, US)

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:1c00:17:5c81:fb80:93a1 (United States)

ASN16509 (AMAZON-02, US)

4788290a-f608-454f-9b84-d62b35cdcd20.redfastlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.220.154 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-220-154.eu-central-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.156.78.196 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-78-196.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.28.203.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.64.189.116 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

ow.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 185.33.221.53 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.31.84.150 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-84-150.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.162.61 (United Kingdom)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 76.223.111.18 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 52.208.210.171 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com

rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:612b:4200:3aa:8894:1069:c551 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

pbs.publishers.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.58.36 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1400 (United States)

ASN41041 (VCLK-EU-SE, US)

prebid-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a1a4ef964424114d68c538763efe3d7c.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.23 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.155.156.168 (Uppsala, Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 213-155-156-168.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 142.250.185.98 (United States) 10 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.29.135.227 (United Kingdom) 5 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.210.112.236 (France) 3 redirects

ASN16276 (OVH, FR)
PTR: ns3175227.ip-51-210-112.eu

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.208.103.128 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 13.248.242.197 (United States) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:1857 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.253.128.188 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: bc.80.fd9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1288:110:c305::8000 (Dublin, Ireland) 4 redirects

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.46.130.91 (Ashburn, United States) 3 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.40.233 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 233.40.241.35.bc.googleusercontent.com

dmp.brand-display.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.123.143.157 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-143-157.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.233.75.25 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-233-75-25.compute-1.amazonaws.com

um2.eqads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.172.36 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (TURN, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.90.144.255 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

beacon.lynx.cognitivlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.59.115.28 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-115-28.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 64.202.112.127 (United States) 3 redirects

ASN23352 (SERVERCENTRAL, US)

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.194.211.3 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

ads.avct.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.87.192.123 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.45 (United Kingdom) 3 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.140 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 70.42.32.95 (United States) 3 redirects

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.79 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.205.83.58 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-83-58.compute-1.amazonaws.com

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.122.128.135 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)

sync.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.157.193.56 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-193-56.eu-central-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.104 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.35.65 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.14.49 (Frankfurt am Main, Germany) 4 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.100.17.171 (United States)

ASN32748 (STEADFAST, US)
PTR: ip171.208-100-17.static.steadfastdns.net

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com

cs.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.241.208.100 (Japan) 1 redirects

ASN4694 (IDCF IDC Frontier Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.128 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.65 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.226 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

t.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 69.173.144.139 (Frankfurt am Main, Germany) 3 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20eb:b800:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.186.42.192 (Boardman, United States)

ASN16509 (AMAZON-02, US)

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.148.233 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-148-233.eu-west-1.compute.amazonaws.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.73.41 (United States)

ASN16509 (AMAZON-02, US)

ats.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.73.23 (United States)

ASN16509 (AMAZON-02, US)

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	doubleclick.net 11 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net googleads4.g.doubleclick.net	183 KB
27	flomarching.com 1 redirects flomarching.com www.flomarching.com	710 KB
25	pubmatic.com 1 redirects ads.pubmatic.com hbopenbid.pubmatic.com ow.pubmatic.com image6.pubmatic.com image4.pubmatic.com image2.pubmatic.com simage2.pubmatic.com image8.pubmatic.com t.pubmatic.com simage4.pubmatic.com	176 KB
20	googlesyndication.com a1a4ef964424114d68c538763efe3d7c.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	156 KB
19	gumgum.com 1 redirects rtb.gumgum.com	6 KB
18	adnxs.com 4 redirects ib.adnxs.com acdn.adnxs.com secure.adnxs.com	42 KB
18	cloudfront.net d2779tscntxxsw.cloudfront.net	723 KB
15	rubiconproject.com 4 redirects fastlane.rubiconproject.com eus.rubiconproject.com secure-assets.rubiconproject.com token.rubiconproject.com pixel.rubiconproject.com	26 KB
14	casalemedia.com 2 redirects htlb.casalemedia.com ssum-sec.casalemedia.com dsum-sec.casalemedia.com	17 KB
14	3lift.com 2 redirects tlx.3lift.com eb2.3lift.com	6 KB
12	adsrvr.org 5 redirects js.adsrvr.org match.adsrvr.org insight.adsrvr.org	10 KB
12	google-analytics.com www.google-analytics.com	21 KB
11	amazon-adsystem.com 3 redirects c.amazon-adsystem.com s.amazon-adsystem.com	39 KB
10	yahoo.com 5 redirects c2shb.ssp.yahoo.com pr-bh.ybp.yahoo.com ups.analytics.yahoo.com	4 KB
9	flosports.tv siop.flosports.tv live-api-3.flosports.tv app30.flosports.tv	83 KB
7	google.com 1 redirects apis.google.com www.google.com adservice.google.com	23 KB
6	facebook.com www.facebook.com	528 B
6	quantserve.com secure.quantserve.com pixel.quantserve.com	11 KB
5	mathtag.com 5 redirects sync.mathtag.com	3 KB
5	criteo.com 1 redirects gum.criteo.com mug.criteo.com dis.criteo.com	2 KB
5	stackadapt.com 1 redirects tags.srv.stackadapt.com sync.srv.stackadapt.com	7 KB
5	facebook.net connect.facebook.net	171 KB
4	everesttech.net 4 redirects sync-tm.everesttech.net	1 KB
4	bidswitch.net 3 redirects x.bidswitch.net	1 KB
4	indexww.com js-sec.indexww.com	4 KB
4	stripe.com js.stripe.com m.stripe.com	66 KB
3	rlcdn.com api.rlcdn.com id.rlcdn.com ats.rlcdn.com	57 KB
3	outbrain.com 3 redirects sync.outbrain.com	1 KB
3	zemanta.com 3 redirects b1sync.zemanta.com	890 B
3	googletagservices.com www.googletagservices.com	102 KB
3	onaudience.com 3 redirects pixel.onaudience.com	1 KB
3	sharethrough.com 1 redirects btlr.sharethrough.com match.sharethrough.com	486 B
3	chartbeat.net ping.chartbeat.net	601 B
2	stripe.network m.stripe.network	20 KB
2	creativecdn.com 2 redirects creativecdn.com	695 B
2	360yield.com 2 redirects ad.360yield.com	616 B
2	1rx.io 2 redirects sync.1rx.io	1 KB
2	avct.cloud 2 redirects ads.avct.cloud	892 B
2	bing.com c.bing.com	714 B
2	eqads.com 1 redirects um2.eqads.com	564 B
2	w55c.net 2 redirects pm.w55c.net	2 KB
2	zeotap.com 1 redirects spl.zeotap.com mwzeom.zeotap.com	754 B
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net	1 KB
2	adform.net 1 redirects c1.adform.net	984 B
2	google.pl adservice.google.pl	975 B
2	tremorhub.com 1 redirects pbs.publishers.tremorhub.com	517 B
2	google.de www.google.de	127 B
2	scorecardresearch.com sb.scorecardresearch.com	2 KB
2	googletagmanager.com www.googletagmanager.com	105 KB
2	googleadservices.com www.googleadservices.com	15 KB
2	googleapis.com ajax.googleapis.com imasdk.googleapis.com	149 KB
1	privacymanager.io geo.privacymanager.io	593 B
1	rfihub.com 1 redirects p.rfihub.com	749 B
1	socdm.com 1 redirects tg.socdm.com	690 B
1	emxdgt.com cs.emxdgt.com
1	33across.com ssc-cms.33across.com
1	smartadserver.com 1 redirects ssbsync.smartadserver.com	318 B
1	deepintent.com match.deepintent.com	44 B
1	technoratimedia.com sync.technoratimedia.com	294 B
1	ipredictive.com 1 redirects sync.ipredictive.com	428 B
1	openx.net 1 redirects us-u.openx.net	230 B
1	contextweb.com 1 redirects bh.contextweb.com	383 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	469 B
1	cognitivlabs.com 1 redirects beacon.lynx.cognitivlabs.com	379 B
1	turn.com 1 redirects ad.turn.com	425 B
1	2mdn.net s0.2mdn.net	88 KB
1	brand-display.com dmp.brand-display.com	253 B
1	simpli.fi um.simpli.fi	611 B
1	de17a.com d5p.de17a.com	134 B
1	dotomi.com prebid-match.dotomi.com	104 B
1	redfastlabs.com 4788290a-f608-454f-9b84-d62b35cdcd20.redfastlabs.com	72 KB
1	oribi.io cdn.oribi.io	299 B
1	xg4ken.com resources.xg4ken.com	4 KB
1	quantcount.com rules.quantcount.com	4 KB
1	chartbeat.com static.chartbeat.com	14 KB
299	75

	Domain	Requested by
26	www.flomarching.com	www.flomarching.com
19	rtb.gumgum.com	1 redirects ads.pubmatic.com rtb.gumgum.com
18	d2779tscntxxsw.cloudfront.net	www.flomarching.com
15	cm.g.doubleclick.net	10 redirects eb2.3lift.com rtb.gumgum.com www.flomarching.com
14	ib.adnxs.com	3 redirects www.flomarching.com ssum-sec.casalemedia.com acdn.adnxs.com eb2.3lift.com
12	eb2.3lift.com	2 redirects ads.pubmatic.com eb2.3lift.com
12	www.google-analytics.com	siop.flosports.tv www.google-analytics.com www.flomarching.com www.googletagmanager.com
10	pagead2.googlesyndication.com	a1a4ef964424114d68c538763efe3d7c.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com www.flomarching.com
10	match.adsrvr.org	5 redirects ssum-sec.casalemedia.com eb2.3lift.com www.flomarching.com
9	dsum-sec.casalemedia.com	2 redirects ssum-sec.casalemedia.com um2.eqads.com
8	tpc.googlesyndication.com	a1a4ef964424114d68c538763efe3d7c.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com securepubads.g.doubleclick.net
7	securepubads.g.doubleclick.net	www.flomarching.com securepubads.g.doubleclick.net www.googletagservices.com
6	s.amazon-adsystem.com	3 redirects ssum-sec.casalemedia.com eb2.3lift.com
6	pr-bh.ybp.yahoo.com	4 redirects ads.pubmatic.com ssum-sec.casalemedia.com
6	ow.pubmatic.com	www.flomarching.com rtb.gumgum.com
6	www.facebook.com	www.flomarching.com
6	siop.flosports.tv	www.flomarching.com
5	pixel.rubiconproject.com	www.flomarching.com eus.rubiconproject.com
5	sync.mathtag.com	5 redirects
5	pixel.quantserve.com	www.flomarching.com
5	connect.facebook.net	www.flomarching.com connect.facebook.net siop.flosports.tv
5	c.amazon-adsystem.com	www.flomarching.com
4	sync-tm.everesttech.net	4 redirects
4	x.bidswitch.net	3 redirects ssum-sec.casalemedia.com
4	eus.rubiconproject.com	ads.pubmatic.com rtb.gumgum.com eus.rubiconproject.com
4	js-sec.indexww.com	ads.pubmatic.com ssum-sec.casalemedia.com
4	www.google.com	1 redirects www.flomarching.com securepubads.g.doubleclick.net tpc.googlesyndication.com
4	tags.srv.stackadapt.com	www.flomarching.com tags.srv.stackadapt.com
4	ads.pubmatic.com	www.flomarching.com ads.pubmatic.com rtb.gumgum.com
3	token.rubiconproject.com	3 redirects
3	sync.outbrain.com	3 redirects
3	b1sync.zemanta.com	3 redirects
3	www.googletagservices.com	securepubads.g.doubleclick.net a1a4ef964424114d68c538763efe3d7c.safeframe.googlesyndication.com
3	ssum-sec.casalemedia.com	js-sec.indexww.com ssum-sec.casalemedia.com
3	simage2.pubmatic.com	ads.pubmatic.com
3	image2.pubmatic.com	ads.pubmatic.com
3	pixel.onaudience.com	3 redirects
3	googleads.g.doubleclick.net	1 redirects a1a4ef964424114d68c538763efe3d7c.safeframe.googlesyndication.com www.flomarching.com
3	ping.chartbeat.net	www.flomarching.com
3	js.stripe.com	www.flomarching.com js.stripe.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	t.pubmatic.com	www.flomarching.com
2	creativecdn.com	2 redirects
2	ad.360yield.com	2 redirects
2	sync.1rx.io	2 redirects
2	ads.avct.cloud	2 redirects
2	c.bing.com	eb2.3lift.com
2	ups.analytics.yahoo.com	1 redirects ssum-sec.casalemedia.com
2	secure.adnxs.com	1 redirects ssum-sec.casalemedia.com
2	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
2	um2.eqads.com	1 redirects ssum-sec.casalemedia.com
2	pm.w55c.net	2 redirects
2	sync.crwdcntrl.net	2 redirects
2	image4.pubmatic.com	ads.pubmatic.com rtb.gumgum.com
2	c1.adform.net	1 redirects ads.pubmatic.com
2	a1a4ef964424114d68c538763efe3d7c.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.pl	securepubads.g.doubleclick.net
2	pbs.publishers.tremorhub.com	1 redirects www.flomarching.com
2	acdn.adnxs.com	ads.pubmatic.com
2	fastlane.rubiconproject.com	www.flomarching.com
2	htlb.casalemedia.com	www.flomarching.com
2	c2shb.ssp.yahoo.com	www.flomarching.com
2	tlx.3lift.com	www.flomarching.com
2	btlr.sharethrough.com	www.flomarching.com
2	hbopenbid.pubmatic.com	www.flomarching.com
2	mug.criteo.com	www.flomarching.com
2	gum.criteo.com	1 redirects
2	www.google.de	www.flomarching.com
2	sb.scorecardresearch.com	siop.flosports.tv www.flomarching.com
2	www.googletagmanager.com	siop.flosports.tv www.googletagmanager.com
2	www.googleadservices.com	siop.flosports.tv www.googleadservices.com
2	live-api-3.flosports.tv	www.flomarching.com
1	geo.privacymanager.io	www.flomarching.com
1	ats.rlcdn.com	ads.pubmatic.com
1	insight.adsrvr.org	js.adsrvr.org
1	m.stripe.com	m.stripe.network
1	id.rlcdn.com	www.flomarching.com
1	simage4.pubmatic.com	ads.pubmatic.com
1	api.rlcdn.com	www.flomarching.com
1	p.rfihub.com	1 redirects
1	tg.socdm.com	1 redirects
1	cs.emxdgt.com	rtb.gumgum.com
1	ssc-cms.33across.com	rtb.gumgum.com
1	secure-assets.rubiconproject.com	1 redirects
1	ssbsync.smartadserver.com	1 redirects
1	match.deepintent.com	rtb.gumgum.com
1	sync.technoratimedia.com	rtb.gumgum.com
1	sync.ipredictive.com	1 redirects
1	us-u.openx.net	1 redirects
1	image8.pubmatic.com	1 redirects
1	bh.contextweb.com	1 redirects
1	sync.targeting.unrulymedia.com	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	beacon.lynx.cognitivlabs.com	1 redirects
1	ad.turn.com	1 redirects
1	s0.2mdn.net	a1a4ef964424114d68c538763efe3d7c.safeframe.googlesyndication.com
1	dmp.brand-display.com	ssum-sec.casalemedia.com
1	um.simpli.fi	ads.pubmatic.com
1	mwzeom.zeotap.com	ads.pubmatic.com
1	spl.zeotap.com	1 redirects
1	dis.criteo.com	ads.pubmatic.com
1	d5p.de17a.com	ads.pubmatic.com
1	image6.pubmatic.com	ads.pubmatic.com
1	prebid-match.dotomi.com	www.flomarching.com
1	match.sharethrough.com	1 redirects
1	stats.g.doubleclick.net	www.flomarching.com
1	4788290a-f608-454f-9b84-d62b35cdcd20.redfastlabs.com	www.googletagmanager.com
1	js.adsrvr.org	www.flomarching.com
1	cdn.oribi.io	www.flomarching.com
1	resources.xg4ken.com	www.flomarching.com
1	rules.quantcount.com	secure.quantserve.com
1	static.chartbeat.com	siop.flosports.tv
1	secure.quantserve.com	siop.flosports.tv
1	app30.flosports.tv	www.flomarching.com
1	imasdk.googleapis.com	www.flomarching.com
1	apis.google.com	www.flomarching.com
1	ajax.googleapis.com	www.flomarching.com
1	flomarching.com	1 redirects
299	119

This site contains links to these domains. Also see Links.

Domain
www.flosports.tv
support.flosports.tv

Subject Issuer	Validity	Valid
flolive.tv GlobalSign Atlas R3 DV TLS CA 2020	`2021-06-15` - `2022-07-17`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-20` - `2021-10-18`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2021-07-09` - `2021-11-03`	4 months	crt.sh
*.flosports.tv Amazon	`2021-06-26` - `2022-07-25`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2021-05-20` - `2022-06-03`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2020-12-01` - `2021-12-30`	a year	crt.sh
*.xg4ken.com Go Daddy Secure Certificate Authority - G2	`2020-09-14` - `2021-10-16`	a year	crt.sh
*.srv.stackadapt.com Amazon	`2020-12-09` - `2022-01-07`	a year	crt.sh
oribi.io Amazon	`2021-06-18` - `2022-07-17`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.redfastlabs.com Amazon	`2020-11-08` - `2021-12-07`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-06-27` - `2021-09-24`	3 months	crt.sh
*.sharethrough.com Amazon	`2021-08-13` - `2022-09-11`	a year	crt.sh
*.3lift.com Amazon	`2021-06-12` - `2022-07-11`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-08-10` - `2022-02-02`	6 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-03-11` - `2022-02-07`	a year	crt.sh
*.gumgum.com Amazon	`2021-06-05` - `2022-07-04`	a year	crt.sh
*.tremorhub.com Amazon	`2021-06-27` - `2022-07-26`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2019-06-19` - `2021-08-31`	2 years	crt.sh
*.google.pl GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.de17a.com Sectigo ECC Domain Validation Secure Server CA	`2020-11-25` - `2021-12-25`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-05` - `2022-07-04`	a year	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-29` - `2021-09-22`	6 months	crt.sh
s.amazon-adsystem.com Amazon	`2021-07-14` - `2022-06-27`	a year	crt.sh
*.brand-display.com GeoTrust RSA CA 2018	`2020-06-24` - `2022-06-24`	2 years	crt.sh
um3.eqads.com Amazon	`2021-06-26` - `2022-07-25`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-22` - `2021-09-15`	6 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-07-06` - `2022-01-06`	6 months	crt.sh
*.technoratimedia.com DigiCert SHA2 High Assurance Server CA	`2020-07-28` - `2021-10-01`	a year	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2020-04-09` - `2022-06-08`	2 years	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-09-30`	a year	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2021-05-18` - `2022-06-19`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-13` - `2021-11-03`	4 months	crt.sh
*.privacymanager.io Amazon	`2020-10-24` - `2021-11-23`	a year	crt.sh

This page contains 37 frames:

Primary Page: https://www.flomarching.com/
Frame ID: 7578F2D8CAFE947C02E8E5FE22583BE6
Requests: 155 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 7C13DFCF1501018783D2B5972CA7E2DC
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 36336B83C2478376651A6519B83E28EE
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: EF474452878C2F6CD3F5321D654E4EAC
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 8130929B34F5609C5187A72A9BF89296
Requests: 10 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 2D931DB7F1E4C448677142B9B4A7200C
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160547
Frame ID: C076238DF74EE196720B65FB9EA4B8BB
Requests: 14 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: D660D7E7F2302A4B1992E72FEBF5E823
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 295CC6B4E6180D88C3AF0BBE5D3916E0
Requests: 11 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Frame ID: D63AA5EB7CC19A98B69DDE5B8371ACB2
Requests: 16 HTTP requests in this frame

Frame: https://a1a4ef964424114d68c538763efe3d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B01F60F56AAEAD1142ED469F0473DEE7
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=CC7C6877-2A73-4B10-A400-04B134E1BA52
Frame ID: 4970ECC8CF3F65F2F75025FFCE4274C9
Requests: 1 HTTP requests in this frame

Frame: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Frame ID: 75C164629F2BFA7399A780EAFCBCA848
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 451D64F3C6A52B38113F436639BE0F17
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.flomarching.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 6D73E773D6D77A68B330143912A5897C
Requests: 9 HTTP requests in this frame

Frame: https://a1a4ef964424114d68c538763efe3d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 450D6A0CC87733C4E4EEA5798A2C05DB
Requests: 14 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.flomarching.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 2D7B28859C33E6A85C19B0FE4C165E63
Requests: 10 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: 89D4037FDAC912566D516976697BBA92
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNzg5AEQ9ePxARia6NyvATAB&v=APEucNXDUKkmrJEVjY01_ih8XyV0WQvw_FSRyAl9QHHGflCtga7bxavcFIUv74aEBeymku5mIWoU5_yaYo7zpeXjbW18_cgqSw
Frame ID: FA7124FE7F2C62010F6EDB34E9DA5766
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2EE3D1652EDF3162B1DC1E8B6BAF8D77
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvrjavmwxWjc8sMAvY9Zim_4LDsX2JBhJan0KH6m6wSMddvP_srGRqordbXK8W3oaJewVlAA8yXrTKDtt3BDby6koQo3aP5jn11JYaB0kNr1tpzXSUfcxyBa9dbOMtxehDhpQ1v7Oy9FwRUGE1v8vNY575RZa-9KmpszGYBpVTFBWOxXbvcY0QM_-7Fu_RVZme8jQIFsOpvMdpYh4Dw6fAnidEypkv6dKJCAzlXHis7IpqO3TnKsVlFaMuQkRAjmd5w1-RyYmoFKFr-pP8Ifr9KZ5ZziuWw5xIDO-vUZsNFHwBFNFO1hrHwidxHYoi2gutIWc35lZnvwM0dIZMbh7sO4wEI&sig=Cg0ArKJSzCDHS3NavCftEAE&adurl=
Frame ID: 257570271FDEF0972C73A23DAE5B0BFB
Requests: 8 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 855C5186B4082B5325BED7C10F5B0105
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=ttd&i=b35d41fb-cdbb-462e-bed1-2d379e31cbab&t=1631493797
Frame ID: DD3372E0A644909AF29499FE4B251DB6
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 5406B578535AD0686F99F2E3B8D51A60
Requests: 3 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=1b196117-11a5-4100-8be9-6cf9afe2cb88&gdpr=0&gdpr_consent=
Frame ID: FABF731526DFA4431FA3C50C4DDF656D
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=atm&i=YRcRqAADwN88bwA4&gdpr=0&gdpr_consent=&_test=YRcRqAADwN88bwA4
Frame ID: 5FC507C94BDB7C66131994DF0A66F660
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9jNzlhMDlkNi0yYmUwLTQ4MzYtOTVkZC05ODkyZmM4NWIyZmM=&gdpr=0&gdpr_consent=
Frame ID: FF8A02F9564830021AF0AAA1DCEB30BB
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Frame ID: DCF84F8D3CB08E67ECD071924B5FEA41
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: DCB5CEF572FFEA865A539F286B0B0966
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=YRcRp8Co5tAAAM7PGD4AAAAA
Frame ID: 61C209948FD21BA186579E3D4E3F6911
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=zet&i=2159827873217128555
Frame ID: 723E1DC52E7F3B101A6413C1B5F682C7
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=bHF1b5xmklFSoHn9LAbo&pi=gumgum&tc=1
Frame ID: A59767EC358EF39AEDA4917E1432E025
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-775bcd17e5e345e5c78406e66e355cd7.html
Frame ID: 2A456118E261438512B3962A4D2B4FB3
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: A4ABB912CD421011C24719C7AD5758A4
Requests: 3 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=ea5b4ws&ref=https%3A%2F%2Fwww.flomarching.com%2F&upid=uv8d36q&upv=1.1.3
Frame ID: C54AB09550A20A476DA579A8C5256A50
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: E3B83A712B8006B1AD4869EE0736A46E
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B4820A48BDE70AD3A04B5D284DEAFA6C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://flomarching.com/ HTTP 301
https://www.flomarching.com/ Page URL

Detected technologies

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /chartbeat\.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /https?:\/\/[^/]*\.pubmatic\.com/i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\.quantserve\.com\/quant\.js/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

299
Requests

100 %
HTTPS

29 %
IPv6

75
Domains

119
Subdomains

89
IPs

10
Countries

3107 kB
Transfer

8368 kB
Size

54
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: http://www.flosports.tv/work-with-us
Title: Careers

Search URL Search Domain Scan URL

URL: https://support.flosports.tv/s/
Title: Contact

Search URL Search Domain Scan URL

URL: http://www.flosports.tv/
Title: About FloSports

Search URL Search Domain Scan URL

URL: http://www.flosports.tv/privacy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.flosports.tv/terms-of-service/
Title: Terms of Use

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://flomarching.com/ HTTP 301
https://www.flomarching.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 104

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1030867948/?random=2142453225&cv=9&fst=1628901796271&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.flomarching.com%2F&tiba=Marching%20%7C%20News%2C%20Videos%20%26%20Articles%20-%20FloMarching&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=pBEXYeGQFcaN7_UPm6eWgAg&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/1030867948/?random=2142453225&cv=9&fst=1628901796271&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.flomarching.com%2F&tiba=Marching%20%7C%20News%2C%20Videos%20%26%20Articles%20-%20FloMarching&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=pBEXYeGQFcaN7_UPm6eWgAg&cid=CAQSKQCNIrLM1mFo3TMnVVm-GlyjggTU6XwP-u5_itNd9O1RxrXNKaeHhGzw&random=3197743848&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/1030867948/?random=2142453225&cv=9&fst=1628901796271&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.flomarching.com%2F&tiba=Marching%20%7C%20News%2C%20Videos%20%26%20Articles%20-%20FloMarching&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=pBEXYeGQFcaN7_UPm6eWgAg&cid=CAQSKQCNIrLM1mFo3TMnVVm-GlyjggTU6XwP-u5_itNd9O1RxrXNKaeHhGzw&random=3197743848&resp=GooglemKTybQhCsO&ipr=y&ezwbk=AZuM4hCz5oE_7RAntUviigcNhiH8m9x7ic99q10wUsrXsGSZe7gzwRe5YYYFsnYqmUE8DRcVBXnihEy8sxPElcqkGuhz

Request Chain 106

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.flomarching.com%2F&domain=www.flomarching.com&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=vzgclHw2NmxaU3lTQlprSXEzajJ4SFFVbVVRV2IwWG5JVU4zS0llM3BWa2ZUVHlKWk9HbVVtaVh2bDRxTjR4S2NudDN1QVgyQUU0WTI3UXloN0k3MlNvd0ZGdEtQMm5SZmZUeEM5ZTR6S0pKdTlLbE5UcUVES1lCMjVLNFZVdFc2ZzA4d2NHMk1HUkZycUFXS3M5V3plTW1lN0hoRFM1bjVkcWZnUU5SVFluUDY3ay93OXlORzRhbmowQ3ZHTXlOSDhIOFJyVzVNRTMvTzh2Qk1JbVh0VFhYNjN0ZDFOdmlSazQzZEtuYUd5OFAzNHRFPXw&cppv=2

Request Chain 137

https://pbs.publishers.tremorhub.com/pubsync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dtelaria%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%5Btvid%5D HTTP 302
https://pbs.publishers.tremorhub.com/pubsync/verify?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dtelaria%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%5Btvid%5D

Request Chain 138

https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dsharethrough%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
https://ow.pubmatic.com/setuid?bidder=sharethrough&gdpr=0&gdpr_consent=&uid=f20fb7cd-ab6d-4269-80d0-bf84c44caad4

Request Chain 149

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=zHxodypzSxCkAASxNOG6Ug%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 150

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=aa816117-11a5-4200-82a0-e8a7a151ef16

Request Chain 151

https://pixel.onaudience.com/?partner=214&mapped=CC7C6877-2A73-4B10-A400-04B134E1BA52 HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=12a0fe6dfd125e94053a5f5041fe2a5 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
https://pixel.onaudience.com/?partner=147&mapped=b35d41fb-cdbb-462e-bed1-2d379e31cbab&icm HTTP 302
https://spl.zeotap.com/?zdid=1332&zcluid=4c4bc5e88a45b1c9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=ab152c93-1eb8-474e-4dd6-3876e3c50f91&reqId=8e0dc1eb-b0d2-494e-657e-c854cc01cfc7&zcluid=4c4bc5e88a45b1c9&zdid=1332 HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEE21YqvblIEjBlCO5ywSPLM&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=ab152c93-1eb8-474e-4dd6-3876e3c50f91&reqId=8e0dc1eb-b0d2-494e-657e-c854cc01cfc7&zcluid=4c4bc5e88a45b1c9&zdid=1332

Request Chain 152

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Q0M3QzY4NzctMkE3My00QjEwLUE0MDAtMDRCMTM0RTFCQTUy&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 153

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEC9fyT-FYmboZaKglTPX0wo&google_cver=1

Request Chain 155

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5113922427259333072

Request Chain 156

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:8bda6117-11a5-4100-9c32-67585b21793c&gdpr=0&gdpr_consent=

Request Chain 157

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b35d41fb-cdbb-462e-bed1-2d379e31cbab

Request Chain 158

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3159346312987195551&gdpr=0&gdpr_consent=

Request Chain 167

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YRcRo0fgEjsXzRMc5XLtngAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEtSTl_anYXWibW1858IzYo&google_cver=1

Request Chain 169

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YRcRo0fgEjsXzRMc5XLtngAABFEAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YRcRo0fgEjsXzRMc5XLtngAABFEAAAIB&dcc=t

Request Chain 170

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YRcRo0fgEjsXzRMc5XLtngAABFEAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEClIYg9pMJHIAgiiJ7GTnzE&google_cver=1

Request Chain 172

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=lSlqFtNj1MeHLK5&gdpr=1

Request Chain 173

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=1b196117-11a5-4100-8be9-6cf9afe2cb88&gdpr=1&gdpr_consent=

Request Chain 175

https://um2.eqads.com/um/cs HTTP 302
https://um2.eqads.com/um/cs&eq_cc=1

Request Chain 190

https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=9081283208147017607

Request Chain 192

https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=60fc15b6-e0d5-4fc3-b539-851fb74027fa&expiration=1660437797

Request Chain 193

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YRcRo0fgEjsXzRMc5XLtngAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEtSTl_anYXWibW1858IzYo&google_cver=1

Request Chain 212

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEL_6mElO3wzELrR_N-8SlWo&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1

Request Chain 213

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI4NTEyOTU5MTk2NzY5NDQ2NTc%3D

Request Chain 215

https://pr-bh.ybp.yahoo.com/sync/triplelift/12851295919676944657?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2662&xuid=y-63G8DDdE2oTN3V9acS.LnfhL8nzKHhjzxlzfvvQGfA--~A&dongle=0883

Request Chain 216

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=3335&xuid=3159346312987195551&dongle=4d58&gdpr=1&gdpr_consent=

Request Chain 217

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=12851295919676944657 HTTP 302
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=12851295919676944657&dcc=t

Request Chain 218

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

Request Chain 222

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEL_6mElO3wzELrR_N-8SlWo&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1

Request Chain 223

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI4NTEyOTU5MTk2NzY5NDQ2NTc%3D

Request Chain 225

https://pr-bh.ybp.yahoo.com/sync/triplelift/12851295919676944657?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2662&xuid=y-63G8DDdE2oTN3V9acS.LnfhL8nzKHhjzxlzfvvQGfA--~A&dongle=0883

Request Chain 226

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=3335&xuid=3159346312987195551&dongle=4d58&gdpr=1&gdpr_consent=

Request Chain 227

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=12851295919676944657 HTTP 302
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=12851295919676944657&dcc=t

Request Chain 228

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

Request Chain 231

https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
https://rtb.gumgum.com/usersync?b=apn&i=3159346312987195551

Request Chain 232

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_c79a09d6-2be0-4836-95dd-9892fc85b2fc&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_c79a09d6-2be0-4836-95dd-9892fc85b2fc&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2 HTTP 307
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2 HTTP 302
https://x.bidswitch.net/sync?dsp_id=59&user_id=a0f0ebcd-36c3-412c-bf6d-c2f675633b68&ssp=gumgum2 HTTP 302
https://rtb.gumgum.com/usersync?b=bsw&i=bd9a7795-55e5-4248-9e96-fd7e6be7ded0

Request Chain 233

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
https://rtb.gumgum.com/usersync?b=sta&i=0-2f0ac21d-6c52-445d-5814-968c43065bae$ip$194.99.105.99

Request Chain 234

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_c79a09d6-2be0-4836-95dd-9892fc85b2fc&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=0

Request Chain 235

https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7601057945 HTTP 302
https://sync.1rx.io/usersync/tradedesk/b35d41fb-cdbb-462e-bed1-2d379e31cbab HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-98f142c5-bef2-419f-b8d9-274f29dd00cc-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-98f142c5-bef2-419f-b8d9-274f29dd00cc-003 HTTP 302
https://rtb.gumgum.com/usersync?b=rhy&i=RX-98f142c5-bef2-419f-b8d9-274f29dd00cc-003

Request Chain 236

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
https://rtb.gumgum.com/usersync?b=pln&i=phzdtFYKOiMn&ev=1&pid=558355

Request Chain 237

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
https://rtb.gumgum.com/usersync?b=obn&i=ENC%285eOV3qK9wHr1Pnxyq7QjmSvK_34Fx1ou9KSYlX52qnibpJJ0vq-ch_Jd6akyI2yZ%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%285eOV3qK9wHr1Pnxyq7QjmSvK_34Fx1ou9KSYlX52qnibpJJ0vq-ch_Jd6akyI2yZ%29 HTTP 302
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_c79a09d6-2be0-4836-95dd-9892fc85b2fc&obuid=ENC(5eOV3qK9wHr1Pnxyq7QjmSvK_34Fx1ou9KSYlX52qnibpJJ0vq-ch_Jd6akyI2yZ) HTTP 302
https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=160065&gdpr=PM_GDPR&gdpr_consent=PM_CONSENT&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160065%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync.outbrain.com%252Fcookie-sync%253Fp%253Dpubmatic%2526obUid%253D5eOV3qK9wHr1Pnxyq7QjmSvK_34Fx1ou9KSYlX52qnibpJJ0vq-ch_Jd6akyI2yZ%2526uid%253D%2523PMUID HTTP 302
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=CC7C6877-2A73-4B10-A400-04B134E1BA52&redir=true&gdpr=0&gdpr_consent=PM_CONSENT HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-nJ6l4T1E2uUxnX4KRfyhC27ipPk3K3o-~A&gdpr=0&gdpr_consent=

Request Chain 238

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://rtb.gumgum.com/usersync?b=opx&i=26cecf96-e423-4f79-acb2-4cd0f3c2cfc8

Request Chain 239

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
https://rtb.gumgum.com/usersync?b=oth&i=y-PMH7BrtE2pceJ2rt68lKNcZ9VGmUWHdcMbdI~A

Request Chain 240

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
https://rtb.gumgum.com/usersync?b=vnt&i=a285370c-fc98-11eb-89b6-6fc81c3bfb3d

Request Chain 243

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
https://rtb.gumgum.com/usersync?b=idi&i=30d8ddd5-b3bf-45ae-a1e1-3860165ec149

Request Chain 244

https://ssbsync.smartadserver.com/api/sync?callerId=15 HTTP 302
https://rtb.gumgum.com/usersync?b=sad&i=7131293978292161307&gdpr=1&gdpr_consent=

Request Chain 247

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://rtb.gumgum.com/usersync?b=ttd&i=b35d41fb-cdbb-462e-bed1-2d379e31cbab&t=1631493797

Request Chain 248

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
https://eus.rubiconproject.com/usync.html?p=gumgum

Request Chain 249

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
https://rtb.gumgum.com/usersync?b=mmh&i=1b196117-11a5-4100-8be9-6cf9afe2cb88&gdpr=0&gdpr_consent=

Request Chain 250

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YRcRqAADwN88bwA4 HTTP 302
https://rtb.gumgum.com/usersync?b=atm&i=YRcRqAADwN88bwA4&gdpr=0&gdpr_consent=&_test=YRcRqAADwN88bwA4

Request Chain 254

https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
https://rtb.gumgum.com/usersync?b=sus&i=YRcRp8Co5tAAAM7PGD4AAAAA

Request Chain 255

https://p.rfihub.com/cm?pub=42796&in=1 HTTP 302
https://rtb.gumgum.com/usersync?b=zet&i=2159827873217128555

Request Chain 256

https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
https://rtb.gumgum.com/usersync?b=rth&i=bHF1b5xmklFSoHn9LAbo&pi=gumgum&tc=1

Request Chain 267

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjU5NmYwZjg0NjZiOGIzYzM2M2M5MjMyZDk4OTIyYTYzNDRlMzBjZg

Request Chain 268

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YRcRqAADduivcABg HTTP 302
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YRcRqAADduivcABg&_test=YRcRqAADduivcABg

Request Chain 269

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDayozoIVNoO1R387_INgwY&google_cver=1

Request Chain 271

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/0xIfWn1uQ5mRmxV_ciMkvcn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3436555917658132694

Request Chain 272

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=1b196117-11a5-4100-8be9-6cf9afe2cb88

Request Chain 274

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NCMjJNOU8tMjMtS1VTTg==

299 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.flomarching.com/
Redirect Chain

http://flomarching.com/
https://www.flomarching.com/

608 KB
54 KB

266ms
166ms

Document
text/html

151.101.130.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.flomarching.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b8bce86865b37d63bc547996728b11fd6d80ddfcc926ef00038749570219a78c

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

:method: GET
:authority: www.flomarching.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cache-tags: Site-13,Setting-21,Site-27,All-Content,E-Site-27,E-7021812,A-7387426,LE-27417,E-7122058,A-7437672,LE-30331,E-7024265,A-7363638,LE-27875,E-7024266,LE-27876,E-7024267,LE-27877,E-7024269,LE-27878,E-7024271,LE-27879,E-7024273,LE-27880,E-7024276,LE-27881,E-7024278,LE-27882,E-7024282,LE-27884,E-7024285,LE-27885,E-7024286,LE-27886,E-7024288,LE-27887,A-Site-27,Site-Site-27,LE-Site-27,E-Site-27,LE-Site-27,V-Site-27,C-Site-27,CW-Site-27,CW-351,Site-27,CW-354,Site-Site-27,CW-368,C-7134491,A-7137929,CW-362,C-7132283,A-Site-27,CW-367,C-7099596,A-7414144,CW-369,C-6870505,A-448412,CW-355,CW-370,C-7105824,A-7421040,CW-352,CW-360,E-7021812,A-7387426,LE-27417,E-7122058,A-7437672,LE-30331,E-7024265,A-7363638,LE-27875,E-7024266,LE-27876,E-7024267,LE-27877,E-7024269,LE-27878,E-7024271,LE-27879,E-7024273,LE-27880,E-7024276,LE-27881,E-7024278,LE-27882,E-7024282,LE-27884,E-7024285,LE-27885,E-7024286,LE-27886,E-7024288,LE-27887,E-7024290,LE-27888,E-7024294,LE-27889,E-7024297,LE-27890,E-7024299,LE-27891,E-7024303,LE-27892,E-7024304,LE-27893,E-7024305,LE-27894,E-7024309,LE-27895,E-7024312,LE-27897,E-7024313,LE-27898,E-7024317,LE-27899,E-7024318,LE-27900,E-7024321,LE-27901,B-235000,A-7450619,B-234999,A-7450618,B-Site-27,B-234998,A-7450616,B-234994,A-7450605,B-234989,A-7450593,B-234990,A-7450591,B-234988,A-7448340,B-234987,A-7448342,B-234986,A-7450227,B-234985,A-7450543,B-234949,A-7448016,B-234847,V-7134515,V-7134514,A-7450617,V-7134513,V-7134509,A-7450612,V-7134510,A-7450613,V-7134505,A-7450608,V-7134506,A-7450609,V-7134504,V-7134501,A-7450601,V-7134500,A-7450600,V-7134489,V-7134490,V-7132692,A-7448303,V-7132693,A-7448304,V-7132687,A-7448298,V-7132688,A-7448299,V-7132684,A-7448293,V-7132680,A-7448289,V-7132681,A-7448290,V-7132679,A-7448288,V-7132674,A-7448283,V-7132675,A-7448284,V-7132676,A-7448285,V-7132667,A-7448275,All-Content
content-type: text/html; charset=utf-8
content-encoding: gzip
x-flo-ff-server-identity: cache-mdw17382-MDW
x-flo-backend-name: 2hYDS6BV39I6TWCBaiN8An--F_kube_backend
x-flo-info-state-shield: HIT-CLUSTER-cache-mdw17347-MDW
x-flo-flags: flo_12894_signup_copy_v3-2|flo_12811_ads_on_premium_vods-1|flo_12887_google_social_login_v2-1|flo_12890_testimonials_v2-0|flo_12846_reactivate_button_v3-1|flo_13608_usd_on_bikes-1|flo_13616_watch_on_web_v2c-0|flo_13720_vod_transmit_ads_v2-0|flo_13740_favorites_in_front_of_pay-1|flo_13965_annual_pricing_language-1|flo_13801_athletes_teams_nav-1
x-flo-geo-country-code: PL
x-flo-geo-conn-speed: broadband
x-flo-geo-postal-code: 58-563
x-flo-geo-gmt-offset: 200
x-flo-geo-latitude: 50.810
x-flo-geo-longitude: 15.680
cache-control: public,max-age=10,stale-while-revalidate=30
accept-ranges: bytes
date: Sat, 14 Aug 2021 00:43:15 GMT
age: 221
x-served-by: cache-mdw17347-MDW, cache-hhn4053-HHN
x-cache: HIT, MISS
x-cache-hits: 1, 0
set-cookie: x-flo-ab=flo_12894_signup_copy_v3-2|flo_12811_ads_on_premium_vods-1|flo_12887_google_social_login_v2-1|flo_12890_testimonials_v2-0|flo_12846_reactivate_button_v3-1|flo_13608_usd_on_bikes-1|flo_13616_watch_on_web_v2c-0|flo_13720_vod_transmit_ads_v2-0|flo_13740_favorites_in_front_of_pay-1|flo_13965_annual_pricing_language-1|flo_13801_athletes_teams_nav-1; Path=/; Expires=Tue, 14 Sep 2021 00:43:15 GMT; Domain=.flomarching.com;
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,OPTIONS,PATCH,PUT,POST,DELETE
access-control-allow-headers: Range,Expires,Etag,Cache-Control,Content-Length,Content-Type,Content-Range,Authorization,DNT,X-301-Location,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,x-flo-flags,x-flo-flags-all
access-control-expose-headers: Range,Expires,Etag,Cache-Control,Content-Length,Content-Type,Content-Range,Last-Modified,Pragma,x-flo-flags,x-flo-flags-all
access-control-max-age: 86400
vary: Accept-Encoding,x-flo-flags,x-flo-ab-forced,Origin
strict-transport-security: max-age=900
x-flo-info-state: MISS-CLUSTER-cache-hhn4053-HHN
content-length: 51943

Redirect headers

Retry-After: 0
Location: https://www.flomarching.com/
Content-Length: 0
Accept-Ranges: bytes
Date: Sat, 14 Aug 2021 00:43:15 GMT
Connection: close
X-Served-By: cache-hhn4076-HHN
X-Cache: HIT
X-Cache-Hits: 0
X-Timer: S1628901795.015752,VS0,VE0
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,OPTIONS,PATCH,PUT,POST,DELETE
access-control-allow-headers: Range,Expires,Etag,Cache-Control,Content-Length,Content-Type,Content-Range,Authorization,DNT,X-301-Location,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,x-flo-flags,x-flo-flags-all
access-control-expose-headers: Range,Expires,Etag,Cache-Control,Content-Length,Content-Type,Content-Range,Last-Modified,Pragma,x-flo-flags,x-flo-flags-all
access-control-max-age: 86400
Vary: Origin
Strict-Transport-Security: max-age=900
x-flo-info-state: HIT-SYNTH-cache-hhn4076-HHN

GET
H2 200 uni-neue-regular-webfont.woff2
www.flomarching.com/assets/fonts/uni-neue/woff/ 25 KB
25 KB 70ms
69ms Font
application/octet-stream 151.101.130.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.flomarching.com/assets/fonts/uni-neue/woff/uni-neue-regular-webfont.woff2

Requested by

Host: www.flomarching.com
URL: https://www.flomarching.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e27b7e86082eae3822f7182bcc00a3b03272b9bb62c54a388588c15e79b401de

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

sec-fetch-mode: cors
origin: https://www.flomarching.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: x-flo-ab=flo_12894_signup_copy_v3-2|flo_12811_ads_on_premium_vods-1|flo_12887_google_social_login_v2-1|flo_12890_testimonials_v2-0|flo_12846_reactivate_button_v3-1|flo_13608_usd_on_bikes-1|flo_13616_watch_on_web_v2c-0|flo_13720_vod_transmit_ads_v2-0|flo_13740_favorites_in_front_of_pay-1|flo_13965_annual_pricing_language-1|flo_13801_athletes_teams_nav-1
:path: /assets/fonts/uni-neue/woff/uni-neue-regular-webfont.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.flomarching.com
referer: https://www.flomarching.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.flomarching.com
Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:15 GMT
age: 19542
x-flo-geo-latitude: 64.000
x-flo-backend-name: 2hYDS6BV39I6TWCBaiN8An--F_gcs_assets
x-flo-geo-gmt-offset: 300
x-flo-geo-conn-speed: broadband
x-flo-info-state: HIT-CLUSTER-cache-hhn4053-HHN
access-control-max-age: 86400
x-flo-geo-longitude: 26.000
x-cache: HIT, HIT
strict-transport-security: max-age=900
content-length: 25576
x-flo-geo-postal-code: ?
access-control-allow-headers: Range,Expires,Etag,Cache-Control,Content-Length,Content-Type,Content-Range,Authorization,DNT,X-301-Location,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,x-flo-flags,x-flo-flags-all
x-flo-geo-country-code: FI
expires: Mon, 31 Jan 2022 22:28:47 GMT
last-modified: Wed, 04 Aug 2021 20:49:07 GMT
etag: "9f8c4911e7155a434dc73df62bdc77d5"
x-served-by: cache-mdw17344-MDW, cache-hhn4053-HHN
vary: Accept-Encoding,Origin
access-control-allow-methods: GET,HEAD,OPTIONS,PATCH,PUT,POST,DELETE
x-flo-ff-server-identity: cache-mdw17366-MDW
access-control-allow-origin: https://www.flomarching.com
access-control-expose-headers: Range,Expires,Etag,Cache-Control,Content-Length,Content-Type,Content-Range,Last-Modified,Pragma,x-flo-flags,x-flo-flags-all
cache-control: max-age=0, s-maxage=15552000
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/octet-stream
x-flo-info-state-shield: HIT-CLUSTER-cache-mdw17344-MDW
x-cache-tags: (null),All-Content
x-cache-hits: 1, 1

GET
H2 200 uni-neue-bold-webfont.woff2
www.flomarching.com/assets/fonts/uni-neue/woff/ 26 KB
26 KB 44ms
43ms Font
application/octet-stream 151.101.130.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.flomarching.com/assets/fonts/uni-neue/woff/uni-neue-bold-webfont.woff2

Requested by

Host: www.flomarching.com
URL: https://www.flomarching.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c8965c190e3d63121553f0f8af08d24178fcb4ed5745252627b882d2c6f4eb44

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

sec-fetch-mode: cors
origin: https://www.flomarching.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: x-flo-ab=flo_12894_signup_copy_v3-2|flo_12811_ads_on_premium_vods-1|flo_12887_google_social_login_v2-1|flo_12890_testimonials_v2-0|flo_12846_reactivate_button_v3-1|flo_13608_usd_on_bikes-1|flo_13616_watch_on_web_v2c-0|flo_13720_vod_transmit_ads_v2-0|flo_13740_favorites_in_front_of_pay-1|flo_13965_annual_pricing_language-1|flo_13801_athletes_teams_nav-1
:path: /assets/fonts/uni-neue/woff/uni-neue-bold-webfont.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.flomarching.com
referer: https://www.flomarching.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.flomarching.com
Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:15 GMT
age: 16175
x-flo-geo-latitude: 50.140
x-flo-backend-name: 2hYDS6BV39I6TWCBaiN8An--F_gcs_assets
x-flo-geo-gmt-offset: 200
x-flo-geo-conn-speed: broadband
x-flo-info-state: HIT-CLUSTER-cache-hhn4053-HHN
access-control-max-age: 86400
x-flo-geo-longitude: 8.960
x-cache: HIT, HIT
strict-transport-security: max-age=900
content-length: 26244
x-flo-geo-postal-code: 63452
access-control-allow-headers: Range,Expires,Etag,Cache-Control,Content-Length,Content-Type,Content-Range,Authorization,DNT,X-301-Location,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,x-flo-flags,x-flo-flags-all
x-flo-geo-country-code: DE
expires: Tue, 01 Feb 2022 17:03:23 GMT
last-modified: Wed, 04 Aug 2021 22:44:10 GMT
etag: "b57c6ed8da2d5ea66ad8b2ca0023638c"
x-served-by: cache-mdw17336-MDW, cache-hhn4053-HHN
vary: Accept-Encoding,Origin
access-control-allow-methods: GET,HEAD,OPTIONS,PATCH,PUT,POST,DELETE
x-flo-ff-server-identity: cache-mdw17358-MDW
access-control-allow-origin: https://www.flomarching.com
access-control-expose-headers: Range,Expires,Etag,Cache-Control,Content-Length,Content-Type,Content-Range,Last-Modified,Pragma,x-flo-flags,x-flo-flags-all
cache-control: max-age=0, s-maxage=15552000
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/octet-stream
x-flo-info-state-shield: HIT-CLUSTER-cache-mdw17336-MDW
x-cache-tags: (null),All-Content
x-cache-hits: 1, 1

GET
H2 200 uni-neue-heavy-webfont.woff2
www.flomarching.com/assets/fonts/uni-neue/woff/ 26 KB
26 KB 43ms
43ms Font
application/octet-stream 151.101.130.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.flomarching.com/assets/fonts/uni-neue/woff/uni-neue-heavy-webfont.woff2

Requested by

Host: www.flomarching.com
URL: https://www.flomarching.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3d45e17edaa2bd0c9d3de3f020b1a890f8a6fd81ea69cd1a9aa26f7a89054da5

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

sec-fetch-mode: cors
origin: https://www.flomarching.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: x-flo-ab=flo_12894_signup_copy_v3-2|flo_12811_ads_on_premium_vods-1|flo_12887_google_social_login_v2-1|flo_12890_testimonials_v2-0|flo_12846_reactivate_button_v3-1|flo_13608_usd_on_bikes-1|flo_13616_watch_on_web_v2c-0|flo_13720_vod_transmit_ads_v2-0|flo_13740_favorites_in_front_of_pay-1|flo_13965_annual_pricing_language-1|flo_13801_athletes_teams_nav-1
:path: /assets/fonts/uni-neue/woff/uni-neue-heavy-webfont.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.flomarching.com
referer: https://www.flomarching.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.flomarching.com
Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:15 GMT
age: 16138
x-flo-geo-latitude: 65.600
x-flo-backend-name: 2hYDS6BV39I6TWCBaiN8An--F_gcs_assets
x-flo-geo-gmt-offset: 200
x-flo-geo-conn-speed: broadband
x-flo-info-state: HIT-CLUSTER-cache-hhn4053-HHN
access-control-max-age: 86400
x-flo-geo-longitude: 22.150
x-cache: HIT, HIT
strict-transport-security: max-age=900
content-length: 26412
x-flo-geo-postal-code: 971 00
access-control-allow-headers: Range,Expires,Etag,Cache-Control,Content-Length,Content-Type,Content-Range,Authorization,DNT,X-301-Location,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,x-flo-flags,x-flo-flags-all
x-flo-geo-country-code: SE
expires: Wed, 02 Feb 2022 17:44:31 GMT
last-modified: Fri, 06 Aug 2021 17:11:10 GMT
etag: "8a799733a7e27f0451b5e4bb59734ea8"
x-served-by: cache-mdw17327-MDW, cache-hhn4053-HHN
vary: Accept-Encoding,Origin
access-control-allow-methods: GET,HEAD,OPTIONS,PATCH,PUT,POST,DELETE
x-flo-ff-server-identity: cache-mdw17371-MDW
access-control-allow-origin: https://www.flomarching.com
access-control-expose-headers: Range,Expires,Etag,Cache-Control,Content-Length,Content-Type,Content-Range,Last-Modified,Pragma,x-flo-flags,x-flo-flags-all
cache-control: max-age=0, s-maxage=15552000
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/octet-stream
x-flo-info-state-shield: HIT-CLUSTER-cache-mdw17327-MDW
x-cache-tags: (null),All-Content
x-cache-hits: 1, 1

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/160547/3819/ 512 KB
138 KB 196ms
64ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/160547/3819/pwt.js
Requested by: Host: www.flomarching.com
URL: https://www.flomarching.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 999a1f816dc7558feadba3fcdb682a974851a11b7d9b3c6386f288b62a2650e4

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:15 GMT
content-encoding: gzip
last-modified: Thu, 05 Aug 2021 18:35:41 GMT
server: Apache/2.2.15 (CentOS)
etag: "1481d2a-80144-5c8d42fa0256b"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=83787
accept-ranges: bytes
content-type: text/javascript
content-length: 140571
expires: Sat, 14 Aug 2021 23:59:42 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 71 KB
25 KB 190ms
96ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.flomarching.com
URL: https://www.flomarching.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

060ea0ac3c4e50f805673b0f458b0b2a671cb6b3cae6d4a537c683a26356e834

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "958 / 508 of 1000 / last-modified: 1628892752"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25212
x-xss-protection: 0
expires: Sat, 14 Aug 2021 00:43:15 GMT

GET
H2 200 styles.e187e11a07ae33ed3d64.css
www.flomarching.com/ 231 KB
38 KB 76ms
76ms Stylesheet
text/css 151.101.130.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.flomarching.com/styles.e187e11a07ae33ed3d64.css

Requested by

Host: www.flomarching.com
URL: https://www.flomarching.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

13dc7983f0f20952c727e55aeac98d6c5f8a78425822870190ec747a7448e6ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

:path: /styles.e187e11a07ae33ed3d64.css
pragma: no-cache
cookie: x-flo-ab=flo_12894_signup_copy_v3-2|flo_12811_ads_on_premium_vods-1|flo_12887_google_social_login_v2-1|flo_12890_testimonials_v2-0|flo_12846_reactivate_button_v3-1|flo_13608_usd_on_bikes-1|flo_13616_watch_on_web_v2c-0|flo_13720_vod_transmit_ads_v2-0|flo_13740_favorites_in_front_of_pay-1|flo_13965_annual_pricing_language-1|flo_13801_athletes_teams_nav-1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.flomarching.com
referer: https://www.flomarching.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:15 GMT
content-encoding: gzip
age: 16139
x-flo-geo-latitude: 48.530
x-flo-backend-name: 2hYDS6BV39I6TWCBaiN8An--F_gcs_assets
x-flo-geo-gmt-offset: 200
x-flo-geo-conn-speed: broadband
x-flo-info-state: HIT-CLUSTER-cache-hhn4053-HHN
access-control-max-age: 86400
x-flo-geo-longitude: 9.310
x-cache: HIT, HIT
strict-transport-security: max-age=900
content-length: 38400
x-flo-geo-postal-code: 72555
x-flo-geo-country-code: DE
expires: Tue, 01 Feb 2022 21:35:40 GMT
last-modified: Thu, 05 Aug 2021 21:33:19 GMT
etag: "71364333cf4487856f17e268abca0f51"
x-served-by: cache-mdw17333-MDW, cache-hhn4053-HHN
vary: Accept-Encoding,Origin
access-control-allow-methods: GET,HEAD,OPTIONS,PATCH,PUT,POST,DELETE
x-flo-ff-server-identity: cache-mdw17336-MDW
access-control-expose-headers: Range,Expires,Etag,Cache-Control,Content-Length,Content-Type,Content-Range,Last-Modified,Pragma,x-flo-flags,x-flo-flags-all
cache-control: max-age=0, s-maxage=15552000
access-control-allow-credentials: true
x-cache-tags: (null),All-Content
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: Range,Expires,Etag,Cache-Control,Content-Length,Content-Type,Content-Range,Authorization,DNT,X-301-Location,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,x-flo-flags,x-flo-flags-all
x-flo-info-state-shield: HIT-CLUSTER-cache-mdw17333-MDW
x-cache-hits: 1, 1

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 123 KB
33 KB 196ms
70ms Script
application/javascript 52.84.44.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.flomarching.com
URL: https://www.flomarching.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.44.170 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-44-170.mrs52.r.cloudfront.net
Software: Server /
Resource Hash: e7a1375f883984026b922acfbe7cbc0bd02effdbfbfdde9354922a6055502624

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:41:49 GMT
content-encoding: gzip
server: Server
age: 85
etag: f8520ea4ebd91256d6b4f461d472242a
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 70c565ac15f71f0aa26aecd3763d4108.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: MRS52-P1
accept-ranges: bytes
timing-allow-origin: *
x-amz-version-id: cdBhoWYDE8U.miXtMaq72_QdUztpgDZw
x-amz-cf-id: Qg5OjceG5VedPrX4IDWhDVPbD1aob7kGjfSToAjp0Y1x_Zd7l52Q3Q==

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
31 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: www.flomarching.com
URL: https://www.flomarching.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:41:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 102
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Aug 2022 00:41:33 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 39ms
12ms Script
application/x-javascript 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.flomarching.com
URL: https://www.flomarching.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a734a9ed391eabb9b4ce0a6db4ab199bd03abee8bbe756b3917c81d4062662dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://www.flomarching.com
Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-md5: v2TiAef8zqrHT1cYBg+E7w==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: zPK12zZG/85GBkjZEdL3E0COU9ZtIg3x/4V5xvPN576/hhzzuKJCMCIhzFUNOaqR9CMkubiyahV/k2M29Tay4g==
x-fb-trip-id: 1709462857
x-fb-content-md5: 788d92de2a80113ec35110cb8dfa0ceb
x-frame-options: DENY
etag: "c6babb973344b58387704ff6cea9738e"
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 14 Aug 2021 00:51:34 GMT

GET
H2 200 platform.js Show response
apis.google.com/js/ 54 KB
22 KB 64ms
43ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: www.flomarching.com
URL: https://www.flomarching.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7c0d08933537eec00050d60f0955e4088385a35bcb115e7d9d8fe9016cb17b2c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4RQnGpfzRCatvTOUkAJqvQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "30d1d2919676634bf2aebe648f84c2ce"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-4RQnGpfzRCatvTOUkAJqvQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Sat, 14 Aug 2021 00:43:15 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 341 KB
118 KB 35ms
14ms Script
text/javascript 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: www.flomarching.com
URL: https://www.flomarching.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d6d3b9f8e0313f53a32160e14ffb19c80aa84fc2534b3d4acdfe8880059d83f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120564
x-xss-protection: 0
expires: Sat, 14 Aug 2021 00:43:15 GMT

GET
H2 200 runtime-es2015.a5137cbca45019b5c0dc.js Show response
www.flomarching.com/ 4 KB
3 KB 55ms
54ms Script
application/javascript 151.101.130.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.flomarching.com/runtime-es2015.a5137cbca45019b5c0dc.js

Requested by

Host: www.flomarching.com
URL: https://www.flomarching.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b5b7a750630ae55f522395642f16a3a13a3d43e27679ec65dfd4737f46ff3ea5

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

sec-fetch-mode: cors
origin: https://www.flomarching.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: script
cookie: x-flo-ab=flo_12894_signup_copy_v3-2|flo_12811_ads_on_premium_vods-1|flo_12887_google_social_login_v2-1|flo_12890_testimonials_v2-0|flo_12846_reactivate_button_v3-1|flo_13608_usd_on_bikes-1|flo_13616_watch_on_web_v2c-0|flo_13720_vod_transmit_ads_v2-0|flo_13740_favorites_in_front_of_pay-1|flo_13965_annual_pricing_language-1|flo_13801_athletes_teams_nav-1
:path: /runtime-es2015.a5137cbca45019b5c0dc.js
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.flomarching.com
referer: https://www.flomarching.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.flomarching.com
Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-encoding: gzip
age: 16198
x-flo-geo-conn-speed: broadband
x-flo-geo-country-code: DE
x-cache-hits: 4, 1
strict-transport-security: max-age=900
x-flo-geo-postal-code: 66780
etag: "022e929ebe9b6a06093f33f9543b4074"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET,HEAD,OPTIONS,PATCH,PUT,POST,DELETE
content-type: application/javascript
access-control-allow-origin: https://www.flomarching.com
access-control-expose-headers: Range,Expires,Etag,Cache-Control,Content-Length,Content-Type,Content-Range,Last-Modified,Pragma,x-flo-flags,x-flo-flags-all
cache-control: max-age=0, s-maxage=15552000
x-flo-info-state-shield: HIT-cache-mdw17355-MDW
access-control-allow-headers: Range,Expires,Etag,Cache-Control,Content-Length,Content-Type,Content-Range,Authorization,DNT,X-301-Location,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,x-flo-flags,x-flo-flags-all
x-cache-tags: (null),All-Content
date: Sat, 14 Aug 2021 00:43:15 GMT
x-flo-geo-latitude: 49.370
x-flo-backend-name: 2hYDS6BV39I6TWCBaiN8An--F_gcs_assets
x-flo-geo-gmt-offset: 200
x-cache: HIT, HIT
x-flo-info-state: HIT-CLUSTER-cache-hhn4053-HHN
x-flo-geo-longitude: 6.680
content-length: 2380
last-modified: Fri, 13 Aug 2021 20:12:17 GMT
x-served-by: cache-mdw17355-MDW, cache-hhn4053-HHN
access-control-max-age: 86400
expires: Wed, 09 Feb 2022 20:13:16 GMT
access-control-allow-credentials: true
accept-ranges: bytes
x-flo-ff-server-identity: cache-mdw17363-MDW

GET
H2 200 polyfills-es2015.2ebf71d0bda85b2f65d1.js Show response
www.flomarching.com/ 40 KB
14 KB 58ms
57ms Script
application/javascript 151.101.130.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.flomarching.com/polyfills-es2015.2ebf71d0bda85b2f65d1.js

Requested by

Host: www.flomarching.com
URL: https://www.flomarching.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

813da193d2491df516bbda18ec2172783c70b3ee25e755348588c2f71db674da

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

sec-fetch-mode: cors
origin: https://www.flomarching.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: script
cookie: x-flo-ab=flo_12894_signup_copy_v3-2|flo_12811_ads_on_premium_vods-1|flo_12887_google_social_login_v2-1|flo_12890_testimonials_v2-0|flo_12846_reactivate_button_v3-1|flo_13608_usd_on_bikes-1|flo_13616_watch_on_web_v2c-0|flo_13720_vod_transmit_ads_v2-0|flo_13740_favorites_in_front_of_pay-1|flo_13965_annual_pricing_language-1|flo_13801_athletes_teams_nav-1
:path: /polyfills-es2015.2ebf71d0bda85b2f65d1.js
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.flomarching.com
referer: https://www.flomarching.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.flomarching.com
Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-encoding: gzip
age: 16137
x-flo-geo-conn-speed: broadband
x-flo-geo-country-code: DE
x-cache-hits: 1, 1
strict-transport-security: max-age=900
x-flo-geo-postal-code: 10965
etag: "0b406b332485fcce3caa39223e5191a6"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET,HEAD,OPTIONS,PATCH,PUT,POST,DELETE
content-type: application/javascript
access-control-allow-origin: https://www.flomarching.com
access-control-expose-headers: Range,Expires,Etag,Cache-Control,Content-Length,Content-Type,Content-Range,Last-Modified,Pragma,x-flo-flags,x-flo-flags-all
cache-control: max-age=0, s-maxage=15552000
x-flo-info-state-shield: HIT-CLUSTER-cache-mdw17345-MDW
access-control-allow-headers: Range,Expires,Etag,Cache-Control,Content-Length,Content-Type,Content-Range,Authorization,DNT,X-301-Location,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,x-flo-flags,x-flo-flags-all
x-cache-tags: (null),All-Content
date: Sat, 14 Aug 2021 00:43:15 GMT
x-flo-geo-latitude: 52.490
x-flo-backend-name: 2hYDS6BV39I6TWCBaiN8An--F_gcs_assets
x-flo-geo-gmt-offset: 200
x-cache: HIT, HIT
x-flo-info-state: HIT-CLUSTER-cache-hhn4053-HHN
x-flo-geo-longitude: 13.380
content-length: 13836
last-modified: Tue, 20 Jul 2021 22:26:03 GMT
x-served-by: cache-mdw17345-MDW, cache-hhn4053-HHN
access-control-max-age: 86400
expires: Sun, 16 Jan 2022 22:31:34 GMT
access-control-allow-credentials: true
accept-ranges: bytes
x-flo-ff-server-identity: cache-mdw17376-MDW

GET
H2 200 main-es2015.46436c05f60a6ba92f0e.js Show response
www.flomarching.com/ 2 MB
508 KB 61ms
60ms Script
application/javascript 151.101.130.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.flomarching.com/main-es2015.46436c05f60a6ba92f0e.js

Requested by

Host: www.flomarching.com
URL: https://www.flomarching.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b559bcc186aaab30f3995f33ceb09f366a89df958d3903d68bcabc75f3cfcff0

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

sec-fetch-mode: cors
origin: https://www.flomarching.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: script
cookie: x-flo-ab=flo_12894_signup_copy_v3-2|flo_12811_ads_on_premium_vods-1|flo_12887_google_social_login_v2-1|flo_12890_testimonials_v2-0|flo_12846_reactivate_button_v3-1|flo_13608_usd_on_bikes-1|flo_13616_watch_on_web_v2c-0|flo_13720_vod_transmit_ads_v2-0|flo_13740_favorites_in_front_of_pay-1|flo_13965_annual_pricing_language-1|flo_13801_athletes_teams_nav-1
:path: /main-es2015.46436c05f60a6ba92f0e.js
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.flomarching.com
referer: https://www.flomarching.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.flomarching.com
Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-encoding: gzip
age: 16198
x-flo-geo-conn-speed: broadband
x-flo-geo-country-code: DE
x-cache-hits: 1, 1
strict-transport-security: max-age=900
x-flo-geo-postal-code: 66780
etag: "747004270cf5964e613d245ebbd494d4"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET,HEAD,OPTIONS,PATCH,PUT,POST,DELETE
content-type: application/javascript
access-control-allow-origin: https://www.flomarching.com
access-control-expose-headers: Range,Expires,Etag,Cache-Control,Content-Length,Content-Type,Content-Range,Last-Modified,Pragma,x-flo-flags,x-flo-flags-all
cache-control: max-age=0, s-maxage=15552000
x-flo-info-state-shield: HIT-CLUSTER-cache-mdw17380-MDW
access-control-allow-headers: Range,Expires,Etag,Cache-Control,Content-Length,Content-Type,Content-Range,Authorization,DNT,X-301-Location,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,x-flo-flags,x-flo-flags-all
x-cache-tags: (null),All-Content
date: Sat, 14 Aug 2021 00:43:15 GMT
x-flo-geo-latitude: 49.370
x-flo-backend-name: 2hYDS6BV39I6TWCBaiN8An--F_gcs_assets
x-flo-geo-gmt-offset: 200
x-cache: HIT, HIT
x-flo-info-state: HIT-CLUSTER-cache-hhn4053-HHN
x-flo-geo-longitude: 6.680
content-length: 519471
last-modified: Fri, 13 Aug 2021 20:12:17 GMT
x-served-by: cache-mdw17380-MDW, cache-hhn4053-HHN
access-control-max-age: 86400
expires: Wed, 09 Feb 2022 20:13:16 GMT
access-control-allow-credentials: true
accept-ranges: bytes
x-flo-ff-server-identity: cache-mdw17334-MDW

GET
H2 200 siop.min.js Show response
siop.flosports.tv/siop.js/v1/6VZ9qas6vcOK17MwJKsGwjun0Ps5PrGG/ 409 KB
81 KB 62ms
42ms Script
text/javascript 151.101.130.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://siop.flosports.tv/siop.js/v1/6VZ9qas6vcOK17MwJKsGwjun0Ps5PrGG/siop.min.js
Requested by: Host: www.flomarching.com
URL: https://www.flomarching.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c57668d799c05b305d72263688290fbfd9d4f7ec2e86cfece76501bc4da3c85a

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:15 GMT
content-encoding: gzip
last-modified: Tue, 27 Jul 2021 02:49:50 GMT
age: 148
etag: W/"34d94cfe57ca8359f5cf275c93de1616"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=120
accept-ranges: bytes
content-length: 82543

GET
H2 200 60faf3d497f54.png
d2779tscntxxsw.cloudfront.net/ 53 KB
53 KB 53ms
14ms Image
image/jpeg 2600:9000:2104:4a00:6:3e38:9800:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2779tscntxxsw.cloudfront.net/60faf3d497f54.png?width=720&quality=80
Requested by: Host: www.flomarching.com
URL: https://www.flomarching.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:4a00:6:3e38:9800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: istio-envoy / PHP/7.3.28
Resource Hash: cf6e6e7f929f310bc6bc0a087d7a9b34314104917001c9a9947aaf1622e61663

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 08:52:07 GMT
via: 1.1 cca9137c259ad738f790039a45561cef.cloudfront.net (CloudFront)
age: 402668
x-powered-by: PHP/7.3.28
x-cache: Hit from cloudfront
x-request-method: GET
x-envoy-upstream-service-time: 1042
pragma: cache
server: istio-envoy
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: https://admin.flomarching.com
cache-control: max-age=2592000
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: P82CNrJJFoGiTcPhIow4bIaczxogXLCtMXVTffqLAMgBSCJjqpUpnQ==
expires: Wed, 08 Sep 2021 08:52:06 GMT

GET
H2 200 60b65d38ca4c9.png
d2779tscntxxsw.cloudfront.net/ 50 KB
50 KB 53ms
13ms Image
image/jpeg 2600:9000:2104:4a00:6:3e38:9800:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2779tscntxxsw.cloudfront.net/60b65d38ca4c9.png?width=720&quality=80
Requested by: Host: www.flomarching.com
URL: https://www.flomarching.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:4a00:6:3e38:9800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: istio-envoy / PHP/7.3.28
Resource Hash: 5fa8481878b49167133eff726e4ab736239b15e171b6c668718f63e29165eb2e

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 08:52:07 GMT
via: 1.1 cca9137c259ad738f790039a45561cef.cloudfront.net (CloudFront)
age: 402668
x-powered-by: PHP/7.3.28
x-cache: Hit from cloudfront
x-request-method: GET
x-envoy-upstream-service-time: 1212
pragma: cache
server: istio-envoy
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: https://admin.flomarching.com
cache-control: max-age=2592000
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: BXE42BpVDqLmi29rcw-wGWH_hDebr-Eht-iKkdrjGOHSNZ5m5wtgIA==
expires: Wed, 08 Sep 2021 08:52:07 GMT

GET
H2 200 60a3d8f59a45c.png
d2779tscntxxsw.cloudfront.net/ 10 KB
11 KB 53ms
14ms Image
image/jpeg 2600:9000:2104:4a00:6:3e38:9800:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2779tscntxxsw.cloudfront.net/60a3d8f59a45c.png?width=720&quality=80
Requested by: Host: www.flomarching.com
URL: https://www.flomarching.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:4a00:6:3e38:9800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: istio-envoy / PHP/7.3.28
Resource Hash: 6276ef44e1b039a72a40be45493677f307cd6788f0db0c7a384006375ffd2b3d

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 01:32:57 GMT
via: 1.1 cca9137c259ad738f790039a45561cef.cloudfront.net (CloudFront)
age: 342618
x-powered-by: PHP/7.3.28
x-cache: Hit from cloudfront
x-request-method: GET
x-envoy-upstream-service-time: 476
pragma: cache
server: istio-envoy
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: https://admin.flomarching.com
cache-control: max-age=2592000
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: DkdUEeRqT1TffW99mT0W1qXdkU3BffqCLPcGECIEHEg0takZuNnQug==
expires: Thu, 09 Sep 2021 01:32:57 GMT

GET
H2 200 cbc2a8b293c478abfc6e0c3ccf17ee3c869a4816560.png
d2779tscntxxsw.cloudfront.net/ 17 KB
18 KB 753ms
714ms Image
image/jpeg 2600:9000:2104:4a00:6:3e38:9800:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2779tscntxxsw.cloudfront.net/cbc2a8b293c478abfc6e0c3ccf17ee3c869a4816560.png?width=350&quality=80
Requested by: Host: www.flomarching.com
URL: https://www.flomarching.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:4a00:6:3e38:9800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: istio-envoy / PHP/7.3.28
Resource Hash: 8a106b8652b91ab3ac437fa477ffbe98af9fb3db2456128af897ab098c52349e

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: cache
date: Sat, 14 Aug 2021 00:43:15 GMT
via: 1.1 cca9137c259ad738f790039a45561cef.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: AMS1-C1
x-powered-by: PHP/7.3.28
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: https://admin.flomarching.com
cache-control: max-age=2592000
x-request-method: GET
x-envoy-upstream-service-time: 576
access-control-allow-methods: GET
x-amz-cf-id: GEUiFp-cFFGiBvS960CfgacACnetSHxqG0vuGVnDCDEX60uC3iiPeg==
expires: Mon, 13 Sep 2021 00:43:15 GMT

GET
H2 200 61170dfc304f9.png
d2779tscntxxsw.cloudfront.net/ 18 KB
19 KB 1145ms
1106ms Image
image/jpeg 2600:9000:2104:4a00:6:3e38:9800:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2779tscntxxsw.cloudfront.net/61170dfc304f9.png?width=350&quality=80
Requested by: Host: www.flomarching.com
URL: https://www.flomarching.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:4a00:6:3e38:9800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: istio-envoy / PHP/7.3.28
Resource Hash: 0a9beef5ee6896e9bc44d1bdaee3d5e5391fc88b9fff13993d23e59ceb37f8a0

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: cache
date: Sat, 14 Aug 2021 00:43:16 GMT
via: 1.1 cca9137c259ad738f790039a45561cef.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: AMS1-C1
x-powered-by: PHP/7.3.28
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: https://admin.flomarching.com
cache-control: max-age=2592000
x-request-method: GET
x-envoy-upstream-service-time: 816
access-control-allow-methods: GET
x-amz-cf-id: IHuz3mrZCeILeyfGqnIgEWURIWJ94KEQmsTB9a571O_Gs73YlXRNjw==
expires: Mon, 13 Sep 2021 00:43:16 GMT

GET
H2 200 85c0955bbebf55cab24b3f0a1c215e8f128a1836746.png
d2779tscntxxsw.cloudfront.net/ 22 KB
22 KB 697ms
669ms Image
image/jpeg 2600:9000:2104:4a00:6:3e38:9800:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2779tscntxxsw.cloudfront.net/85c0955bbebf55cab24b3f0a1c215e8f128a1836746.png?width=350&quality=80
Requested by: Host: www.flomarching.com
URL: https://www.flomarching.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:4a00:6:3e38:9800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: istio-envoy / PHP/7.3.28
Resource Hash: 88d66dd235a51db8964750afb6766283c32d0a0e0f07f310a13b13935b4ddb7b

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: cache
date: Sat, 14 Aug 2021 00:43:15 GMT
via: 1.1 cca9137c259ad738f790039a45561cef.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: AMS1-C1
x-powered-by: PHP/7.3.28
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: https://admin.flomarching.com
cache-control: max-age=2592000
x-request-method: GET
x-envoy-upstream-service-time: 423
access-control-allow-methods: GET
x-amz-cf-id: g7XEYv6MPiukCwWOwxmpR8uvDauERLobMmeS00qvwiqeqLHf-Z7TgQ==
expires: Mon, 13 Sep 2021 00:43:15 GMT

GET
H2 200 0d71b115724dac3be60b1113ad025845281006aa192.png
d2779tscntxxsw.cloudfront.net/ 15 KB
15 KB 700ms
699ms Image
image/jpeg 2600:9000:2104:4a00:6:3e38:9800:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2779tscntxxsw.cloudfront.net/0d71b115724dac3be60b1113ad025845281006aa192.png?width=350&quality=80
Requested by: Host: www.flomarching.com
URL: https://www.flomarching.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:4a00:6:3e38:9800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: istio-envoy / PHP/7.3.28
Resource Hash: a492c608a17e551b2718602bc34222f0952188b42127595afcafd5b86f23323c

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: cache
date: Sat, 14 Aug 2021 00:43:15 GMT
via: 1.1 cca9137c259ad738f790039a45561cef.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: AMS1-C1
x-powered-by: PHP/7.3.28
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: https://admin.flomarching.com
cache-control: max-age=2592000
x-request-method: GET
x-envoy-upstream-service-time: 437
access-control-allow-methods: GET
x-amz-cf-id: 4ox1QVtmnXsqIzvlGfAVjejTYEAwNMDj8vqV10emagGI351xL6_kNw==
expires: Mon, 13 Sep 2021 00:43:15 GMT

GET
H2 200 6116ecb51a66b.png
d2779tscntxxsw.cloudfront.net/ 18 KB
18 KB 986ms
985ms Image
image/jpeg 2600:9000:2104:4a00:6:3e38:9800:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2779tscntxxsw.cloudfront.net/6116ecb51a66b.png?width=350&quality=80
Requested by: Host: www.flomarching.com
URL: https://www.flomarching.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:4a00:6:3e38:9800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: istio-envoy / PHP/7.3.28
Resource Hash: 0c4a6e852dacaa95701c33001ec71f74850f06ae6eb90e625d24737326cf7994

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: cache
date: Sat, 14 Aug 2021 00:43:16 GMT
via: 1.1 cca9137c259ad738f790039a45561cef.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: AMS1-C1
x-powered-by: PHP/7.3.28
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: https://admin.flomarching.com
cache-control: max-age=2592000
x-request-method: GET
x-envoy-upstream-service-time: 663
access-control-allow-methods: GET
x-amz-cf-id: mgGdkL_GdjnEyqvg9yifUzufbqc_WHOBVO5QKxgrU6lDL7mpd3FSDg==
expires: Mon, 13 Sep 2021 00:43:16 GMT

GET
H2 200 57eaae0ed936c835555bb4e5dcc26aa275f9bc1b932.png
d2779tscntxxsw.cloudfront.net/ 14 KB
15 KB 627ms
626ms Image
image/jpeg 2600:9000:2104:4a00:6:3e38:9800:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2779tscntxxsw.cloudfront.net/57eaae0ed936c835555bb4e5dcc26aa275f9bc1b932.png?width=350&quality=80
Requested by: Host: www.flomarching.com
URL: https://www.flomarching.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:4a00:6:3e38:9800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: istio-envoy / PHP/7.3.28
Resource Hash: 9270785b7bdfb22633fbabd7e1ad13ffc06bc99ec0955e68f62c983ff529e7b1

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: cache
date: Sat, 14 Aug 2021 00:43:15 GMT
via: 1.1 cca9137c259ad738f790039a45561cef.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: AMS1-C1
x-powered-by: PHP/7.3.28
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: https://admin.flomarching.com
cache-control: max-age=2592000
x-request-method: GET
x-envoy-upstream-service-time: 367
access-control-allow-methods: GET
x-amz-cf-id: 8403_n4Z6zqU7MavsiGatSk3OtqVY5kC9UAMe0w6M77mXNLdLf0MtQ==
expires: Mon, 13 Sep 2021 00:43:15 GMT

GET
H2 200 NYQBGVBrREykDA3VMbLEyjb2R5Z4VP8k.jpg
d2779tscntxxsw.cloudfront.net/ 16 KB
16 KB 41ms
40ms Image
image/jpeg 2600:9000:2104:4a00:6:3e38:9800:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2779tscntxxsw.cloudfront.net/NYQBGVBrREykDA3VMbLEyjb2R5Z4VP8k.jpg?width=350&quality=80
Requested by: Host: www.flomarching.com
URL: https://www.flomarching.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:4a00:6:3e38:9800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: istio-envoy / PHP/7.3.28
Resource Hash: c8804f79c4dc4d92da7ef9e8940574296a91e895a26a281d9b661d1949e67d6b

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 21:51:24 GMT
via: 1.1 cca9137c259ad738f790039a45561cef.cloudfront.net (CloudFront)
age: 10310
x-powered-by: PHP/7.3.28
x-cache: Hit from cloudfront
x-request-method: GET
x-envoy-upstream-service-time: 373
pragma: cache
server: istio-envoy
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: https://admin.flomarching.com
cache-control: max-age=2592000
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: FHYiYPXPq4SVBAGqCtDGr_Um9bHLlrve2-7z5RY3g_vMXFySrEr7UA==
expires: Sun, 12 Sep 2021 21:51:24 GMT

GET
H2 200 cbc2a8b293c478abfc6e0c3ccf17ee3c869a4816560.png
d2779tscntxxsw.cloudfront.net/ 54 KB
54 KB 700ms
699ms Image
image/jpeg 2600:9000:2104:4a00:6:3e38:9800:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2779tscntxxsw.cloudfront.net/cbc2a8b293c478abfc6e0c3ccf17ee3c869a4816560.png?width=720&quality=80
Requested by: Host: www.flomarching.com
URL: https://www.flomarching.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:4a00:6:3e38:9800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: istio-envoy / PHP/7.3.28
Resource Hash: 883e29abad1c269bf9efc4d908a69cfd872469bddc6321714c89f641b9b8967c

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: cache
date: Sat, 14 Aug 2021 00:43:15 GMT
via: 1.1 cca9137c259ad738f790039a45561cef.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: AMS1-C1
x-powered-by: PHP/7.3.28
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: https://admin.flomarching.com
cache-control: max-age=2592000
x-request-method: GET
x-envoy-upstream-service-time: 454
access-control-allow-methods: GET
x-amz-cf-id: blsQGot_rWzAP38CXgOwTDJz2EMQ4JUJFjVLrsh3XmyB-qI9MZsFjw==
expires: Mon, 13 Sep 2021 00:43:15 GMT

GET
H2 200 56a34b0cf1c0e73730ca0b087caf5ee98ce8c6d2904.png
d2779tscntxxsw.cloudfront.net/ 59 KB
59 KB 713ms
712ms Image
image/jpeg 2600:9000:2104:4a00:6:3e38:9800:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2779tscntxxsw.cloudfront.net/56a34b0cf1c0e73730ca0b087caf5ee98ce8c6d2904.png?width=720&quality=80
Requested by: Host: www.flomarching.com
URL: https://www.flomarching.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:4a00:6:3e38:9800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: istio-envoy / PHP/7.3.28
Resource Hash: 4b375fd81efc46a2aa06055ad2ab2b1f7ea3b524a52396c746e7313447b55a61

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: cache
date: Sat, 14 Aug 2021 00:43:15 GMT
via: 1.1 cca9137c259ad738f790039a45561cef.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: AMS1-C1
x-powered-by: PHP/7.3.28
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: https://admin.flomarching.com
cache-control: max-age=2592000
x-request-method: GET
x-envoy-upstream-service-time: 467
access-control-allow-methods: GET
x-amz-cf-id: XYoqjzxRXvlvbbqF5g4SspNtR6IPvv4bo11rAU15DY1Dbhayh_GYIw==
expires: Mon, 13 Sep 2021 00:43:15 GMT

GET
H2 200 85c0955bbebf55cab24b3f0a1c215e8f128a1836746.png
d2779tscntxxsw.cloudfront.net/ 67 KB
68 KB 797ms
796ms Image
image/jpeg 2600:9000:2104:4a00:6:3e38:9800:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2779tscntxxsw.cloudfront.net/85c0955bbebf55cab24b3f0a1c215e8f128a1836746.png?width=720&quality=80
Requested by: Host: www.flomarching.com
URL: https://www.flomarching.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:4a00:6:3e38:9800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: istio-envoy / PHP/7.3.28
Resource Hash: ba302e46d9c96068219a0b2391af3e44a1e5f8b1f6c5a880c6ab008ddc7d854a

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: cache
date: Sat, 14 Aug 2021 00:43:15 GMT
via: 1.1 cca9137c259ad738f790039a45561cef.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: AMS1-C1
x-powered-by: PHP/7.3.28
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: https://admin.flomarching.com
cache-control: max-age=2592000
x-request-method: GET
x-envoy-upstream-service-time: 536
access-control-allow-methods: GET
x-amz-cf-id: OtoI_VF060cpiTD_HeXQfw7C71BpwcIJdPrfgQqGxQNzOV-beVFQUg==
expires: Mon, 13 Sep 2021 00:43:15 GMT

GET
H2 200 f5390e05d0c8a692cbccc6f0e856856c6d44ed691.png
d2779tscntxxsw.cloudfront.net/ 57 KB
57 KB 39ms
37ms Image
image/jpeg 2600:9000:2104:4a00:6:3e38:9800:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2779tscntxxsw.cloudfront.net/f5390e05d0c8a692cbccc6f0e856856c6d44ed691.png?width=720&quality=80
Requested by: Host: www.flomarching.com
URL: https://www.flomarching.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:4a00:6:3e38:9800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: istio-envoy / PHP/7.3.28
Resource Hash: 48f0843f79cffa9ff89aff9dce8cf1b00bcbfdcb4ff4b5bc04d1ed067b67edd1

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 23:57:01 GMT
via: 1.1 cca9137c259ad738f790039a45561cef.cloudfront.net (CloudFront)
age: 2774
x-powered-by: PHP/7.3.28
x-cache: Hit from cloudfront
x-request-method: GET
x-envoy-upstream-service-time: 443
pragma: cache
server: istio-envoy
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: https://admin.flomarching.com
cache-control: max-age=2592000
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: fjbgYoWSai5yBg4hq9WP9eaENZKo5FX5I-yGPm1vkz1Nz8pOiHgs2Q==
expires: Sun, 12 Sep 2021 23:57:01 GMT

GET
H2 200 9851fd22c06c9058fc11a20a514f445ec7c4bfab375.png
d2779tscntxxsw.cloudfront.net/ 59 KB
60 KB 22ms
21ms Image
image/jpeg 2600:9000:2104:4a00:6:3e38:9800:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2779tscntxxsw.cloudfront.net/9851fd22c06c9058fc11a20a514f445ec7c4bfab375.png?width=720&quality=80
Requested by: Host: www.flomarching.com
URL: https://www.flomarching.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:4a00:6:3e38:9800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: istio-envoy / PHP/7.3.28
Resource Hash: 8cc2e0240761836b85800156847304dee1879ccd514846733fb710cdb830c5ae

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 07:34:19 GMT
via: 1.1 cca9137c259ad738f790039a45561cef.cloudfront.net (CloudFront)
age: 61736
x-powered-by: PHP/7.3.28
x-cache: Hit from cloudfront
x-request-method: GET
x-envoy-upstream-service-time: 439
pragma: cache
server: istio-envoy
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: https://admin.flomarching.com
cache-control: max-age=2592000
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: z0bbrQs6NGfvvFiZwXo5HyuVZsXcoZVziXcUQD3g9to0CZYu0bad6g==
expires: Sun, 12 Sep 2021 07:34:19 GMT

GET
H2 200 ddc4e09a5030d6be4e1f7268d0513e9de428a26f198.png
d2779tscntxxsw.cloudfront.net/ 65 KB
65 KB 23ms
22ms Image
image/jpeg 2600:9000:2104:4a00:6:3e38:9800:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2779tscntxxsw.cloudfront.net/ddc4e09a5030d6be4e1f7268d0513e9de428a26f198.png?width=720&quality=80
Requested by: Host: www.flomarching.com
URL: https://www.flomarching.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:4a00:6:3e38:9800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: istio-envoy / PHP/7.3.28
Resource Hash: 1f31fbd6c353cda90b0acbfcc0a8f3beb7051e216bb4d9b8007816f58941c44a

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 07:34:18 GMT
via: 1.1 cca9137c259ad738f790039a45561cef.cloudfront.net (CloudFront)
age: 61736
x-powered-by: PHP/7.3.28
x-cache: Hit from cloudfront
x-request-method: GET
x-envoy-upstream-service-time: 469
pragma: cache
server: istio-envoy
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: https://admin.flomarching.com
cache-control: max-age=2592000
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: pJSqz23qkSAkVXiKoCpWla0wSJ6i5bVm2Dm5IM_3wyUiPjwMlX2Yzw==
expires: Sun, 12 Sep 2021 07:34:19 GMT

GET
H2 200 ed26311c33c71802f11bf8f15d22a193fefef70c729.png
d2779tscntxxsw.cloudfront.net/ 61 KB
61 KB 23ms
21ms Image
image/jpeg 2600:9000:2104:4a00:6:3e38:9800:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2779tscntxxsw.cloudfront.net/ed26311c33c71802f11bf8f15d22a193fefef70c729.png?width=720&quality=80
Requested by: Host: www.flomarching.com
URL: https://www.flomarching.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:4a00:6:3e38:9800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: istio-envoy / PHP/7.3.28
Resource Hash: 2bd891156214f92463ac5242f1baa7a1db087992fd54d78cc939a99b10f0856a

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 02:49:17 GMT
via: 1.1 cca9137c259ad738f790039a45561cef.cloudfront.net (CloudFront)
age: 78837
x-powered-by: PHP/7.3.28
x-cache: Hit from cloudfront
x-request-method: GET
x-envoy-upstream-service-time: 432
pragma: cache
server: istio-envoy
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: https://admin.flomarching.com
cache-control: max-age=2592000
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: 4PbAHp926Ig84tNB4WBgRHmygHRMvPyfwNHVE-G-RqqB2Jymh0hemA==
expires: Sun, 12 Sep 2021 02:49:17 GMT

GET
H2 200 4e12f7de7e064a90a920953910d3499908fafcae890.png
d2779tscntxxsw.cloudfront.net/ 61 KB
62 KB 23ms
22ms Image
image/jpeg 2600:9000:2104:4a00:6:3e38:9800:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2779tscntxxsw.cloudfront.net/4e12f7de7e064a90a920953910d3499908fafcae890.png?width=720&quality=80
Requested by: Host: www.flomarching.com
URL: https://www.flomarching.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:4a00:6:3e38:9800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: istio-envoy / PHP/7.3.28
Resource Hash: 030d7c998269627b04c6d9fdc96c2a704c4c7d00142a598635555227589311cc

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 02:49:17 GMT
via: 1.1 cca9137c259ad738f790039a45561cef.cloudfront.net (CloudFront)
age: 78837
x-powered-by: PHP/7.3.28
x-cache: Hit from cloudfront
x-request-method: GET
x-envoy-upstream-service-time: 416
pragma: cache
server: istio-envoy
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: https://admin.flomarching.com
cache-control: max-age=2592000
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: oLC4NLpTgAjpuL_qbTSiustDn_PhVRyczB1RMrYBSfJgZgX_iDMZGg==
expires: Sun, 12 Sep 2021 02:49:17 GMT

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ 230 KB
67 KB 27ms
12ms Script
application/x-javascript 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=e4b75a4a56d76c62cf2edc6c509bdd87

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

281ebcf418fe495868ff63157a5780d68b4f52452b1c210557a4305d72447ad1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://www.flomarching.com
Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: nOCSlx0lAZ0ib1QiDqAYgg==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 68275
x-fb-rlafr: 0
x-fb-debug: STmsJjSS6z4AmmHIAPdhkcpsYZmADGEqkfGWME0HojAVkHOzULPPX0BKtlIpIZf1DiDpqVkp04jKHSakm0xtoQ==
x-fb-content-md5: c178c06071a006e19e1baf1ce256111a
x-frame-options: DENY
date: Sat, 14 Aug 2021 00:43:15 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "b505b7661cdb457c4782a3e39c5c174f"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 13 Aug 2022 23:20:29 GMT

OPTIONS
H2 204 geo
live-api-3.flosports.tv/events/ Frame 0
0 157ms
46ms Preflight 151.101.194.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://live-api-3.flosports.tv/events/geo?eventIds=30331,27417,27875,27876,27877,27878,27879,27880,27881,27882,27884,27885

Protocol

Server

151.101.194.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Origin: https://www.flomarching.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

retry-after: 0
accept-ranges: bytes
date: Sat, 14 Aug 2021 00:43:15 GMT
x-served-by: cache-hhn4077-HHN
x-cache: HIT
x-cache-hits: 0
x-timer: S1628901796.871897,VS0,VE1
access-control-allow-origin: https://www.flomarching.com
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,OPTIONS,PATCH,PUT,POST,DELETE
access-control-allow-headers: Range,Expires,Etag,Cache-Control,Content-Length,Content-Type,Content-Range,Authorization,DNT,X-301-Location,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,x-flo-flags,x-flo-flags-all
access-control-expose-headers: Range,Expires,Etag,Cache-Control,Content-Length,Content-Type,Content-Range,Last-Modified,Pragma,x-flo-flags,x-flo-flags-all
access-control-max-age: 86400
vary: Origin
strict-transport-security: max-age=900

GET
H2 200 v3 Show response
js.stripe.com/ 234 KB
64 KB 369ms
109ms Script
application/javascript 52.84.45.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: www.flomarching.com
URL: https://www.flomarching.com/main-es2015.46436c05f60a6ba92f0e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.45.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-45-121.mrs52.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

2d0c068778f9ddf50cfd9b3ba3dae7d045cad544b1b9efabeb647bef10fa170c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:09 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 7
via: 1.1 e79b73e5f9ad915693bd9b6946372e82.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-request-id: 13Z8VPQ9QZ1KTA6R
x-amz-id-2: 2da6W7vG6bWLN8Iu4j1Qi9AvuRznWxfWfnTPemWOKcx8rhHzAMYGBAMBRYgEhC/Hd9dTG0lW2ZE=
last-modified: Thu, 12 Aug 2021 14:57:47 GMT
server: AmazonS3
etag: W/"b92df85813fb3e61b4be05d05c000af8"
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop: MRS52-P1
timing-allow-origin: *
x-amz-cf-id: 7BX8TpOUILLazuGsyELZpMD-6pKjismUVW_8epDERNOWe2fcsZigLg==

GET
H2 200 ad-server.js Show response
app30.flosports.tv/ 2 B
435 B 195ms
59ms XHR
application/json 13.224.193.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app30.flosports.tv/ad-server.js?doubleclick=1&gen_204=1&id=wfocus&gqid=advertisment&advert=ads&pagead=1&ad_code=0
Requested by: Host: www.flomarching.com
URL: https://www.flomarching.com/polyfills-es2015.2ebf71d0bda85b2f65d1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-90.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:15 GMT
via: 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
last-modified: Fri, 06 Jul 2018 14:53:49 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "99914b932bd37a50b983c5e7c90ae93b"
vary: Origin
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 3000
x-cache: Hit from cloudfront
content-length: 2
x-amz-cf-id: yTX-uxj2fwUp_z6wnys-Izon4ZYpoXtyvE18KVYs2ew1wOJ21LZAKg==
access-control-expose-headers: Access-Control-Allow-Origin

GET
H2 200 867-es2015.86cc5182e8a694808615.js Show response
www.flomarching.com/ 5 KB
2 KB 44ms
43ms Script
application/javascript 151.101.130.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.flomarching.com/867-es2015.86cc5182e8a694808615.js

Requested by

Host: www.flomarching.com
URL: https://www.flomarching.com/runtime-es2015.a5137cbca45019b5c0dc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ecb21dfcccca26bfa76080c5e80c2f6a56deb4510378f9e99cfccf090ced00ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

:path: /867-es2015.86cc5182e8a694808615.js
pragma: no-cache
cookie: x-flo-ab=flo_12894_signup_copy_v3-2|flo_12811_ads_on_premium_vods-1|flo_12887_google_social_login_v2-1|flo_12890_testimonials_v2-0|flo_12846_reactivate_button_v3-1|flo_13608_usd_on_bikes-1|flo_13616_watch_on_web_v2c-0|flo_13720_vod_transmit_ads_v2-0|flo_13740_favorites_in_front_of_pay-1|flo_13965_annual_pricing_language-1|flo_13801_athletes_teams_nav-1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.flomarching.com
referer: https://www.flomarching.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:15 GMT
content-encoding: gzip
age: 16174
x-flo-geo-latitude: 60.170
x-flo-backend-name: 2hYDS6BV39I6TWCBaiN8An--F_gcs_assets
x-flo-geo-gmt-offset: 300
x-flo-geo-conn-speed: broadband
x-flo-info-state: HIT-CLUSTER-cache-hhn4053-HHN
access-control-max-age: 86400
x-flo-geo-longitude: 24.930
x-cache: HIT, HIT
strict-transport-security: max-age=900
content-length: 1835
x-flo-geo-postal-code: 00100
x-flo-geo-country-code: FI
expires: Tue, 08 Feb 2022 14:27:12 GMT
last-modified: Thu, 12 Aug 2021 14:26:09 GMT
etag: "29a311b51d174cccfa47b3b3861a5277"
x-served-by: cache-mdw17360-MDW, cache-hhn4053-HHN
vary: Accept-Encoding,Origin
access-control-allow-methods: GET,HEAD,OPTIONS,PATCH,PUT,POST,DELETE
content-type: application/javascript
access-control-expose-headers: Range,Expires,Etag,Cache-Control,Content-Length,Content-Type,Content-Range,Last-Modified,Pragma,x-flo-flags,x-flo-flags-all
cache-control: max-age=0, s-maxage=15552000
access-control-allow-credentials: true
accept-ranges: bytes
x-flo-info-state-shield: HIT-cache-mdw17360-MDW
access-control-allow-headers: Range,Expires,Etag,Cache-Control,Content-Length,Content-Type,Content-Range,Authorization,DNT,X-301-Location,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,x-flo-flags,x-flo-flags-all
x-cache-tags: (null),All-Content
x-flo-ff-server-identity: cache-mdw17328-MDW
x-cache-hits: 2, 1

GET
H2 200 744-es2015.218d053881efaa682334.js Show response
www.flomarching.com/ 980 B
1 KB 43ms
43ms Script
application/javascript 151.101.130.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.flomarching.com/744-es2015.218d053881efaa682334.js

Requested by

Host: www.flomarching.com
URL: https://www.flomarching.com/runtime-es2015.a5137cbca45019b5c0dc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4691b46e5ed0f4452b0b1a0651408350fc5d99a1b17b71e64602d2353f8b8109

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

:path: /744-es2015.218d053881efaa682334.js
pragma: no-cache
cookie: x-flo-ab=flo_12894_signup_copy_v3-2|flo_12811_ads_on_premium_vods-1|flo_12887_google_social_login_v2-1|flo_12890_testimonials_v2-0|flo_12846_reactivate_button_v3-1|flo_13608_usd_on_bikes-1|flo_13616_watch_on_web_v2c-0|flo_13720_vod_transmit_ads_v2-0|flo_13740_favorites_in_front_of_pay-1|flo_13965_annual_pricing_language-1|flo_13801_athletes_teams_nav-1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.flomarching.com
referer: https://www.flomarching.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:15 GMT
content-encoding: gzip
age: 16138
x-flo-geo-latitude: 49.360
x-flo-backend-name: 2hYDS6BV39I6TWCBaiN8An--F_gcs_assets
x-flo-geo-gmt-offset: 200
x-flo-geo-conn-speed: broadband
x-flo-info-state: HIT-CLUSTER-cache-hhn4053-HHN
access-control-max-age: 86400
x-flo-geo-longitude: 6.810
x-cache: HIT, HIT
strict-transport-security: max-age=900
content-length: 477
x-flo-geo-postal-code: 66793
x-flo-geo-country-code: DE
expires: Wed, 02 Feb 2022 16:01:43 GMT
last-modified: Fri, 06 Aug 2021 15:55:49 GMT
etag: "8096e5a92250009f570cabfc76212afe"
x-served-by: cache-mdw17353-MDW, cache-hhn4053-HHN
vary: Accept-Encoding,Origin
access-control-allow-methods: GET,HEAD,OPTIONS,PATCH,PUT,POST,DELETE
x-flo-ff-server-identity: cache-mdw17320-MDW
access-control-expose-headers: Range,Expires,Etag,Cache-Control,Content-Length,Content-Type,Content-Range,Last-Modified,Pragma,x-flo-flags,x-flo-flags-all
cache-control: max-age=0, s-maxage=15552000
access-control-allow-credentials: true
x-cache-tags: (null),All-Content
accept-ranges: bytes
content-type: application/javascript
access-control-allow-headers: Range,Expires,Etag,Cache-Control,Content-Length,Content-Type,Content-Range,Authorization,DNT,X-301-Location,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,x-flo-flags,x-flo-flags-all
x-flo-info-state-shield: HIT-cache-mdw17353-MDW
x-cache-hits: 2, 1

GET
H2 207 geo Show response
live-api-3.flosports.tv/events/ 1 KB
2 KB 474ms
474ms XHR
application/json 151.101.194.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://live-api-3.flosports.tv/events/geo?eventIds=30331,27417,27875,27876,27877,27878,27879,27880,27881,27882,27884,27885

Requested by

Host: www.flomarching.com
URL: https://www.flomarching.com/polyfills-es2015.2ebf71d0bda85b2f65d1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

55bc7f344301bb4134213fdd47aa1f03dcd41ca5f1164fa61893c00ba4b94bc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Authorization: Bearer

Response headers

date: Sat, 14 Aug 2021 00:43:16 GMT
x-flo-geo-latitude: 50.810
x-flo-backend-name: 4DP4A2wYflT5HAWrBkI3ZW--F_kube_backend
x-flo-geo-gmt-offset: 200
x-flo-geo-conn-speed: broadband
access-control-max-age: 86400
x-flo-geo-longitude: 15.680
x-cache: MISS
strict-transport-security: max-age=900
content-length: 1534
x-served-by: cache-hhn4077-HHN
accept-ranges: bytes
x-flo-geo-postal-code: 58-563
etag: W/"5fe-Lp1ySlS7MIVDaesPrc9oddEvX+E"
vary: Origin
access-control-allow-methods: GET,HEAD,OPTIONS,PATCH,PUT,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.flomarching.com
access-control-expose-headers: Range,Expires,Etag,Cache-Control,Content-Length,Content-Type,Content-Range,Last-Modified,Pragma,x-flo-flags,x-flo-flags-all
access-control-allow-credentials: true
x-flo-geo-country-code: PL
access-control-allow-headers: Range,Expires,Etag,Cache-Control,Content-Length,Content-Type,Content-Range,Authorization,DNT,X-301-Location,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,x-flo-flags,x-flo-flags-all
x-flo-ff-server-identity: cache-hhn4077-HHN
x-cache-hits: 0

GET
H2 200 icon-search.svg Show response
www.flomarching.com/assets/svg/ 497 B
738 B 44ms
44ms XHR
image/svg+xml 151.101.130.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.flomarching.com/assets/svg/icon-search.svg

Requested by

Host: www.flomarching.com
URL: https://www.flomarching.com/polyfills-es2015.2ebf71d0bda85b2f65d1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

669a7761d32471eec3ff2fbaf0836575a15ab8616e6ad72a9cd3578dcb86d0de

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

:path: /assets/svg/icon-search.svg
pragma: no-cache
cookie: x-flo-ab=flo_12894_signup_copy_v3-2|flo_12811_ads_on_premium_vods-1|flo_12887_google_social_login_v2-1|flo_12890_testimonials_v2-0|flo_12846_reactivate_button_v3-1|flo_13608_usd_on_bikes-1|flo_13616_watch_on_web_v2c-0|flo_13720_vod_transmit_ads_v2-0|flo_13740_favorites_in_front_of_pay-1|flo_13965_annual_pricing_language-1|flo_13801_athletes_teams_nav-1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: application/json, text/plain, */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.flomarching.com
referer: https://www.flomarching.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/plain, */*
Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:15 GMT
content-encoding: gzip
age: 16136
x-flo-geo-latitude: 52.490
x-flo-backend-name: 2hYDS6BV39I6TWCBaiN8An--F_gcs_assets
x-flo-geo-gmt-offset: 200
x-flo-geo-conn-speed: broadband
x-flo-info-state: HIT-CLUSTER-cache-hhn4053-HHN
access-control-max-age: 86400
x-flo-geo-longitude: 13.380
x-cache: HIT, HIT
strict-transport-security: max-age=900
content-length: 320
x-flo-geo-postal-code: 10965
x-flo-geo-country-code: DE
expires: Tue, 04 Jan 2022 19:20:23 GMT
last-modified: Thu, 08 Jul 2021 19:03:52 GMT
etag: "f2bb50c502b91af10ee3044fae978265"
x-served-by: cache-mdw17366-MDW, cache-hhn4053-HHN
vary: Accept-Encoding,Origin
access-control-allow-methods: GET,HEAD,OPTIONS,PATCH,PUT,POST,DELETE
x-flo-ff-server-identity: cache-mdw17334-MDW
access-control-expose-headers: Range,Expires,Etag,Cache-Control,Content-Length,Content-Type,Content-Range,Last-Modified,Pragma,x-flo-flags,x-flo-flags-all
cache-control: max-age=0, s-maxage=15552000
access-control-allow-credentials: true
x-cache-tags: (null),All-Content
accept-ranges: bytes
content-type: image/svg+xml
access-control-allow-headers: Range,Expires,Etag,Cache-Control,Content-Length,Content-Type,Content-Range,Authorization,DNT,X-301-Location,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,x-flo-flags,x-flo-flags-all
x-flo-info-state-shield: HIT-CLUSTER-cache-mdw17366-MDW
x-cache-hits: 1, 1

GET
H2 200 icon-angle-down.svg Show response
www.flomarching.com/assets/svg/ 260 B
877 B 43ms
43ms XHR
image/svg+xml 151.101.130.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.flomarching.com/assets/svg/icon-angle-down.svg

Requested by

Host: www.flomarching.com
URL: https://www.flomarching.com/polyfills-es2015.2ebf71d0bda85b2f65d1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4afecaa473d14d021d631ed55b529c72e2ca6614da1de0b3b995a801c5872f63

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

:path: /assets/svg/icon-angle-down.svg
pragma: no-cache
cookie: x-flo-ab=flo_12894_signup_copy_v3-2|flo_12811_ads_on_premium_vods-1|flo_12887_google_social_login_v2-1|flo_12890_testimonials_v2-0|flo_12846_reactivate_button_v3-1|flo_13608_usd_on_bikes-1|flo_13616_watch_on_web_v2c-0|flo_13720_vod_transmit_ads_v2-0|flo_13740_favorites_in_front_of_pay-1|flo_13965_annual_pricing_language-1|flo_13801_athletes_teams_nav-1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: application/json, text/plain, */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.flomarching.com
referer: https://www.flomarching.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/plain, */*
Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:15 GMT
content-encoding: gzip
age: 16137
x-flo-geo-latitude: 65.600
x-flo-backend-name: 2hYDS6BV39I6TWCBaiN8An--F_gcs_assets
x-flo-geo-gmt-offset: 200
x-flo-geo-conn-speed: broadband
x-flo-info-state: HIT-CLUSTER-cache-hhn4053-HHN
access-control-max-age: 86400
x-flo-geo-longitude: 22.150
x-cache: HIT, HIT
strict-transport-security: max-age=900
content-length: 202
x-flo-geo-postal-code: 971 00
x-flo-geo-country-code: SE
expires: Mon, 07 Feb 2022 13:46:37 GMT
last-modified: Tue, 10 Aug 2021 15:14:12 GMT
etag: "122627c625f4d55915c95920bacc3bd8"
x-served-by: cache-mdw17376-MDW, cache-hhn4053-HHN
vary: Accept-Encoding,Origin
access-control-allow-methods: GET,HEAD,OPTIONS,PATCH,PUT,POST,DELETE
x-flo-ff-server-identity: cache-mdw17377-MDW
access-control-expose-headers: Range,Expires,Etag,Cache-Control,Content-Length,Content-Type,Content-Range,Last-Modified,Pragma,x-flo-flags,x-flo-flags-all
cache-control: max-age=0, s-maxage=15552000
access-control-allow-credentials: true
x-cache-tags: (null),All-Content
accept-ranges: bytes
content-type: image/svg+xml
access-control-allow-headers: Range,Expires,Etag,Cache-Control,Content-Length,Content-Type,Content-Range,Authorization,DNT,X-301-Location,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,x-flo-flags,x-flo-flags-all
x-flo-info-state-shield: HIT-CLUSTER-cache-mdw17376-MDW
x-cache-hits: 1, 1

GET
H2 200 icon-search.svg Show response
www.flomarching.com/assets/svg/ 497 B
453 B 42ms
42ms XHR
image/svg+xml 151.101.130.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.flomarching.com/assets/svg/icon-search.svg

Requested by

Host: www.flomarching.com
URL: https://www.flomarching.com/polyfills-es2015.2ebf71d0bda85b2f65d1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

669a7761d32471eec3ff2fbaf0836575a15ab8616e6ad72a9cd3578dcb86d0de

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

:path: /assets/svg/icon-search.svg
pragma: no-cache
cookie: x-flo-ab=flo_12894_signup_copy_v3-2|flo_12811_ads_on_premium_vods-1|flo_12887_google_social_login_v2-1|flo_12890_testimonials_v2-0|flo_12846_reactivate_button_v3-1|flo_13608_usd_on_bikes-1|flo_13616_watch_on_web_v2c-0|flo_13720_vod_transmit_ads_v2-0|flo_13740_favorites_in_front_of_pay-1|flo_13965_annual_pricing_language-1|flo_13801_athletes_teams_nav-1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: application/json, text/plain, */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.flomarching.com
referer: https://www.flomarching.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/plain, */*
Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:15 GMT
content-encoding: gzip
age: 16136
x-flo-geo-latitude: 52.490
x-flo-backend-name: 2hYDS6BV39I6TWCBaiN8An--F_gcs_assets
x-flo-geo-gmt-offset: 200
x-flo-geo-conn-speed: broadband
x-flo-info-state: HIT-cache-hhn4053-HHN
access-control-max-age: 86400
x-flo-geo-longitude: 13.380
x-cache: HIT, HIT
strict-transport-security: max-age=900
content-length: 320
x-flo-geo-postal-code: 10965
x-flo-geo-country-code: DE
expires: Tue, 04 Jan 2022 19:20:23 GMT
last-modified: Thu, 08 Jul 2021 19:03:52 GMT
etag: "f2bb50c502b91af10ee3044fae978265"
x-served-by: cache-mdw17366-MDW, cache-hhn4053-HHN
vary: Accept-Encoding,Origin
access-control-allow-methods: GET,HEAD,OPTIONS,PATCH,PUT,POST,DELETE
x-flo-ff-server-identity: cache-mdw17334-MDW
access-control-expose-headers: Range,Expires,Etag,Cache-Control,Content-Length,Content-Type,Content-Range,Last-Modified,Pragma,x-flo-flags,x-flo-flags-all
cache-control: max-age=0, s-maxage=15552000
access-control-allow-credentials: true
x-cache-tags: (null),All-Content
accept-ranges: bytes
content-type: image/svg+xml
access-control-allow-headers: Range,Expires,Etag,Cache-Control,Content-Length,Content-Type,Content-Range,Authorization,DNT,X-301-Location,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,x-flo-flags,x-flo-flags-all
x-flo-info-state-shield: HIT-CLUSTER-cache-mdw17366-MDW
x-cache-hits: 1, 2

GET
H2 200 icon-share.svg Show response
www.flomarching.com/assets/svg/ 883 B
1012 B 43ms
43ms XHR
image/svg+xml 151.101.130.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.flomarching.com/assets/svg/icon-share.svg

Requested by

Host: www.flomarching.com
URL: https://www.flomarching.com/polyfills-es2015.2ebf71d0bda85b2f65d1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

163954c4821b36836cef3f5c69240a1d0c234418a2b6b6d69558ae196c8dfdf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

:path: /assets/svg/icon-share.svg
pragma: no-cache
cookie: x-flo-ab=flo_12894_signup_copy_v3-2|flo_12811_ads_on_premium_vods-1|flo_12887_google_social_login_v2-1|flo_12890_testimonials_v2-0|flo_12846_reactivate_button_v3-1|flo_13608_usd_on_bikes-1|flo_13616_watch_on_web_v2c-0|flo_13720_vod_transmit_ads_v2-0|flo_13740_favorites_in_front_of_pay-1|flo_13965_annual_pricing_language-1|flo_13801_athletes_teams_nav-1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: application/json, text/plain, */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.flomarching.com
referer: https://www.flomarching.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/plain, */*
Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:15 GMT
content-encoding: gzip
age: 16174
x-flo-geo-latitude: 65.600
x-flo-backend-name: 2hYDS6BV39I6TWCBaiN8An--F_gcs_assets
x-flo-geo-gmt-offset: 200
x-flo-geo-conn-speed: broadband
x-flo-info-state: HIT-CLUSTER-cache-hhn4053-HHN
access-control-max-age: 86400
x-flo-geo-longitude: 22.150
x-cache: HIT, HIT
strict-transport-security: max-age=900
content-length: 386
x-flo-geo-postal-code: 971 00
x-flo-geo-country-code: SE
expires: Wed, 12 Jan 2022 22:09:08 GMT
last-modified: Fri, 16 Jul 2021 22:04:58 GMT
etag: "a98a0679d85ce9a017617c7df20f0b66"
x-served-by: cache-mdw17354-MDW, cache-hhn4053-HHN
vary: Accept-Encoding,Origin
access-control-allow-methods: GET,HEAD,OPTIONS,PATCH,PUT,POST,DELETE
x-flo-ff-server-identity: cache-mdw17330-MDW
access-control-expose-headers: Range,Expires,Etag,Cache-Control,Content-Length,Content-Type,Content-Range,Last-Modified,Pragma,x-flo-flags,x-flo-flags-all
cache-control: max-age=0, s-maxage=15552000
access-control-allow-credentials: true
x-cache-tags: (null),All-Content
accept-ranges: bytes
content-type: image/svg+xml
access-control-allow-headers: Range,Expires,Etag,Cache-Control,Content-Length,Content-Type,Content-Range,Authorization,DNT,X-301-Location,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,x-flo-flags,x-flo-flags-all
x-flo-info-state-shield: HIT-CLUSTER-cache-mdw17354-MDW
x-cache-hits: 1, 1

POST
H2 200 p Show response
siop.flosports.tv/v1/ 21 B
62 B 683ms
683ms XHR
application/json 151.101.194.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://siop.flosports.tv/v1/p
Requested by: Host: www.flomarching.com
URL: https://www.flomarching.com/polyfills-es2015.2ebf71d0bda85b2f65d1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.flomarching.com
date: Sat, 14 Aug 2021 00:43:16 GMT
accept-ranges: bytes
content-length: 21
vary: Origin
content-type: application/json

POST
H2 200 t Show response
siop.flosports.tv/v1/ 21 B
50 B 705ms
705ms XHR
application/json 151.101.194.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://siop.flosports.tv/v1/t
Requested by: Host: www.flomarching.com
URL: https://www.flomarching.com/polyfills-es2015.2ebf71d0bda85b2f65d1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.flomarching.com
date: Sat, 14 Aug 2021 00:43:16 GMT
accept-ranges: bytes
content-length: 21
vary: Origin
content-type: application/json

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 157ms
58ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: siop.flosports.tv
URL: https://siop.flosports.tv/siop.js/v1/6VZ9qas6vcOK17MwJKsGwjun0Ps5PrGG/siop.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

1c3bd00be556bf95f92a2ab1119b8b26544a1997ab0c09f86490bc32339ad32e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13981
x-xss-protection: 0
server: cafe
etag: 6132654052448080839
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 14 Aug 2021 00:43:16 GMT

GET
H3-29 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
25 KB 14ms
13ms Script
application/x-javascript 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: siop.flosports.tv
URL: https://siop.flosports.tv/siop.js/v1/6VZ9qas6vcOK17MwJKsGwjun0Ps5PrGG/siop.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c4243f7f5aa95631ca62fab376c3804859e808b66d373d07270872d23b8b081b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25944
x-xss-protection: 0
pragma: public
x-fb-debug: HZnxtQiANWr2LaCWwFu2h9sU9eQvVglxYp2Mp48PJPJoz1WWfa5h2rTywnmMaCHCLSXz7Cs4f3CkqObmA2+KTA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 14 Aug 2021 00:43:15 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 26ms
5ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: siop.flosports.tv
URL: https://siop.flosports.tv/siop.js/v1/6VZ9qas6vcOK17MwJKsGwjun0Ps5PrGG/siop.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 5374
date: Fri, 13 Aug 2021 23:13:41 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Sat, 14 Aug 2021 01:13:41 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 149 KB
55 KB 42ms
22ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K9PLZBZ&l=dataLayer

Requested by

Host: siop.flosports.tv
URL: https://siop.flosports.tv/siop.js/v1/6VZ9qas6vcOK17MwJKsGwjun0Ps5PrGG/siop.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5a0c72ca12bddce31f01a7b21048970cbf8225b7b6257b51fe62835ba67e12f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:16 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55384
x-xss-protection: 0
last-modified: Sat, 14 Aug 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 14 Aug 2021 00:43:16 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
9 KB 24ms
8ms Script
application/javascript 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: siop.flosports.tv
URL: https://siop.flosports.tv/siop.js/v1/6VZ9qas6vcOK17MwJKsGwjun0Ps5PrGG/siop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 95b17ad661699c049d42195b8ccd1d855045a1fcfbd20d8609a6d87fa5703810

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:15 GMT
content-encoding: gzip
etag: "lp772EpWKwf8Kq7YKMhbuw=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Sat, 21 Aug 2021 00:43:15 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
2 KB 48ms
47ms Script
application/javascript 65.9.73.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: siop.flosports.tv
URL: https://siop.flosports.tv/siop.js/v1/6VZ9qas6vcOK17MwJKsGwjun0Ps5PrGG/siop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.73.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:25:27 GMT
via: 1.1 e13e8f228afcbd0862f27c6ebd714879.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 1069
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: 3hxVGKLQ5_HfpGuFwGkS8OqsG0PjNSoJ5IIJvMT-fiygrF9SX6vi8A==

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 59ms
13ms Script
application/x-javascript 2600:9000:20eb:d400:18:1fcd:34f:cdc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: siop.flosports.tv
URL: https://siop.flosports.tv/siop.js/v1/6VZ9qas6vcOK17MwJKsGwjun0Ps5PrGG/siop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:d400:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 612e6b00354d56a1726cd40dc9a28d83ffda033d63214eae704d1e61ef59b3b5

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 16:13:39 GMT
content-encoding: gzip
last-modified: Fri, 09 Jul 2021 00:11:37 GMT
server: nginx
age: 30577
etag: W/"60e79439-8e96"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront)
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 1rlaGT9l-dWQ6vJA93R_MZedm654cT_Nk2lPabSO2CTOnngp0Fh8RA==
expires: Sat, 14 Aug 2021 16:13:39 GMT

POST
H2 200 t Show response
siop.flosports.tv/v1/ 21 B
50 B 699ms
699ms XHR
application/json 151.101.194.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://siop.flosports.tv/v1/t
Requested by: Host: www.flomarching.com
URL: https://www.flomarching.com/polyfills-es2015.2ebf71d0bda85b2f65d1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.flomarching.com
date: Sat, 14 Aug 2021 00:43:16 GMT
accept-ranges: bytes
content-length: 21
vary: Origin
content-type: application/json

POST
H2 200 t Show response
siop.flosports.tv/v1/ 21 B
50 B 682ms
681ms XHR
application/json 151.101.194.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://siop.flosports.tv/v1/t
Requested by: Host: www.flomarching.com
URL: https://www.flomarching.com/polyfills-es2015.2ebf71d0bda85b2f65d1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.flomarching.com
date: Sat, 14 Aug 2021 00:43:16 GMT
accept-ranges: bytes
content-length: 21
vary: Origin
content-type: application/json

GET
H3-29 200 pubads_impl_2021081001.js Show response
securepubads.g.doubleclick.net/gpt/ 329 KB
115 KB 62ms
60ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081001.js?31062246

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

79cc39ab51de99510d98e22dfc56bd456b3ffbb29671e3d2e61719ee50792565

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Aug 2021 08:39:05 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117457
x-xss-protection: 0
expires: Sat, 14 Aug 2021 00:43:16 GMT

GET
H3-29 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 121 B
123 B 58ms
57ms XHR
application/json 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.flomarching.com

Requested by

Host: www.flomarching.com
URL: https://www.flomarching.com/polyfills-es2015.2ebf71d0bda85b2f65d1.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

f51278e5dc725439bb4feea142914eb646127b5bb1b1b0e64cdff601f4aa11bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 14 Aug 2021 00:43:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98
x-xss-protection: 0
expires: Sat, 14 Aug 2021 00:43:16 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
305 B 177ms
176ms XHR
text/plain 52.84.44.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.flomarching.com%2F&pubid=2e897944-3457-4bd4-87d9-700e22317ff4
Requested by: Host: www.flomarching.com
URL: https://www.flomarching.com/polyfills-es2015.2ebf71d0bda85b2f65d1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.44.170 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-44-170.mrs52.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:16 GMT
via: 1.1 70c565ac15f71f0aa26aecd3763d4108.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: MRS52-P1
x-cache: Miss from cloudfront
access-control-allow-origin: https://www.flomarching.com
cache-control: max-age=86087, s-maxage=86400
access-control-allow-credentials: true
x-amz-cf-id: vCEyjOxQdUsI9WV6am7t-g-kZv4C3Gj3LY7vI6pdLt0aZcYh3IIonA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 86ms
86ms XHR
application/javascript 52.84.44.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: www.flomarching.com
URL: https://www.flomarching.com/polyfills-es2015.2ebf71d0bda85b2f65d1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.44.170 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-44-170.mrs52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: UwMoja_wiYmXZ_L.v58hX8_8XzeYFzV9
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
x-amz-cf-pop: MRS52-P1
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 01 Jul 2021 22:05:10 GMT
server: AmazonS3
date: Sat, 14 Aug 2021 00:43:16 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 c06f5d2130689f511352f5187fabf420.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-id: 6F9TpDVvrxs3yo8lPe7qizujcFsOOmbJy2dazhQHAsEKCNLsO4A1yw==

GET
H2 200 rules-p-e8u2ehsCGVQg-.js Show response
rules.quantcount.com/ 28 KB
4 KB 39ms
12ms Script
application/javascript 2600:9000:2104:b200:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-e8u2ehsCGVQg-.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:b200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 91c52f74446960de5f120555da753975d717c24ac3c101c696d3d9aa764ce49c

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:10:21 GMT
content-encoding: gzip
age: 1976
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
last-modified: Wed, 25 Nov 2020 18:21:07 GMT
server: AmazonS3
etag: W/"945563de9259416ef401c38454b00f41"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 7f71f5258c6bbee046a26011fbbfa997.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: dF0mO5zh1elv2I-UqTHrBARlMa7_8tbgKrdaK4GED8TImKqCrGXfVw==

GET
H3-29 200 identity.js Show response
connect.facebook.net/signals/plugins/ 11 KB
5 KB 13ms
13ms Script
application/x-javascript 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.44

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 4673
x-xss-protection: 0
pragma: public
x-fb-debug: ZohYJCVDvc/GslKh4SHYVhedu3M68ejzPpxi9HdhOwFsioWDXymrXTCuzA9WVkUufeXcOlFvNg81SBi1nrkPWA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 14 Aug 2021 00:43:16 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 634980329980573 Show response
connect.facebook.net/signals/config/ 254 KB
72 KB 14ms
13ms Script
application/x-javascript 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/634980329980573?v=2.9.44&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

72f303712229aedd969de04a9bae84be2c9c0f7e22a3387499474df19de0e9c6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 73812
x-xss-protection: 0
pragma: public
x-fb-debug: gOyYP38tBmz/QkAAM7Rmx77BE4S/14zngvxqzeH6tRZaSJkQI7h9/14l0RJyyZZuDY8MBgbB3u/YBvxVwZ6RlA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 14 Aug 2021 00:43:16 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
337 B 57ms
56ms Image
text/plain 65.9.73.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=10037191&ns__t=1628901796070&ns_c=UTF-8&cv=3.5&c8=Marching%20%7C%20News%2C%20Videos%20%26%20Articles%20-%20FloMarching&c7=https%3A%2F%2Fwww.flomarching.com%2F&c9=
Requested by: Host: www.flomarching.com
URL: https://www.flomarching.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.73.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:16 GMT
via: 1.1 e13e8f228afcbd0862f27c6ebd714879.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: lwzUVcRAXLlxnY2i0ZLufJrpQoSOH5Q-wKkwjicFLnrNbtCQ8lu-rA==
x-cache: Miss from cloudfront

GET
H3-29 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
882 B 7ms
7ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:16:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 1602
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
expires: Sat, 14 Aug 2021 01:16:34 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 400ms
133ms Image
image/gif 54.88.105.93
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=flomarching.com&p=%2F&u=BWUp8ZDzIc3MDLUybN&d=flomarching.com&g=27388&g0=Watch&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=2440&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=1166&t=DKr60UCCuhla84IBBEHt9s2D_n&V=128&i=Marching%20%7C%20News%2C%20Videos%20%26%20Articles%20-%20FloMarching&tz=-120&sn=1&sv=9W8QwCTdkT_D-L_AiBBfDEHCmGrx5&sd=1&im=06532c43&_
Requested by: Host: www.flomarching.com
URL: https://www.flomarching.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.88.105.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-88-105-93.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 00:43:16 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 128 KB
50 KB 30ms
29ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-03GX1D5BJ3&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K9PLZBZ&l=dataLayer

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

71108fc3ed6547574504446a633969af8f709d6bc30b75301c43a3ff1d61d6b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:16 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51278
x-xss-protection: 0
expires: Sat, 14 Aug 2021 00:43:16 GMT

GET
H/1.1 200
OK ktag.js Show response
resources.xg4ken.com/js/v2/ 10 KB
4 KB 263ms
62ms Script
text/plain 52.19.154.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://resources.xg4ken.com/js/v2/ktag.js?tid=KT-N2779-404

Requested by

Host: www.flomarching.com
URL: https://www.flomarching.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.19.154.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-154-16.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

6be2d3525ac65706af2673badcb5232afe47ae9e1bf5099948db1f767565b8b7

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 14 Aug 2021 00:43:16 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Jul 2021 07:00:44 GMT
Server: nginx
ETag: "60f7c61c-ef2"
Content-Type: text/plain
Cache-Control: max-age=86400, public
Connection: keep-alive
Content-Length: 3826
X-XSS-Protection: 1; mode=block
Expires: Sun, 15 Aug 2021 00:43:16 GMT

GET
H/1.1 200
OK events.js Show response
tags.srv.stackadapt.com/ 13 KB
5 KB 530ms
136ms Script
text/javascript 52.202.228.151
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/events.js
Requested by: Host: www.flomarching.com
URL: https://www.flomarching.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.202.228.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-202-228-151.compute-1.amazonaws.com
Software: /
Resource Hash: 8938c578cb609a095da3e62c54aa6a8a2b278561bb51eeb98b4dd714181162a8

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 14 Aug 2021 00:43:16 GMT
Content-Encoding: gzip
Cache-Control: max-age=30
Content-Length: 4441
Connection: keep-alive
Content-Type: text/javascript

GET
H2 200 oribi.js Show response
cdn.oribi.io/Xy0xNjk1MDk4Mzg1/ 3 B
299 B 52ms
15ms Script
application/javascript 2600:9000:21f3:3a00:13:c079:7880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.oribi.io/Xy0xNjk1MDk4Mzg1/oribi.js
Requested by: Host: www.flomarching.com
URL: https://www.flomarching.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3a00:13:c079:7880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:42:29 GMT
via: 1.1 56fad5a50ef67bd961b9722ed0931839.cloudfront.net (CloudFront)
age: 47
x-cache: Hit from cloudfront
content-type: application/javascript;charset=UTF-8
cache-control: public, max-age=60
x-amz-cf-pop: FRA2-C2
content-length: 3
x-amz-cf-id: Mkm7pMCrBg-jt2ZQP0uEy4Kg9LT3n8duKYgjaIz0IDojsEpWYnctyg==
x-application-context: application

GET
H/1.1 200
OK up_loader.1.1.3.js Show response
js.adsrvr.org/ 20 KB
6 KB 158ms
53ms Script
application/x-javascript 65.9.78.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.3.js
Requested by: Host: www.flomarching.com
URL: https://www.flomarching.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.78.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6401f2e25898c6034f2b33dead7f4f3d57fa4b23e63b04df6efe1e0df1271131

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 03:19:50 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Sep 2020 15:15:36 GMT
Server: AmazonS3
Age: 77007
ETag: W/"913ff9d578e5dd7822fba7f8626b4851"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: AMS1-C1
X-Amz-Cf-Id: R-wgJBBkzKXfHNIekYAH-M9xjtNIGSaUMHdfG4V-ACQ9nVFoYls15A==

GET
H2 200 bundle.js Show response
4788290a-f608-454f-9b84-d62b35cdcd20.redfastlabs.com/assets/ 221 KB
72 KB 98ms
35ms Script
application/javascript 2600:9000:21f3:1c00:17:5c81:fb80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://4788290a-f608-454f-9b84-d62b35cdcd20.redfastlabs.com/assets/bundle.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K9PLZBZ&l=dataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:1c00:17:5c81:fb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 37498a8e0dc72bfd2ca25db11c1757695609c9a352bf3e05ddb71628dc4b217e

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:33:59 GMT
content-encoding: gzip
age: 558
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-request-id: 1ZVZAYKGY3SWTTBF
x-amz-id-2: nzTk1w3xWy+yi+ZDuDOe7W8Q5PU0ydcQFQCLr+e61uvA6TDHChFQdBvOeaPXtPZRJX8fwFs8N5g=
last-modified: Wed, 28 Jul 2021 21:00:35 GMT
server: AmazonS3
etag: W/"35055793212df02195267694a6c31654"
vary: Origin
content-type: application/javascript
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
cache-control: public, max-age=600
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: gS-O4hShvHB0pJqNCp3humO7ATuIuGc-app55Nul9lKUj1_QJDDcwA==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
466 B 40ms
14ms XHR
text/plain 2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-105225828-24&cid=220365323.1628901796&jid=1099548145&gjid=476210966&_gid=1487550766.1628901796&_u=aGBAgEAjAAAAAE~&z=408937611

Requested by

Host: www.flomarching.com
URL: https://www.flomarching.com/polyfills-es2015.2ebf71d0bda85b2f65d1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 14 Aug 2021 00:43:16 GMT
content-type: text/plain
access-control-allow-origin: https://www.flomarching.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j92&a=245173166&t=pageview&_s=1&dl=https%3A%2F%2Fwww.flomarching.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Watch%20Home&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEAj~&jid=1099548145&gjid=476210966&cid=220365323.1628901796&tid=UA-105225828-24&_gid=1487550766.1628901796&z=844918428

Requested by

Host: www.flomarching.com
URL: https://www.flomarching.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 10:06:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 52618
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j92&a=245173166&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.flomarching.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Watch%20Home&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Watch&ea=Viewed%20Watch%20Page&ev=0&_u=aGBAgEAjAAAAAE~&jid=&gjid=&cid=220365323.1628901796&tid=UA-105225828-24&_gid=1487550766.1628901796&z=201471048

Requested by

Host: www.flomarching.com
URL: https://www.flomarching.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 10:06:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 52618
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j92&a=245173166&t=event&ni=1&_s=3&dl=https%3A%2F%2Fwww.flomarching.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Watch%20Home&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Watch&ea=Viewed%20Watch%20Home%20Page&ev=0&_u=aGBAgEAjAAAAAE~&jid=&gjid=&cid=220365323.1628901796&tid=UA-105225828-24&_gid=1487550766.1628901796&z=1242090511

Requested by

Host: www.flomarching.com
URL: https://www.flomarching.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 10:06:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 52618
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 9ms
8ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j92&a=245173166&t=event&ni=1&_s=4&dl=https%3A%2F%2Fwww.flomarching.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Watch%20Home&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Watch&ea=Experiment%20Viewed&ev=0&_u=aGBAgEAjAAAAAE~&jid=&gjid=&cid=220365323.1628901796&tid=UA-105225828-24&_gid=1487550766.1628901796&z=588454469

Requested by

Host: www.flomarching.com
URL: https://www.flomarching.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 10:06:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 52618
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 9ms
8ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j92&a=245173166&t=event&ni=0&_s=5&dl=https%3A%2F%2Fwww.flomarching.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Watch%20Home&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Watch&ea=Ad%20Viewed&ev=0&_u=aGBAgEAjAAAAAE~&jid=&gjid=&cid=220365323.1628901796&tid=UA-105225828-24&_gid=1487550766.1628901796&z=2133698641

Requested by

Host: www.flomarching.com
URL: https://www.flomarching.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 10:06:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 52618
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 9ms
8ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j92&a=245173166&t=event&ni=0&_s=6&dl=https%3A%2F%2Fwww.flomarching.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Watch%20Home&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Watch&ea=Ad%20Viewed&ev=0&_u=aGBAgEAjAAAAAE~&jid=&gjid=&cid=220365323.1628901796&tid=UA-105225828-24&_gid=1487550766.1628901796&z=852230307

Requested by

Host: www.flomarching.com
URL: https://www.flomarching.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 10:06:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 52618
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel;r=1619133965;labels=2021%20High%20School%20Sports%20Channel%2C2021%20Performing%20Arts%20Channel%2C2021%20LDA-Compliant%20Channel%2CPremium%20Athlete%20Channel;rf=0;a=p-e8u2ehsCGVQg-;url=http...
pixel.quantserve.com/ 35 B
371 B 13ms
10ms Image
image/gif 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1619133965;labels=2021%20High%20School%20Sports%20Channel%2C2021%20Performing%20Arts%20Channel%2C2021%20LDA-Compliant%20Channel%2CPremium%20Athlete%20Channel;rf=0;a=p-e8u2ehsCGVQg-;url=https%3A%2F%2Fwww.flomarching.com%2F;uht=2;fpan=1;fpa=P0-752184933-1628901796149;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=eccc2c00-20210811224039;cm=;gdpr=0;ref=;d=flomarching.com;je=0;sr=1600x1200x24;dst=1;et=1628901796149;tzo=-120;ogl=locale.en_US%2Ctitle.Marching%20%7C%20News%252C%20Videos%20%26%20Articles%20-%20FloMarching%2Cdescription.Marching%20competitions%252C%20videos%252C%20news%252C%20%26%20articles%252E%20Watch%20%26%20stream%20live%20marching%20ev%2Cimage.https%3A%2F%2Fd6fm3yzmawlcs%252Ecloudfront%252Enet%2FogImages%2FMarching-1920x1080%252Ejpg%2Ctype.website%2Curl.https%3A%2F%2Fwww%252Eflomarching%252Ecom

Requested by

Host: www.flomarching.com
URL: https://www.flomarching.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 00:43:16 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 pixel;r=2102978401;event=click;labels=Experiment%20Viewed;rf=0;a=p-e8u2ehsCGVQg-;url=https%3A%2F%2Fwww.flomarching.com%2F;uht=2;fpan=0;fpa=P0-752184933-1628901796149;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=...
pixel.quantserve.com/ 35 B
371 B 12ms
10ms Image
image/gif 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=2102978401;event=click;labels=Experiment%20Viewed;rf=0;a=p-e8u2ehsCGVQg-;url=https%3A%2F%2Fwww.flomarching.com%2F;uht=2;fpan=0;fpa=P0-752184933-1628901796149;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=eccc2c00-20210811224039;cm=;gdpr=0;ref=;d=flomarching.com;je=0;sr=1600x1200x24;dst=1;et=1628901796151;tzo=-120;ogl=locale.en_US%2Ctitle.Marching%20%7C%20News%252C%20Videos%20%26%20Articles%20-%20FloMarching%2Cdescription.Marching%20competitions%252C%20videos%252C%20news%252C%20%26%20articles%252E%20Watch%20%26%20stream%20live%20marching%20ev%2Cimage.https%3A%2F%2Fd6fm3yzmawlcs%252Ecloudfront%252Enet%2FogImages%2FMarching-1920x1080%252Ejpg%2Ctype.website%2Curl.https%3A%2F%2Fwww%252Eflomarching%252Ecom

Requested by

Host: www.flomarching.com
URL: https://www.flomarching.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 00:43:16 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 pixel;r=1496825617;event=click;labels=Ad%20Viewed;rf=0;a=p-e8u2ehsCGVQg-;url=https%3A%2F%2Fwww.flomarching.com%2F;uht=2;fpan=0;fpa=P0-752184933-1628901796149;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=eccc2c00...
pixel.quantserve.com/ 35 B
371 B 13ms
11ms Image
image/gif 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1496825617;event=click;labels=Ad%20Viewed;rf=0;a=p-e8u2ehsCGVQg-;url=https%3A%2F%2Fwww.flomarching.com%2F;uht=2;fpan=0;fpa=P0-752184933-1628901796149;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=eccc2c00-20210811224039;cm=;gdpr=0;ref=;d=flomarching.com;je=0;sr=1600x1200x24;dst=1;et=1628901796153;tzo=-120;ogl=locale.en_US%2Ctitle.Marching%20%7C%20News%252C%20Videos%20%26%20Articles%20-%20FloMarching%2Cdescription.Marching%20competitions%252C%20videos%252C%20news%252C%20%26%20articles%252E%20Watch%20%26%20stream%20live%20marching%20ev%2Cimage.https%3A%2F%2Fd6fm3yzmawlcs%252Ecloudfront%252Enet%2FogImages%2FMarching-1920x1080%252Ejpg%2Ctype.website%2Curl.https%3A%2F%2Fwww%252Eflomarching%252Ecom

Requested by

Host: www.flomarching.com
URL: https://www.flomarching.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 00:43:16 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 pixel;r=1585520373;event=click;labels=Ad%20Viewed;rf=0;a=p-e8u2ehsCGVQg-;url=https%3A%2F%2Fwww.flomarching.com%2F;uht=2;fpan=0;fpa=P0-752184933-1628901796149;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=eccc2c00...
pixel.quantserve.com/ 35 B
371 B 12ms
10ms Image
image/gif 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1585520373;event=click;labels=Ad%20Viewed;rf=0;a=p-e8u2ehsCGVQg-;url=https%3A%2F%2Fwww.flomarching.com%2F;uht=2;fpan=0;fpa=P0-752184933-1628901796149;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=eccc2c00-20210811224039;cm=;gdpr=0;ref=;d=flomarching.com;je=0;sr=1600x1200x24;dst=1;et=1628901796176;tzo=-120;ogl=locale.en_US%2Ctitle.Marching%20%7C%20News%252C%20Videos%20%26%20Articles%20-%20FloMarching%2Cdescription.Marching%20competitions%252C%20videos%252C%20news%252C%20%26%20articles%252E%20Watch%20%26%20stream%20live%20marching%20ev%2Cimage.https%3A%2F%2Fd6fm3yzmawlcs%252Ecloudfront%252Enet%2FogImages%2FMarching-1920x1080%252Ejpg%2Ctype.website%2Curl.https%3A%2F%2Fwww%252Eflomarching%252Ecom

Requested by

Host: www.flomarching.com
URL: https://www.flomarching.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 00:43:16 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=634980329980573&ev=PageView&dl=https%3A%2F%2Fwww.flomarching.com%2F&rl=&if=false&ts=1628901796200&sw=1600&sh=1200&v=2.9.44&r=stable&a=seg&ec=0&o=30&fbp=fb.1.1628901796198.1604526980&it=1628901796066&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Requested by

Host: www.flomarching.com
URL: https://www.flomarching.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:16 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Sat, 14 Aug 2021 00:43:16 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=634980329980573&ev=Experiment%20Viewed&dl=https%3A%2F%2Fwww.flomarching.com%2F&rl=&if=false&ts=1628901796203&cd[browser]=Chrome&cd[component]=HomeComponent&cd[device]=Desktop&cd[page_category]=Home&cd[site_id]=27&cd[subscriber_portal_id]=27&cd[vertical]=flomarching&cd[experimentId]=flo_13616_watch_on_web_v2c&cd[experimentName]=FLO-13616%3A%20Watch%20On%20Web%20V2c&cd[variationId]=0&cd[forced]=false&cd[experimentSource]=Web%20App&cd[nonInteraction]=1&sw=1600&sh=1200&v=2.9.44&r=stable&a=seg&ec=1&o=30&fbp=fb.1.1628901796198.1604526980&it=1628901796066&coo=false&dpo=LDU&dpoco=0&dpost=0&eid=ajs-c7d20e6bc1bac8a2ee2d7b09f3fb60ce&tm=2&rqm=GET

Requested by

Host: www.flomarching.com
URL: https://www.flomarching.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:16 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Sat, 14 Aug 2021 00:43:16 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 9ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=634980329980573&ev=Ad%20Viewed&dl=https%3A%2F%2Fwww.flomarching.com%2F&rl=&if=false&ts=1628901796204&cd[browser]=Chrome&cd[component]=HomeComponent&cd[device]=Desktop&cd[page_category]=Home&cd[site_id]=27&cd[subscriber_portal_id]=27&cd[vertical]=flomarching&cd[name]=Ad%20Viewed&cd[directory]=wow%2F728x90_flex_btf&cd[size]=%5B%5B728%2C90%5D%2C%5B970%2C250%5D%2C%5B970%2C90%5D%5D&sw=1600&sh=1200&v=2.9.44&r=stable&a=seg&ec=2&o=30&fbp=fb.1.1628901796198.1604526980&it=1628901796066&coo=false&dpo=LDU&dpoco=0&dpost=0&eid=ajs-05620ff441c361d52c7ee09ed4855fc1&tm=2&rqm=GET

Requested by

Host: www.flomarching.com
URL: https://www.flomarching.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:16 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Sat, 14 Aug 2021 00:43:16 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 9ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=634980329980573&ev=Ad%20Viewed&dl=https%3A%2F%2Fwww.flomarching.com%2F&rl=&if=false&ts=1628901796205&cd[browser]=Chrome&cd[component]=HomeComponent&cd[device]=Desktop&cd[page_category]=Home&cd[site_id]=27&cd[subscriber_portal_id]=27&cd[vertical]=flomarching&cd[name]=Ad%20Viewed&cd[directory]=wow%2F728x90_flex_1&cd[size]=%5B%5B728%2C90%5D%2C%5B970%2C250%5D%2C%5B970%2C90%5D%5D&sw=1600&sh=1200&v=2.9.44&r=stable&a=seg&ec=3&o=30&fbp=fb.1.1628901796198.1604526980&it=1628901796066&coo=false&dpo=LDU&dpoco=0&dpost=0&eid=ajs-1b260f99580f01744b53cb2c807b5a12&tm=2&rqm=GET

Requested by

Host: www.flomarching.com
URL: https://www.flomarching.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:16 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Sat, 14 Aug 2021 00:43:16 GMT

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 26ms
25ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-105225828-24&cid=220365323.1628901796&jid=1099548145&_u=aGBAgEAjAAAAAE~&z=2116058099

Requested by

Host: www.flomarching.com
URL: https://www.flomarching.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 00:43:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.de/ads/ 42 B
63 B 25ms
24ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-105225828-24&cid=220365323.1628901796&jid=1099548145&_u=aGBAgEAjAAAAAE~&z=2116058099

Requested by

Host: www.flomarching.com
URL: https://www.flomarching.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 00:43:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
373 B 171ms
170ms XHR
text/javascript 52.84.44.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.flomarching.com%2F&pid=89rL4IsDE1MTB&cb=0&ws=1600x1200&v=7.67.00&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F43625987%2Fflomarching.3%2Fwow%2F728x90_flex_btf%22%7D%5D&cfgv=0&pubid=2e897944-3457-4bd4-87d9-700e22317ff4&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: www.flomarching.com
URL: https://www.flomarching.com/polyfills-es2015.2ebf71d0bda85b2f65d1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.44.170 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-44-170.mrs52.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:16 GMT
via: 1.1 70c565ac15f71f0aa26aecd3763d4108.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: MRS52-P1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.flomarching.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: FHAbgX0PJGBGXQ7_jHHTsN4GUj8GoIeebd1_76gALgk9MUmgzlzmgA==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
373 B 169ms
169ms XHR
text/javascript 52.84.44.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.flomarching.com%2F&pid=89rL4IsDE1MTB&cb=1&ws=1600x1200&v=7.67.00&t=2000&slots=%5B%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F43625987%2Fflomarching.3%2Fwow%2F728x90_flex_1%22%7D%5D&cfgv=0&pubid=2e897944-3457-4bd4-87d9-700e22317ff4&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: www.flomarching.com
URL: https://www.flomarching.com/polyfills-es2015.2ebf71d0bda85b2f65d1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.44.170 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-44-170.mrs52.r.cloudfront.net
Software: Server /
Resource Hash: 89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:16 GMT
via: 1.1 70c565ac15f71f0aa26aecd3763d4108.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: MRS52-P1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.flomarching.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: SExU3PuoW67ng7H0B1S7moIQUQpeG8Qm_tg3QnHOXMUSvjSFR7ajaA==

POST
H3-29 204 collect
www.google-analytics.com/g/ 0
17 B 13ms
12ms Ping
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-03GX1D5BJ3&gtm=2oe8b0&_p=245173166&sr=1600x1200&ul=en-us&cid=220365323.1628901796&_s=1&dl=https%3A%2F%2Fwww.flomarching.com%2F&dt=Marching%20%7C%20News%2C%20Videos%20%26%20Articles%20-%20FloMarching&sid=1628901796&sct=1&seg=0&en=page_view&_fv=1&_ss=1&ep.Page%20Name=Home&ep.screen_class=Home
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-03GX1D5BJ3&l=dataLayer&cx=c
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 00:43:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.flomarching.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 / Show response
www.googleadservices.com/pagead/conversion/1030867948/ 2 KB
1 KB 100ms
50ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/1030867948/?random=1628901796271&cv=9&fst=1628901796271&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.flomarching.com%2F&tiba=Marching%20%7C%20News%2C%20Videos%20%26%20Articles%20-%20FloMarching&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

31dc5ab8323d97d4c0afea8a8d1b3d52f3d64e35f70bc7802519f0ee4cc39a6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 00:43:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1072
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 location_blocked.svg Show response
www.flomarching.com/assets/svg/ 663 B
832 B 43ms
43ms XHR
image/svg+xml 151.101.130.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.flomarching.com/assets/svg/location_blocked.svg

Requested by

Host: www.flomarching.com
URL: https://www.flomarching.com/polyfills-es2015.2ebf71d0bda85b2f65d1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1844b83d89f8ad298b8f7496a9d793dee535781736b8e12e886f3acbffd69dcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

:path: /assets/svg/location_blocked.svg
pragma: no-cache
cookie: x-flo-ab=flo_12894_signup_copy_v3-2|flo_12811_ads_on_premium_vods-1|flo_12887_google_social_login_v2-1|flo_12890_testimonials_v2-0|flo_12846_reactivate_button_v3-1|flo_13608_usd_on_bikes-1|flo_13616_watch_on_web_v2c-0|flo_13720_vod_transmit_ads_v2-0|flo_13740_favorites_in_front_of_pay-1|flo_13965_annual_pricing_language-1|flo_13801_athletes_teams_nav-1; ajs_anonymous_id=%224dc50bbe-4b2d-4bf0-92c7-ca28c199db51%22; _dlt=1; _gid=GA1.2.1487550766.1628901796; _cb_ls=1; _cb=BWUp8ZDzIc3MDLUybN; _chartbeat2=.1628901796088.1628901796088.1.9W8QwCTdkT_D-L_AiBBfDEHCmGrx5.1; _cb_svref=null; _gat=1; _fbp=fb.1.1628901796198.1604526980; _ga_03GX1D5BJ3=GS1.1.1628901796.1.0.1628901796.0; _ga=GA1.1.220365323.1628901796; __qca=P0-752184933-1628901796149
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: application/json, text/plain, */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.flomarching.com
referer: https://www.flomarching.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/plain, */*
Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:16 GMT
content-encoding: gzip
age: 14648
x-flo-geo-latitude: 49.030
x-flo-backend-name: 2hYDS6BV39I6TWCBaiN8An--F_gcs_assets
x-flo-geo-gmt-offset: 300
x-flo-geo-conn-speed: broadband
x-flo-info-state: HIT-CLUSTER-cache-hhn4053-HHN
access-control-max-age: 86400
x-flo-geo-longitude: 38.360
x-cache: HIT, HIT
strict-transport-security: max-age=900
content-length: 405
x-flo-geo-postal-code: 93000
x-flo-geo-country-code: UA
expires: Tue, 18 Jan 2022 09:13:24 GMT
last-modified: Wed, 21 Jul 2021 21:35:37 GMT
etag: "c2ee2b95f57a16c03748f642d273a4e2"
x-served-by: cache-mdw17373-MDW, cache-hhn4053-HHN
vary: Accept-Encoding,Origin
access-control-allow-methods: GET,HEAD,OPTIONS,PATCH,PUT,POST,DELETE
x-flo-ff-server-identity: cache-mdw17344-MDW
access-control-expose-headers: Range,Expires,Etag,Cache-Control,Content-Length,Content-Type,Content-Range,Last-Modified,Pragma,x-flo-flags,x-flo-flags-all
cache-control: max-age=0, s-maxage=15552000
access-control-allow-credentials: true
x-cache-tags: (null),All-Content
accept-ranges: bytes
content-type: image/svg+xml
access-control-allow-headers: Range,Expires,Etag,Cache-Control,Content-Length,Content-Type,Content-Range,Authorization,DNT,X-301-Location,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,x-flo-flags,x-flo-flags-all
x-flo-info-state-shield: HIT-CLUSTER-cache-mdw17373-MDW
x-cache-hits: 1, 2

GET
H2 200 location_blocked.svg Show response
www.flomarching.com/assets/svg/ 663 B
518 B 43ms
43ms XHR
image/svg+xml 151.101.130.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.flomarching.com/assets/svg/location_blocked.svg

Requested by

Host: www.flomarching.com
URL: https://www.flomarching.com/polyfills-es2015.2ebf71d0bda85b2f65d1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1844b83d89f8ad298b8f7496a9d793dee535781736b8e12e886f3acbffd69dcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

:path: /assets/svg/location_blocked.svg
pragma: no-cache
cookie: x-flo-ab=flo_12894_signup_copy_v3-2|flo_12811_ads_on_premium_vods-1|flo_12887_google_social_login_v2-1|flo_12890_testimonials_v2-0|flo_12846_reactivate_button_v3-1|flo_13608_usd_on_bikes-1|flo_13616_watch_on_web_v2c-0|flo_13720_vod_transmit_ads_v2-0|flo_13740_favorites_in_front_of_pay-1|flo_13965_annual_pricing_language-1|flo_13801_athletes_teams_nav-1; ajs_anonymous_id=%224dc50bbe-4b2d-4bf0-92c7-ca28c199db51%22; _dlt=1; _gid=GA1.2.1487550766.1628901796; _cb_ls=1; _cb=BWUp8ZDzIc3MDLUybN; _chartbeat2=.1628901796088.1628901796088.1.9W8QwCTdkT_D-L_AiBBfDEHCmGrx5.1; _cb_svref=null; _gat=1; _fbp=fb.1.1628901796198.1604526980; _ga_03GX1D5BJ3=GS1.1.1628901796.1.0.1628901796.0; _ga=GA1.1.220365323.1628901796; __qca=P0-752184933-1628901796149
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: application/json, text/plain, */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.flomarching.com
referer: https://www.flomarching.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/plain, */*
Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:16 GMT
content-encoding: gzip
age: 14648
x-flo-geo-latitude: 49.030
x-flo-backend-name: 2hYDS6BV39I6TWCBaiN8An--F_gcs_assets
x-flo-geo-gmt-offset: 300
x-flo-geo-conn-speed: broadband
x-flo-info-state: HIT-WAIT-cache-hhn4053-HHN
access-control-max-age: 86400
x-flo-geo-longitude: 38.360
x-cache: HIT, HIT
strict-transport-security: max-age=900
content-length: 405
x-flo-geo-postal-code: 93000
x-flo-geo-country-code: UA
expires: Tue, 18 Jan 2022 09:13:24 GMT
last-modified: Wed, 21 Jul 2021 21:35:37 GMT
etag: "c2ee2b95f57a16c03748f642d273a4e2"
x-served-by: cache-mdw17373-MDW, cache-hhn4053-HHN
vary: Accept-Encoding,Origin
access-control-allow-methods: GET,HEAD,OPTIONS,PATCH,PUT,POST,DELETE
x-flo-ff-server-identity: cache-mdw17344-MDW
access-control-expose-headers: Range,Expires,Etag,Cache-Control,Content-Length,Content-Type,Content-Range,Last-Modified,Pragma,x-flo-flags,x-flo-flags-all
cache-control: max-age=0, s-maxage=15552000
access-control-allow-credentials: true
x-cache-tags: (null),All-Content
accept-ranges: bytes
content-type: image/svg+xml
access-control-allow-headers: Range,Expires,Etag,Cache-Control,Content-Length,Content-Type,Content-Range,Authorization,DNT,X-301-Location,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,x-flo-flags,x-flo-flags-all
x-flo-info-state-shield: HIT-CLUSTER-cache-mdw17373-MDW
x-cache-hits: 1, 2

GET
H2 200 location_blocked.svg Show response
www.flomarching.com/assets/svg/ 663 B
484 B 42ms
42ms XHR
image/svg+xml 151.101.130.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.flomarching.com/assets/svg/location_blocked.svg

Requested by

Host: www.flomarching.com
URL: https://www.flomarching.com/polyfills-es2015.2ebf71d0bda85b2f65d1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1844b83d89f8ad298b8f7496a9d793dee535781736b8e12e886f3acbffd69dcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

:path: /assets/svg/location_blocked.svg
pragma: no-cache
cookie: x-flo-ab=flo_12894_signup_copy_v3-2|flo_12811_ads_on_premium_vods-1|flo_12887_google_social_login_v2-1|flo_12890_testimonials_v2-0|flo_12846_reactivate_button_v3-1|flo_13608_usd_on_bikes-1|flo_13616_watch_on_web_v2c-0|flo_13720_vod_transmit_ads_v2-0|flo_13740_favorites_in_front_of_pay-1|flo_13965_annual_pricing_language-1|flo_13801_athletes_teams_nav-1; ajs_anonymous_id=%224dc50bbe-4b2d-4bf0-92c7-ca28c199db51%22; _dlt=1; _gid=GA1.2.1487550766.1628901796; _cb_ls=1; _cb=BWUp8ZDzIc3MDLUybN; _chartbeat2=.1628901796088.1628901796088.1.9W8QwCTdkT_D-L_AiBBfDEHCmGrx5.1; _cb_svref=null; _gat=1; _fbp=fb.1.1628901796198.1604526980; _ga_03GX1D5BJ3=GS1.1.1628901796.1.0.1628901796.0; _ga=GA1.1.220365323.1628901796; __qca=P0-752184933-1628901796149
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: application/json, text/plain, */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.flomarching.com
referer: https://www.flomarching.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/plain, */*
Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:16 GMT
content-encoding: gzip
age: 14648
x-flo-geo-latitude: 49.030
x-flo-backend-name: 2hYDS6BV39I6TWCBaiN8An--F_gcs_assets
x-flo-geo-gmt-offset: 300
x-flo-geo-conn-speed: broadband
x-flo-info-state: HIT-cache-hhn4053-HHN
access-control-max-age: 86400
x-flo-geo-longitude: 38.360
x-cache: HIT, HIT
strict-transport-security: max-age=900
content-length: 405
x-flo-geo-postal-code: 93000
x-flo-geo-country-code: UA
expires: Tue, 18 Jan 2022 09:13:24 GMT
last-modified: Wed, 21 Jul 2021 21:35:37 GMT
etag: "c2ee2b95f57a16c03748f642d273a4e2"
x-served-by: cache-mdw17373-MDW, cache-hhn4053-HHN
vary: Accept-Encoding,Origin
access-control-allow-methods: GET,HEAD,OPTIONS,PATCH,PUT,POST,DELETE
x-flo-ff-server-identity: cache-mdw17344-MDW
access-control-expose-headers: Range,Expires,Etag,Cache-Control,Content-Length,Content-Type,Content-Range,Last-Modified,Pragma,x-flo-flags,x-flo-flags-all
cache-control: max-age=0, s-maxage=15552000
access-control-allow-credentials: true
x-cache-tags: (null),All-Content
accept-ranges: bytes
content-type: image/svg+xml
access-control-allow-headers: Range,Expires,Etag,Cache-Control,Content-Length,Content-Type,Content-Range,Authorization,DNT,X-301-Location,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,x-flo-flags,x-flo-flags-all
x-flo-info-state-shield: HIT-CLUSTER-cache-mdw17373-MDW
x-cache-hits: 1, 3

GET
H2 200 location_blocked.svg Show response
www.flomarching.com/assets/svg/ 663 B
859 B 42ms
42ms XHR
image/svg+xml 151.101.130.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.flomarching.com/assets/svg/location_blocked.svg

Requested by

Host: www.flomarching.com
URL: https://www.flomarching.com/polyfills-es2015.2ebf71d0bda85b2f65d1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1844b83d89f8ad298b8f7496a9d793dee535781736b8e12e886f3acbffd69dcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

:path: /assets/svg/location_blocked.svg
pragma: no-cache
cookie: x-flo-ab=flo_12894_signup_copy_v3-2|flo_12811_ads_on_premium_vods-1|flo_12887_google_social_login_v2-1|flo_12890_testimonials_v2-0|flo_12846_reactivate_button_v3-1|flo_13608_usd_on_bikes-1|flo_13616_watch_on_web_v2c-0|flo_13720_vod_transmit_ads_v2-0|flo_13740_favorites_in_front_of_pay-1|flo_13965_annual_pricing_language-1|flo_13801_athletes_teams_nav-1; ajs_anonymous_id=%224dc50bbe-4b2d-4bf0-92c7-ca28c199db51%22; _dlt=1; _gid=GA1.2.1487550766.1628901796; _cb_ls=1; _cb=BWUp8ZDzIc3MDLUybN; _chartbeat2=.1628901796088.1628901796088.1.9W8QwCTdkT_D-L_AiBBfDEHCmGrx5.1; _cb_svref=null; _gat=1; _fbp=fb.1.1628901796198.1604526980; _ga_03GX1D5BJ3=GS1.1.1628901796.1.0.1628901796.0; _ga=GA1.1.220365323.1628901796; __qca=P0-752184933-1628901796149
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: application/json, text/plain, */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.flomarching.com
referer: https://www.flomarching.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/plain, */*
Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:16 GMT
content-encoding: gzip
age: 14648
x-flo-geo-latitude: 49.030
x-flo-backend-name: 2hYDS6BV39I6TWCBaiN8An--F_gcs_assets
x-flo-geo-gmt-offset: 300
x-flo-geo-conn-speed: broadband
x-flo-info-state: HIT-cache-hhn4053-HHN
access-control-max-age: 86400
x-flo-geo-longitude: 38.360
x-cache: HIT, HIT
strict-transport-security: max-age=900
content-length: 405
x-flo-geo-postal-code: 93000
x-flo-geo-country-code: UA
expires: Tue, 18 Jan 2022 09:13:24 GMT
last-modified: Wed, 21 Jul 2021 21:35:37 GMT
etag: "c2ee2b95f57a16c03748f642d273a4e2"
x-served-by: cache-mdw17373-MDW, cache-hhn4053-HHN
vary: Accept-Encoding,Origin
access-control-allow-methods: GET,HEAD,OPTIONS,PATCH,PUT,POST,DELETE
x-flo-ff-server-identity: cache-mdw17344-MDW
access-control-expose-headers: Range,Expires,Etag,Cache-Control,Content-Length,Content-Type,Content-Range,Last-Modified,Pragma,x-flo-flags,x-flo-flags-all
cache-control: max-age=0, s-maxage=15552000
access-control-allow-credentials: true
x-cache-tags: (null),All-Content
accept-ranges: bytes
content-type: image/svg+xml
access-control-allow-headers: Range,Expires,Etag,Cache-Control,Content-Length,Content-Type,Content-Range,Authorization,DNT,X-301-Location,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,x-flo-flags,x-flo-flags-all
x-flo-info-state-shield: HIT-CLUSTER-cache-mdw17373-MDW
x-cache-hits: 1, 4

GET
H2 200 location_blocked.svg Show response
www.flomarching.com/assets/svg/ 663 B
912 B 42ms
42ms XHR
image/svg+xml 151.101.130.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.flomarching.com/assets/svg/location_blocked.svg

Requested by

Host: www.flomarching.com
URL: https://www.flomarching.com/polyfills-es2015.2ebf71d0bda85b2f65d1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1844b83d89f8ad298b8f7496a9d793dee535781736b8e12e886f3acbffd69dcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

:path: /assets/svg/location_blocked.svg
pragma: no-cache
cookie: x-flo-ab=flo_12894_signup_copy_v3-2|flo_12811_ads_on_premium_vods-1|flo_12887_google_social_login_v2-1|flo_12890_testimonials_v2-0|flo_12846_reactivate_button_v3-1|flo_13608_usd_on_bikes-1|flo_13616_watch_on_web_v2c-0|flo_13720_vod_transmit_ads_v2-0|flo_13740_favorites_in_front_of_pay-1|flo_13965_annual_pricing_language-1|flo_13801_athletes_teams_nav-1; ajs_anonymous_id=%224dc50bbe-4b2d-4bf0-92c7-ca28c199db51%22; _dlt=1; _gid=GA1.2.1487550766.1628901796; _cb_ls=1; _cb=BWUp8ZDzIc3MDLUybN; _chartbeat2=.1628901796088.1628901796088.1.9W8QwCTdkT_D-L_AiBBfDEHCmGrx5.1; _cb_svref=null; _gat=1; _fbp=fb.1.1628901796198.1604526980; _ga_03GX1D5BJ3=GS1.1.1628901796.1.0.1628901796.0; _ga=GA1.1.220365323.1628901796; __qca=P0-752184933-1628901796149
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: application/json, text/plain, */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.flomarching.com
referer: https://www.flomarching.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/plain, */*
Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:16 GMT
content-encoding: gzip
age: 14648
x-flo-geo-latitude: 49.030
x-flo-backend-name: 2hYDS6BV39I6TWCBaiN8An--F_gcs_assets
x-flo-geo-gmt-offset: 300
x-flo-geo-conn-speed: broadband
x-flo-info-state: HIT-cache-hhn4053-HHN
access-control-max-age: 86400
x-flo-geo-longitude: 38.360
x-cache: HIT, HIT
strict-transport-security: max-age=900
content-length: 405
x-flo-geo-postal-code: 93000
x-flo-geo-country-code: UA
expires: Tue, 18 Jan 2022 09:13:24 GMT
last-modified: Wed, 21 Jul 2021 21:35:37 GMT
etag: "c2ee2b95f57a16c03748f642d273a4e2"
x-served-by: cache-mdw17373-MDW, cache-hhn4053-HHN
vary: Accept-Encoding,Origin
access-control-allow-methods: GET,HEAD,OPTIONS,PATCH,PUT,POST,DELETE
x-flo-ff-server-identity: cache-mdw17344-MDW
access-control-expose-headers: Range,Expires,Etag,Cache-Control,Content-Length,Content-Type,Content-Range,Last-Modified,Pragma,x-flo-flags,x-flo-flags-all
cache-control: max-age=0, s-maxage=15552000
access-control-allow-credentials: true
x-cache-tags: (null),All-Content
accept-ranges: bytes
content-type: image/svg+xml
access-control-allow-headers: Range,Expires,Etag,Cache-Control,Content-Length,Content-Type,Content-Range,Authorization,DNT,X-301-Location,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,x-flo-flags,x-flo-flags-all
x-flo-info-state-shield: HIT-CLUSTER-cache-mdw17373-MDW
x-cache-hits: 1, 5

GET
H2 200 location_blocked.svg Show response
www.flomarching.com/assets/svg/ 663 B
502 B 42ms
42ms XHR
image/svg+xml 151.101.130.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.flomarching.com/assets/svg/location_blocked.svg

Requested by

Host: www.flomarching.com
URL: https://www.flomarching.com/polyfills-es2015.2ebf71d0bda85b2f65d1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1844b83d89f8ad298b8f7496a9d793dee535781736b8e12e886f3acbffd69dcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

:path: /assets/svg/location_blocked.svg
pragma: no-cache
cookie: x-flo-ab=flo_12894_signup_copy_v3-2|flo_12811_ads_on_premium_vods-1|flo_12887_google_social_login_v2-1|flo_12890_testimonials_v2-0|flo_12846_reactivate_button_v3-1|flo_13608_usd_on_bikes-1|flo_13616_watch_on_web_v2c-0|flo_13720_vod_transmit_ads_v2-0|flo_13740_favorites_in_front_of_pay-1|flo_13965_annual_pricing_language-1|flo_13801_athletes_teams_nav-1; ajs_anonymous_id=%224dc50bbe-4b2d-4bf0-92c7-ca28c199db51%22; _dlt=1; _gid=GA1.2.1487550766.1628901796; _cb_ls=1; _cb=BWUp8ZDzIc3MDLUybN; _chartbeat2=.1628901796088.1628901796088.1.9W8QwCTdkT_D-L_AiBBfDEHCmGrx5.1; _cb_svref=null; _gat=1; _fbp=fb.1.1628901796198.1604526980; _ga_03GX1D5BJ3=GS1.1.1628901796.1.0.1628901796.0; _ga=GA1.1.220365323.1628901796; __qca=P0-752184933-1628901796149
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: application/json, text/plain, */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.flomarching.com
referer: https://www.flomarching.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/plain, */*
Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:16 GMT
content-encoding: gzip
age: 14648
x-flo-geo-latitude: 49.030
x-flo-backend-name: 2hYDS6BV39I6TWCBaiN8An--F_gcs_assets
x-flo-geo-gmt-offset: 300
x-flo-geo-conn-speed: broadband
x-flo-info-state: HIT-cache-hhn4053-HHN
access-control-max-age: 86400
x-flo-geo-longitude: 38.360
x-cache: HIT, HIT
strict-transport-security: max-age=900
content-length: 405
x-flo-geo-postal-code: 93000
x-flo-geo-country-code: UA
expires: Tue, 18 Jan 2022 09:13:24 GMT
last-modified: Wed, 21 Jul 2021 21:35:37 GMT
etag: "c2ee2b95f57a16c03748f642d273a4e2"
x-served-by: cache-mdw17373-MDW, cache-hhn4053-HHN
vary: Accept-Encoding,Origin
access-control-allow-methods: GET,HEAD,OPTIONS,PATCH,PUT,POST,DELETE
x-flo-ff-server-identity: cache-mdw17344-MDW
access-control-expose-headers: Range,Expires,Etag,Cache-Control,Content-Length,Content-Type,Content-Range,Last-Modified,Pragma,x-flo-flags,x-flo-flags-all
cache-control: max-age=0, s-maxage=15552000
access-control-allow-credentials: true
x-cache-tags: (null),All-Content
accept-ranges: bytes
content-type: image/svg+xml
access-control-allow-headers: Range,Expires,Etag,Cache-Control,Content-Length,Content-Type,Content-Range,Authorization,DNT,X-301-Location,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,x-flo-flags,x-flo-flags-all
x-flo-info-state-shield: HIT-CLUSTER-cache-mdw17373-MDW
x-cache-hits: 1, 6

GET
H2 200 location_blocked.svg Show response
www.flomarching.com/assets/svg/ 663 B
495 B 42ms
42ms XHR
image/svg+xml 151.101.130.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.flomarching.com/assets/svg/location_blocked.svg

Requested by

Host: www.flomarching.com
URL: https://www.flomarching.com/polyfills-es2015.2ebf71d0bda85b2f65d1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1844b83d89f8ad298b8f7496a9d793dee535781736b8e12e886f3acbffd69dcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

:path: /assets/svg/location_blocked.svg
pragma: no-cache
cookie: x-flo-ab=flo_12894_signup_copy_v3-2|flo_12811_ads_on_premium_vods-1|flo_12887_google_social_login_v2-1|flo_12890_testimonials_v2-0|flo_12846_reactivate_button_v3-1|flo_13608_usd_on_bikes-1|flo_13616_watch_on_web_v2c-0|flo_13720_vod_transmit_ads_v2-0|flo_13740_favorites_in_front_of_pay-1|flo_13965_annual_pricing_language-1|flo_13801_athletes_teams_nav-1; ajs_anonymous_id=%224dc50bbe-4b2d-4bf0-92c7-ca28c199db51%22; _dlt=1; _gid=GA1.2.1487550766.1628901796; _cb_ls=1; _cb=BWUp8ZDzIc3MDLUybN; _chartbeat2=.1628901796088.1628901796088.1.9W8QwCTdkT_D-L_AiBBfDEHCmGrx5.1; _cb_svref=null; _gat=1; _fbp=fb.1.1628901796198.1604526980; _ga_03GX1D5BJ3=GS1.1.1628901796.1.0.1628901796.0; _ga=GA1.1.220365323.1628901796; __qca=P0-752184933-1628901796149
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: application/json, text/plain, */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.flomarching.com
referer: https://www.flomarching.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/plain, */*
Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:16 GMT
content-encoding: gzip
age: 14648
x-flo-geo-latitude: 49.030
x-flo-backend-name: 2hYDS6BV39I6TWCBaiN8An--F_gcs_assets
x-flo-geo-gmt-offset: 300
x-flo-geo-conn-speed: broadband
x-flo-info-state: HIT-cache-hhn4053-HHN
access-control-max-age: 86400
x-flo-geo-longitude: 38.360
x-cache: HIT, HIT
strict-transport-security: max-age=900
content-length: 405
x-flo-geo-postal-code: 93000
x-flo-geo-country-code: UA
expires: Tue, 18 Jan 2022 09:13:24 GMT
last-modified: Wed, 21 Jul 2021 21:35:37 GMT
etag: "c2ee2b95f57a16c03748f642d273a4e2"
x-served-by: cache-mdw17373-MDW, cache-hhn4053-HHN
vary: Accept-Encoding,Origin
access-control-allow-methods: GET,HEAD,OPTIONS,PATCH,PUT,POST,DELETE
x-flo-ff-server-identity: cache-mdw17344-MDW
access-control-expose-headers: Range,Expires,Etag,Cache-Control,Content-Length,Content-Type,Content-Range,Last-Modified,Pragma,x-flo-flags,x-flo-flags-all
cache-control: max-age=0, s-maxage=15552000
access-control-allow-credentials: true
x-cache-tags: (null),All-Content
accept-ranges: bytes
content-type: image/svg+xml
access-control-allow-headers: Range,Expires,Etag,Cache-Control,Content-Length,Content-Type,Content-Range,Authorization,DNT,X-301-Location,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,x-flo-flags,x-flo-flags-all
x-flo-info-state-shield: HIT-CLUSTER-cache-mdw17373-MDW
x-cache-hits: 1, 7

GET
H2 200 location_blocked.svg Show response
www.flomarching.com/assets/svg/ 663 B
859 B 42ms
42ms XHR
image/svg+xml 151.101.130.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.flomarching.com/assets/svg/location_blocked.svg

Requested by

Host: www.flomarching.com
URL: https://www.flomarching.com/polyfills-es2015.2ebf71d0bda85b2f65d1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1844b83d89f8ad298b8f7496a9d793dee535781736b8e12e886f3acbffd69dcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

:path: /assets/svg/location_blocked.svg
pragma: no-cache
cookie: x-flo-ab=flo_12894_signup_copy_v3-2|flo_12811_ads_on_premium_vods-1|flo_12887_google_social_login_v2-1|flo_12890_testimonials_v2-0|flo_12846_reactivate_button_v3-1|flo_13608_usd_on_bikes-1|flo_13616_watch_on_web_v2c-0|flo_13720_vod_transmit_ads_v2-0|flo_13740_favorites_in_front_of_pay-1|flo_13965_annual_pricing_language-1|flo_13801_athletes_teams_nav-1; ajs_anonymous_id=%224dc50bbe-4b2d-4bf0-92c7-ca28c199db51%22; _dlt=1; _gid=GA1.2.1487550766.1628901796; _cb_ls=1; _cb=BWUp8ZDzIc3MDLUybN; _chartbeat2=.1628901796088.1628901796088.1.9W8QwCTdkT_D-L_AiBBfDEHCmGrx5.1; _cb_svref=null; _gat=1; _fbp=fb.1.1628901796198.1604526980; _ga_03GX1D5BJ3=GS1.1.1628901796.1.0.1628901796.0; _ga=GA1.1.220365323.1628901796; __qca=P0-752184933-1628901796149
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: application/json, text/plain, */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.flomarching.com
referer: https://www.flomarching.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/plain, */*
Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:16 GMT
content-encoding: gzip
age: 14648
x-flo-geo-latitude: 49.030
x-flo-backend-name: 2hYDS6BV39I6TWCBaiN8An--F_gcs_assets
x-flo-geo-gmt-offset: 300
x-flo-geo-conn-speed: broadband
x-flo-info-state: HIT-cache-hhn4053-HHN
access-control-max-age: 86400
x-flo-geo-longitude: 38.360
x-cache: HIT, HIT
strict-transport-security: max-age=900
content-length: 405
x-flo-geo-postal-code: 93000
x-flo-geo-country-code: UA
expires: Tue, 18 Jan 2022 09:13:24 GMT
last-modified: Wed, 21 Jul 2021 21:35:37 GMT
etag: "c2ee2b95f57a16c03748f642d273a4e2"
x-served-by: cache-mdw17373-MDW, cache-hhn4053-HHN
vary: Accept-Encoding,Origin
access-control-allow-methods: GET,HEAD,OPTIONS,PATCH,PUT,POST,DELETE
x-flo-ff-server-identity: cache-mdw17344-MDW
access-control-expose-headers: Range,Expires,Etag,Cache-Control,Content-Length,Content-Type,Content-Range,Last-Modified,Pragma,x-flo-flags,x-flo-flags-all
cache-control: max-age=0, s-maxage=15552000
access-control-allow-credentials: true
x-cache-tags: (null),All-Content
accept-ranges: bytes
content-type: image/svg+xml
access-control-allow-headers: Range,Expires,Etag,Cache-Control,Content-Length,Content-Type,Content-Range,Authorization,DNT,X-301-Location,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,x-flo-flags,x-flo-flags-all
x-flo-info-state-shield: HIT-CLUSTER-cache-mdw17373-MDW
x-cache-hits: 1, 8

GET
H2 200 location_blocked.svg Show response
www.flomarching.com/assets/svg/ 663 B
912 B 42ms
42ms XHR
image/svg+xml 151.101.130.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.flomarching.com/assets/svg/location_blocked.svg

Requested by

Host: www.flomarching.com
URL: https://www.flomarching.com/polyfills-es2015.2ebf71d0bda85b2f65d1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1844b83d89f8ad298b8f7496a9d793dee535781736b8e12e886f3acbffd69dcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

:path: /assets/svg/location_blocked.svg
pragma: no-cache
cookie: x-flo-ab=flo_12894_signup_copy_v3-2|flo_12811_ads_on_premium_vods-1|flo_12887_google_social_login_v2-1|flo_12890_testimonials_v2-0|flo_12846_reactivate_button_v3-1|flo_13608_usd_on_bikes-1|flo_13616_watch_on_web_v2c-0|flo_13720_vod_transmit_ads_v2-0|flo_13740_favorites_in_front_of_pay-1|flo_13965_annual_pricing_language-1|flo_13801_athletes_teams_nav-1; ajs_anonymous_id=%224dc50bbe-4b2d-4bf0-92c7-ca28c199db51%22; _dlt=1; _gid=GA1.2.1487550766.1628901796; _cb_ls=1; _cb=BWUp8ZDzIc3MDLUybN; _chartbeat2=.1628901796088.1628901796088.1.9W8QwCTdkT_D-L_AiBBfDEHCmGrx5.1; _cb_svref=null; _gat=1; _fbp=fb.1.1628901796198.1604526980; _ga_03GX1D5BJ3=GS1.1.1628901796.1.0.1628901796.0; _ga=GA1.1.220365323.1628901796; __qca=P0-752184933-1628901796149
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: application/json, text/plain, */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.flomarching.com
referer: https://www.flomarching.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/plain, */*
Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:16 GMT
content-encoding: gzip
age: 14648
x-flo-geo-latitude: 49.030
x-flo-backend-name: 2hYDS6BV39I6TWCBaiN8An--F_gcs_assets
x-flo-geo-gmt-offset: 300
x-flo-geo-conn-speed: broadband
x-flo-info-state: HIT-cache-hhn4053-HHN
access-control-max-age: 86400
x-flo-geo-longitude: 38.360
x-cache: HIT, HIT
strict-transport-security: max-age=900
content-length: 405
x-flo-geo-postal-code: 93000
x-flo-geo-country-code: UA
expires: Tue, 18 Jan 2022 09:13:24 GMT
last-modified: Wed, 21 Jul 2021 21:35:37 GMT
etag: "c2ee2b95f57a16c03748f642d273a4e2"
x-served-by: cache-mdw17373-MDW, cache-hhn4053-HHN
vary: Accept-Encoding,Origin
access-control-allow-methods: GET,HEAD,OPTIONS,PATCH,PUT,POST,DELETE
x-flo-ff-server-identity: cache-mdw17344-MDW
access-control-expose-headers: Range,Expires,Etag,Cache-Control,Content-Length,Content-Type,Content-Range,Last-Modified,Pragma,x-flo-flags,x-flo-flags-all
cache-control: max-age=0, s-maxage=15552000
access-control-allow-credentials: true
x-cache-tags: (null),All-Content
accept-ranges: bytes
content-type: image/svg+xml
access-control-allow-headers: Range,Expires,Etag,Cache-Control,Content-Length,Content-Type,Content-Range,Authorization,DNT,X-301-Location,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,x-flo-flags,x-flo-flags-all
x-flo-info-state-shield: HIT-CLUSTER-cache-mdw17373-MDW
x-cache-hits: 1, 9

GET
H2 200 location_blocked.svg Show response
www.flomarching.com/assets/svg/ 663 B
502 B 42ms
42ms XHR
image/svg+xml 151.101.130.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.flomarching.com/assets/svg/location_blocked.svg

Requested by

Host: www.flomarching.com
URL: https://www.flomarching.com/polyfills-es2015.2ebf71d0bda85b2f65d1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1844b83d89f8ad298b8f7496a9d793dee535781736b8e12e886f3acbffd69dcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

:path: /assets/svg/location_blocked.svg
pragma: no-cache
cookie: x-flo-ab=flo_12894_signup_copy_v3-2|flo_12811_ads_on_premium_vods-1|flo_12887_google_social_login_v2-1|flo_12890_testimonials_v2-0|flo_12846_reactivate_button_v3-1|flo_13608_usd_on_bikes-1|flo_13616_watch_on_web_v2c-0|flo_13720_vod_transmit_ads_v2-0|flo_13740_favorites_in_front_of_pay-1|flo_13965_annual_pricing_language-1|flo_13801_athletes_teams_nav-1; ajs_anonymous_id=%224dc50bbe-4b2d-4bf0-92c7-ca28c199db51%22; _dlt=1; _gid=GA1.2.1487550766.1628901796; _cb_ls=1; _cb=BWUp8ZDzIc3MDLUybN; _chartbeat2=.1628901796088.1628901796088.1.9W8QwCTdkT_D-L_AiBBfDEHCmGrx5.1; _cb_svref=null; _gat=1; _fbp=fb.1.1628901796198.1604526980; _ga_03GX1D5BJ3=GS1.1.1628901796.1.0.1628901796.0; _ga=GA1.1.220365323.1628901796; __qca=P0-752184933-1628901796149
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: application/json, text/plain, */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.flomarching.com
referer: https://www.flomarching.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/plain, */*
Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:16 GMT
content-encoding: gzip
age: 14648
x-flo-geo-latitude: 49.030
x-flo-backend-name: 2hYDS6BV39I6TWCBaiN8An--F_gcs_assets
x-flo-geo-gmt-offset: 300
x-flo-geo-conn-speed: broadband
x-flo-info-state: HIT-cache-hhn4053-HHN
access-control-max-age: 86400
x-flo-geo-longitude: 38.360
x-cache: HIT, HIT
strict-transport-security: max-age=900
content-length: 405
x-flo-geo-postal-code: 93000
x-flo-geo-country-code: UA
expires: Tue, 18 Jan 2022 09:13:24 GMT
last-modified: Wed, 21 Jul 2021 21:35:37 GMT
etag: "c2ee2b95f57a16c03748f642d273a4e2"
x-served-by: cache-mdw17373-MDW, cache-hhn4053-HHN
vary: Accept-Encoding,Origin
access-control-allow-methods: GET,HEAD,OPTIONS,PATCH,PUT,POST,DELETE
x-flo-ff-server-identity: cache-mdw17344-MDW
access-control-expose-headers: Range,Expires,Etag,Cache-Control,Content-Length,Content-Type,Content-Range,Last-Modified,Pragma,x-flo-flags,x-flo-flags-all
cache-control: max-age=0, s-maxage=15552000
access-control-allow-credentials: true
x-cache-tags: (null),All-Content
accept-ranges: bytes
content-type: image/svg+xml
access-control-allow-headers: Range,Expires,Etag,Cache-Control,Content-Length,Content-Type,Content-Range,Authorization,DNT,X-301-Location,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,x-flo-flags,x-flo-flags-all
x-flo-info-state-shield: HIT-CLUSTER-cache-mdw17373-MDW
x-cache-hits: 1, 10

GET
H2 200 location_blocked.svg Show response
www.flomarching.com/assets/svg/ 663 B
460 B 57ms
57ms XHR
image/svg+xml 151.101.130.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.flomarching.com/assets/svg/location_blocked.svg

Requested by

Host: www.flomarching.com
URL: https://www.flomarching.com/polyfills-es2015.2ebf71d0bda85b2f65d1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1844b83d89f8ad298b8f7496a9d793dee535781736b8e12e886f3acbffd69dcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

:path: /assets/svg/location_blocked.svg
pragma: no-cache
cookie: x-flo-ab=flo_12894_signup_copy_v3-2|flo_12811_ads_on_premium_vods-1|flo_12887_google_social_login_v2-1|flo_12890_testimonials_v2-0|flo_12846_reactivate_button_v3-1|flo_13608_usd_on_bikes-1|flo_13616_watch_on_web_v2c-0|flo_13720_vod_transmit_ads_v2-0|flo_13740_favorites_in_front_of_pay-1|flo_13965_annual_pricing_language-1|flo_13801_athletes_teams_nav-1; ajs_anonymous_id=%224dc50bbe-4b2d-4bf0-92c7-ca28c199db51%22; _dlt=1; _gid=GA1.2.1487550766.1628901796; _cb_ls=1; _cb=BWUp8ZDzIc3MDLUybN; _chartbeat2=.1628901796088.1628901796088.1.9W8QwCTdkT_D-L_AiBBfDEHCmGrx5.1; _cb_svref=null; _gat=1; _fbp=fb.1.1628901796198.1604526980; _ga_03GX1D5BJ3=GS1.1.1628901796.1.0.1628901796.0; _ga=GA1.1.220365323.1628901796; __qca=P0-752184933-1628901796149
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: application/json, text/plain, */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.flomarching.com
referer: https://www.flomarching.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/plain, */*
Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:16 GMT
content-encoding: gzip
age: 14648
x-flo-geo-latitude: 49.030
x-flo-backend-name: 2hYDS6BV39I6TWCBaiN8An--F_gcs_assets
x-flo-geo-gmt-offset: 300
x-flo-geo-conn-speed: broadband
x-flo-info-state: HIT-cache-hhn4053-HHN
access-control-max-age: 86400
x-flo-geo-longitude: 38.360
x-cache: HIT, HIT
strict-transport-security: max-age=900
content-length: 405
x-flo-geo-postal-code: 93000
x-flo-geo-country-code: UA
expires: Tue, 18 Jan 2022 09:13:24 GMT
last-modified: Wed, 21 Jul 2021 21:35:37 GMT
etag: "c2ee2b95f57a16c03748f642d273a4e2"
x-served-by: cache-mdw17373-MDW, cache-hhn4053-HHN
vary: Accept-Encoding,Origin
access-control-allow-methods: GET,HEAD,OPTIONS,PATCH,PUT,POST,DELETE
x-flo-ff-server-identity: cache-mdw17344-MDW
access-control-expose-headers: Range,Expires,Etag,Cache-Control,Content-Length,Content-Type,Content-Range,Last-Modified,Pragma,x-flo-flags,x-flo-flags-all
cache-control: max-age=0, s-maxage=15552000
access-control-allow-credentials: true
x-cache-tags: (null),All-Content
accept-ranges: bytes
content-type: image/svg+xml
access-control-allow-headers: Range,Expires,Etag,Cache-Control,Content-Length,Content-Type,Content-Range,Authorization,DNT,X-301-Location,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,x-flo-flags,x-flo-flags-all
x-flo-info-state-shield: HIT-CLUSTER-cache-mdw17373-MDW
x-cache-hits: 1, 12

GET
H2 200 location_blocked.svg Show response
www.flomarching.com/assets/svg/ 663 B
495 B 56ms
56ms XHR
image/svg+xml 151.101.130.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.flomarching.com/assets/svg/location_blocked.svg

Requested by

Host: www.flomarching.com
URL: https://www.flomarching.com/polyfills-es2015.2ebf71d0bda85b2f65d1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1844b83d89f8ad298b8f7496a9d793dee535781736b8e12e886f3acbffd69dcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

:path: /assets/svg/location_blocked.svg
pragma: no-cache
cookie: x-flo-ab=flo_12894_signup_copy_v3-2|flo_12811_ads_on_premium_vods-1|flo_12887_google_social_login_v2-1|flo_12890_testimonials_v2-0|flo_12846_reactivate_button_v3-1|flo_13608_usd_on_bikes-1|flo_13616_watch_on_web_v2c-0|flo_13720_vod_transmit_ads_v2-0|flo_13740_favorites_in_front_of_pay-1|flo_13965_annual_pricing_language-1|flo_13801_athletes_teams_nav-1; ajs_anonymous_id=%224dc50bbe-4b2d-4bf0-92c7-ca28c199db51%22; _dlt=1; _gid=GA1.2.1487550766.1628901796; _cb_ls=1; _cb=BWUp8ZDzIc3MDLUybN; _chartbeat2=.1628901796088.1628901796088.1.9W8QwCTdkT_D-L_AiBBfDEHCmGrx5.1; _cb_svref=null; _gat=1; _fbp=fb.1.1628901796198.1604526980; _ga_03GX1D5BJ3=GS1.1.1628901796.1.0.1628901796.0; _ga=GA1.1.220365323.1628901796; __qca=P0-752184933-1628901796149
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: application/json, text/plain, */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.flomarching.com
referer: https://www.flomarching.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/plain, */*
Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:16 GMT
content-encoding: gzip
age: 14648
x-flo-geo-latitude: 49.030
x-flo-backend-name: 2hYDS6BV39I6TWCBaiN8An--F_gcs_assets
x-flo-geo-gmt-offset: 300
x-flo-geo-conn-speed: broadband
x-flo-info-state: HIT-cache-hhn4053-HHN
access-control-max-age: 86400
x-flo-geo-longitude: 38.360
x-cache: HIT, HIT
strict-transport-security: max-age=900
content-length: 405
x-flo-geo-postal-code: 93000
x-flo-geo-country-code: UA
expires: Tue, 18 Jan 2022 09:13:24 GMT
last-modified: Wed, 21 Jul 2021 21:35:37 GMT
etag: "c2ee2b95f57a16c03748f642d273a4e2"
x-served-by: cache-mdw17373-MDW, cache-hhn4053-HHN
vary: Accept-Encoding,Origin
access-control-allow-methods: GET,HEAD,OPTIONS,PATCH,PUT,POST,DELETE
x-flo-ff-server-identity: cache-mdw17344-MDW
access-control-expose-headers: Range,Expires,Etag,Cache-Control,Content-Length,Content-Type,Content-Range,Last-Modified,Pragma,x-flo-flags,x-flo-flags-all
cache-control: max-age=0, s-maxage=15552000
access-control-allow-credentials: true
x-cache-tags: (null),All-Content
accept-ranges: bytes
content-type: image/svg+xml
access-control-allow-headers: Range,Expires,Etag,Cache-Control,Content-Length,Content-Type,Content-Range,Authorization,DNT,X-301-Location,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,x-flo-flags,x-flo-flags-all
x-flo-info-state-shield: HIT-CLUSTER-cache-mdw17373-MDW
x-cache-hits: 1, 12

GET
H3-29

200

/
www.google.de/pagead/1p-conversion/1030867948/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1030867948/?random=2142453225&cv=9&fst=1628901796271&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=...
https://www.google.com/pagead/1p-conversion/1030867948/?random=2142453225&cv=9&fst=1628901796271&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u...
https://www.google.de/pagead/1p-conversion/1030867948/?random=2142453225&cv=9&fst=1628901796271&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_...

42 B
64 B

20ms
20ms

Image
image/gif

2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1030867948/?random=2142453225&cv=9&fst=1628901796271&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.flomarching.com%2F&tiba=Marching%20%7C%20News%2C%20Videos%20%26%20Articles%20-%20FloMarching&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=pBEXYeGQFcaN7_UPm6eWgAg&cid=CAQSKQCNIrLM1mFo3TMnVVm-GlyjggTU6XwP-u5_itNd9O1RxrXNKaeHhGzw&random=3197743848&resp=GooglemKTybQhCsO&ipr=y&ezwbk=AZuM4hCz5oE_7RAntUviigcNhiH8m9x7ic99q10wUsrXsGSZe7gzwRe5YYYFsnYqmUE8DRcVBXnihEy8sxPElcqkGuhz

Requested by

Host: www.flomarching.com
URL: https://www.flomarching.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 00:43:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 14 Aug 2021 00:43:16 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/1030867948/?random=2142453225&cv=9&fst=1628901796271&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.flomarching.com%2F&tiba=Marching%20%7C%20News%2C%20Videos%20%26%20Articles%20-%20FloMarching&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=pBEXYeGQFcaN7_UPm6eWgAg&cid=CAQSKQCNIrLM1mFo3TMnVVm-GlyjggTU6XwP-u5_itNd9O1RxrXNKaeHhGzw&random=3197743848&resp=GooglemKTybQhCsO&ipr=y&ezwbk=AZuM4hCz5oE_7RAntUviigcNhiH8m9x7ic99q10wUsrXsGSZe7gzwRe5YYYFsnYqmUE8DRcVBXnihEy8sxPElcqkGuhz
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 65ms
22ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.flomarching.com%2F&domain=www.flomarching.com&cw=1

Protocol

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.flomarching.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.flomarching.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1392
date: Sat, 14 Aug 2021 00:43:16 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.flomarching.com%2F&domain=www.flomarching.com&cw=1
https://mug.criteo.com/sid?cpp=vzgclHw2NmxaU3lTQlprSXEzajJ4SFFVbVVRV2IwWG5JVU4zS0llM3BWa2ZUVHlKWk9HbVVtaVh2bDRxTjR4S2NudDN1QVgyQUU0WTI3UXloN0k3MlNvd0ZGdEtQMm5SZmZUeEM5ZTR6S0pKdTlLbE5UcUVES1lCMjVLNF...

350 B
609 B

1425ms
59ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=vzgclHw2NmxaU3lTQlprSXEzajJ4SFFVbVVRV2IwWG5JVU4zS0llM3BWa2ZUVHlKWk9HbVVtaVh2bDRxTjR4S2NudDN1QVgyQUU0WTI3UXloN0k3MlNvd0ZGdEtQMm5SZmZUeEM5ZTR6S0pKdTlLbE5UcUVES1lCMjVLNFZVdFc2ZzA4d2NHMk1HUkZycUFXS3M5V3plTW1lN0hoRFM1bjVkcWZnUU5SVFluUDY3ay93OXlORzRhbmowQ3ZHTXlOSDhIOFJyVzVNRTMvTzh2Qk1JbVh0VFhYNjN0ZDFOdmlSazQzZEtuYUd5OFAzNHRFPXw&cppv=2

Requested by

Host: www.flomarching.com
URL: https://www.flomarching.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

f0baed7b640416225f22ce166314bc89ec44cda300fa1d3626dffed70edde7ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sat, 14 Aug 2021 00:43:17 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2079
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sat, 14 Aug 2021 00:43:15 GMT
location: https://mug.criteo.com/sid?cpp=vzgclHw2NmxaU3lTQlprSXEzajJ4SFFVbVVRV2IwWG5JVU4zS0llM3BWa2ZUVHlKWk9HbVVtaVh2bDRxTjR4S2NudDN1QVgyQUU0WTI3UXloN0k3MlNvd0ZGdEtQMm5SZmZUeEM5ZTR6S0pKdTlLbE5UcUVES1lCMjVLNFZVdFc2ZzA4d2NHMk1HUkZycUFXS3M5V3plTW1lN0hoRFM1bjVkcWZnUU5SVFluUDY3ay93OXlORzRhbmowQ3ZHTXlOSDhIOFJyVzVNRTMvTzh2Qk1JbVh0VFhYNjN0ZDFOdmlSazQzZEtuYUd5OFAzNHRFPXw&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.flomarching.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1672
content-length: 482
expires: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
119 B 240ms
142ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by: Host: www.flomarching.com
URL: https://www.flomarching.com/polyfills-es2015.2ebf71d0bda85b2f65d1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.flomarching.com
date: Sat, 14 Aug 2021 00:43:16 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
116 B 171ms
58ms XHR
text/plain 3.126.220.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by: Host: www.flomarching.com
URL: https://www.flomarching.com/polyfills-es2015.2ebf71d0bda85b2f65d1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.126.220.154 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-220-154.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.flomarching.com
date: Sat, 14 Aug 2021 00:43:16 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
496 B 233ms
111ms XHR
application/json 35.156.78.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=4.43.0&referrer=https%3A%2F%2Fwww.flomarching.com%2F&tmax=950

Requested by

Host: www.flomarching.com
URL: https://www.flomarching.com/polyfills-es2015.2ebf71d0bda85b2f65d1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.156.78.196 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-156-78-196.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 00:43:16 GMT
x-auction-status: 12
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin: https://www.flomarching.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
479 B 263ms
140ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969cba017979d2da7ad3b241580050&pos=8a9691de017979d2df2bd3bf001c0087&cmd=bid&eidquantcast.com=P0-752184933-1628901796149&secure=1
Requested by: Host: www.flomarching.com
URL: https://www.flomarching.com/polyfills-es2015.2ebf71d0bda85b2f65d1.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.128 /
Resource Hash: 5ec901495f68ec38ecf49ec132c8ffaeed049bc7865691a539ebd01f074dfa94

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 14 Aug 2021 00:43:16 GMT
Server: ATS/7.1.2.128
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://www.flomarching.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

POST
H2 200 / Show response
ow.pubmatic.com/openrtb/2.5/ 631 B
407 B 207ms
86ms XHR
application/json 185.64.189.116
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://ow.pubmatic.com/openrtb/2.5/
Requested by: Host: www.flomarching.com
URL: https://www.flomarching.com/polyfills-es2015.2ebf71d0bda85b2f65d1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.116 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e522aef7f4a48d6be72e5cd47ace8dfa736df9728c1c4c1af30cf57d869b9df6

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.flomarching.com
date: Sat, 14 Aug 2021 00:43:16 GMT
content-encoding: gzip
access-control-allow-credentials: true
content-length: 284
content-type: application/json

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
856 B 48ms
48ms XHR
application/json 185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.flomarching.com
URL: https://www.flomarching.com/polyfills-es2015.2ebf71d0bda85b2f65d1.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 14 Aug 2021 00:43:16 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 37141fc6-37a6-469e-8d03-714fe638515b
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.flomarching.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 25 B
375 B 135ms
49ms XHR
application/json 184.31.84.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=674503&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2213e3582dcb8d6e1%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.flomarching.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%22quantcastId%22%2C%22pubcid%22%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22143e20b07768edf%22%2C%22ext%22%3A%7B%22siteID%22%3A%22674503%22%2C%22dfp_ad_unit_code%22%3A%22%2F43625987%2Fflomarching.3%2Fwow%2F728x90_flex_btf%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221547bbe73586287%22%2C%22ext%22%3A%7B%22siteID%22%3A%22674503%22%2C%22dfp_ad_unit_code%22%3A%22%2F43625987%2Fflomarching.3%2Fwow%2F728x90_flex_btf%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2216726b9217e1f31%22%2C%22ext%22%3A%7B%22siteID%22%3A%22674503%22%2C%22dfp_ad_unit_code%22%3A%22%2F43625987%2Fflomarching.3%2Fwow%2F728x90_flex_btf%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: www.flomarching.com
URL: https://www.flomarching.com/polyfills-es2015.2ebf71d0bda85b2f65d1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-84-150.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 5752a3425159ff555cb77ed0b34e5727ccf227b3e7f6dc3c4d01d21eb9a158ed

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 00:43:16 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[PL], RC:[], CN:[EU], CIP:[194.99.105.99], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.flomarching.com
x-cs-client-geo: 09
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 45
x-ak-client-geo: 09
expires: Sat, 14 Aug 2021 00:43:16 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 388 B
2 KB 193ms
51ms XHR
application/json 213.19.162.61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10268&site_id=373064&zone_id=2040964&size_id=2&alt_size_ids=55%2C57&eid_pubcid.org=650ec091-9d4b-442d-8ce4-c6cd73a7ac1d%5E1&eid_quantcast.com=P0-752184933-1628901796149%5E1&rf=https%3A%2F%2Fwww.flomarching.com%2F&tg_i.dfp_ad_unit_code=43625987%2Fflomarching.3%2Fwow%2F728x90_flex_btf&tg_i.pbadslot=43625987%2Fflomarching.3%2Fwow%2F728x90_flex_btf&tk_flint=pbjs_lite_v4.43.0&x_source.tid=269ac769-cfa0-48f9-8726-5e9c4dab86e3&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8606314290877513
Requested by: Host: www.flomarching.com
URL: https://www.flomarching.com/polyfills-es2015.2ebf71d0bda85b2f65d1.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.61 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: b2482d7fb3fbb58fa8c029b7237aaacde13628966abbcc74a76a565da23eec40

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 14 Aug 2021 00:43:16 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.flomarching.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 388
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 25 B
375 B 110ms
49ms XHR
application/json 184.31.84.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=674503&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221911b7985ee761a%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.flomarching.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%22quantcastId%22%2C%22pubcid%22%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22203ea7d92e6c1d4%22%2C%22ext%22%3A%7B%22siteID%22%3A%22674503%22%2C%22dfp_ad_unit_code%22%3A%22%2F43625987%2Fflomarching.3%2Fwow%2F728x90_flex_1%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22211d722e64c4f12%22%2C%22ext%22%3A%7B%22siteID%22%3A%22674503%22%2C%22dfp_ad_unit_code%22%3A%22%2F43625987%2Fflomarching.3%2Fwow%2F728x90_flex_1%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22226d3abc9ddeb47%22%2C%22ext%22%3A%7B%22siteID%22%3A%22674503%22%2C%22dfp_ad_unit_code%22%3A%22%2F43625987%2Fflomarching.3%2Fwow%2F728x90_flex_1%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: www.flomarching.com
URL: https://www.flomarching.com/polyfills-es2015.2ebf71d0bda85b2f65d1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-84-150.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8142b23b08d6b668705c31424ce4f71db119128a5b56d29a985cccedf675f66e

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 00:43:16 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[PL], RC:[], CN:[EU], CIP:[194.99.105.99], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.flomarching.com
x-cs-client-geo: 09
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 45
x-ak-client-geo: 09
expires: Sat, 14 Aug 2021 00:43:16 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
856 B 91ms
70ms XHR
application/json 185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.flomarching.com
URL: https://www.flomarching.com/polyfills-es2015.2ebf71d0bda85b2f65d1.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 14 Aug 2021 00:43:16 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: a1a3be94-3228-411c-a1e1-65a2e168ff9e
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.flomarching.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 384 B
2 KB 220ms
51ms XHR
application/json 213.19.162.61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10268&site_id=373064&zone_id=2040964&size_id=2&alt_size_ids=55%2C57&eid_pubcid.org=650ec091-9d4b-442d-8ce4-c6cd73a7ac1d%5E1&eid_quantcast.com=P0-752184933-1628901796149%5E1&rf=https%3A%2F%2Fwww.flomarching.com%2F&tg_i.dfp_ad_unit_code=43625987%2Fflomarching.3%2Fwow%2F728x90_flex_1&tg_i.pbadslot=43625987%2Fflomarching.3%2Fwow%2F728x90_flex_1&tk_flint=pbjs_lite_v4.43.0&x_source.tid=bb8f44d4-a49d-4da4-8495-1570d73d90ae&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.2098233823461353
Requested by: Host: www.flomarching.com
URL: https://www.flomarching.com/polyfills-es2015.2ebf71d0bda85b2f65d1.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.61 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 66e15eee954519921a7153ab235ea09cd92cac7f8beae4eedb1ec4eb26df3458

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 14 Aug 2021 00:43:16 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.flomarching.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 384
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
117 B 136ms
57ms XHR
text/plain 3.126.220.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by: Host: www.flomarching.com
URL: https://www.flomarching.com/polyfills-es2015.2ebf71d0bda85b2f65d1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.126.220.154 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-220-154.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.flomarching.com
date: Sat, 14 Aug 2021 00:43:16 GMT
access-control-allow-credentials: true
vary: Origin

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
479 B 430ms
199ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969cba017979d2da7ad3b241580050&pos=8a9691de017979d2df2bd3bf001c0087&cmd=bid&eidquantcast.com=P0-752184933-1628901796149&secure=1
Requested by: Host: www.flomarching.com
URL: https://www.flomarching.com/polyfills-es2015.2ebf71d0bda85b2f65d1.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.128 /
Resource Hash: c04789a4fbbb25f63ccd19d28273ff5530c60a3e46fb6d78f45dff3459a1ad53

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 14 Aug 2021 00:43:16 GMT
Server: ATS/7.1.2.128
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://www.flomarching.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
63 B 294ms
233ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by: Host: www.flomarching.com
URL: https://www.flomarching.com/polyfills-es2015.2ebf71d0bda85b2f65d1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.flomarching.com
date: Sat, 14 Aug 2021 00:43:14 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 / Show response
ow.pubmatic.com/openrtb/2.5/ 632 B
367 B 250ms
163ms XHR
application/json 185.64.189.116
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://ow.pubmatic.com/openrtb/2.5/
Requested by: Host: www.flomarching.com
URL: https://www.flomarching.com/polyfills-es2015.2ebf71d0bda85b2f65d1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.116 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 10eb0d993f73e9302344725ed4e59deba677c020bc510edad479d057e6f1d05d

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.flomarching.com
date: Sat, 14 Aug 2021 00:43:16 GMT
content-encoding: gzip
access-control-allow-credentials: true
content-length: 286
content-type: application/json

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
496 B 149ms
63ms XHR
application/json 35.156.78.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=4.43.0&referrer=https%3A%2F%2Fwww.flomarching.com%2F&tmax=950

Requested by

Host: www.flomarching.com
URL: https://www.flomarching.com/polyfills-es2015.2ebf71d0bda85b2f65d1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.156.78.196 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-156-78-196.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 00:43:16 GMT
x-auction-status: 12
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin: https://www.flomarching.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 160ms
53ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 763
date: Sat, 14 Aug 2021 00:43:16 GMT
content-encoding: gzip
vary: Accept-Encoding

POST
H2 200 / Show response
ow.pubmatic.com/cookie_sync/ 2 KB
2 KB 51ms
51ms XHR
application/json 185.64.189.116
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://ow.pubmatic.com/cookie_sync/?sec=1
Requested by: Host: www.flomarching.com
URL: https://www.flomarching.com/polyfills-es2015.2ebf71d0bda85b2f65d1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.116 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 1385a1b4e302c35b69c4264a59cfb51244eff272631291e996feb2a7d956f25f

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.flomarching.com
date: Sat, 14 Aug 2021 00:43:16 GMT
access-control-allow-credentials: true
content-type: application/json; charset=utf-8

GET
H/1.1 200
OK sa.css
tags.srv.stackadapt.com/ 82 B
309 B 129ms
129ms Stylesheet
text/css 52.202.228.151
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.css
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.202.228.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-202-228-151.compute-1.amazonaws.com
Software: /
Resource Hash: 1392069733eb4c6d6df8d79771ff6a86d03d5b21ae55296054c370e744864802

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 14 Aug 2021 00:43:16 GMT
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Connection: keep-alive
Content-Length: 82
Content-Type: text/css

GET
H/1.1 200
OK sa.jpeg Show response
tags.srv.stackadapt.com/ 0
881 B 551ms
147ms Fetch
image/jpeg 52.202.228.151
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: www.flomarching.com
URL: https://www.flomarching.com/polyfills-es2015.2ebf71d0bda85b2f65d1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.202.228.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-202-228-151.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 14 Aug 2021 00:43:17 GMT
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Connection: keep-alive
Content-Length: 651
Content-Type: image/jpeg

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=634980329980573&ev=Microdata&dl=https%3A%2F%2Fwww.flomarching.com%2F&rl=&if=false&ts=1628901796702&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Marching%20%7C%20News%2C%20Videos%20%26%20Articles%20-%20FloMarching%22%2C%22meta%3Adescription%22%3A%22Marching%20competitions%2C%20videos%2C%20news%2C%20%26%20articles.%20Watch%20%26%20stream%20live%20marching%20events%20on%20FloMarching.com.%20High%20school%20%26%20professional%20marching%20band%20coverage.%22%7D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Atitle%22%3A%22Marching%20%7C%20News%2C%20Videos%20%26%20Articles%20-%20FloMarching%22%2C%22og%3Adescription%22%3A%22Marching%20competitions%2C%20videos%2C%20news%2C%20%26%20articles.%20Watch%20%26%20stream%20live%20marching%20events%20on%20FloMarching.com.%20High%20school%20%26%20professional%20marching%20band%20coverage.%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fd6fm3yzmawlcs.cloudfront.net%2FogImages%2FMarching-1920x1080.jpg%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.flomarching.com%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.44&r=stable&a=seg&ec=4&o=30&fbp=fb.1.1628901796198.1604526980&it=1628901796066&coo=false&dpo=LDU&dpoco=0&dpost=0&es=automatic&tm=3&rqm=GET

Requested by

Host: www.flomarching.com
URL: https://www.flomarching.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:16 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Sat, 14 Aug 2021 00:43:16 GMT

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 7C13 2 KB
1 KB 191ms
63ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160547/3819/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host: js-sec.indexww.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.flomarching.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.flomarching.com/

Response headers

Server: Apache
Last-Modified: Thu, 11 Feb 2021 16:12:45 GMT
ETag: "e20015-90b-5bb11ca420f07"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1151
Date: Sat, 14 Aug 2021 00:43:16 GMT
Connection: keep-alive

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 3633 52 KB
17 KB 509ms
81ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160547/3819/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.flomarching.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: uuid2=3159346312987195551
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.flomarching.com/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Sun, 15 Aug 2021 00:43:19 GMT
Date: Sat, 14 Aug 2021 00:43:17 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame EF47 2 KB
1 KB 253ms
63ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160547/3819/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host: js-sec.indexww.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.flomarching.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.flomarching.com/

Response headers

Server: Apache
Last-Modified: Thu, 11 Feb 2021 16:12:45 GMT
ETag: "e20015-90b-5bb11ca420f07"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1151
Date: Sat, 14 Aug 2021 00:43:16 GMT
Connection: keep-alive

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 8130 281 B
554 B 3160ms
46ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160547/3819/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.flomarching.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: rsid=1|AIfsdBUH+v3fWCPuzNowDE/csJlhOqmt0nZRUZWfOgh1poCfUm/pXMGaZ9WE5/rIRx3CvDzGDmXGQhinMyiRFxj1oVYGhl0PykR7JZeOex0hvG2vYKQxffShJKG3Nw==; ses2=; vis2=373064^1; khaos=KSB22M9O-23-KUSN; audit=1|naVuGyos1qq+bgT6uiJM5Jqpp78UDnSwKhjxf09oswcR7OB5rEhhEa9R9rS+z1HuFVvvrO0Vl4fggJ3pD4CYmyXv4D0lv28c0A+VO7RH1E0=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.flomarching.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 14 Aug 2021 00:43:19 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 2D93 1 KB
1 KB 1142ms
45ms Document
text/html 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160547/3819/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: 91eb2998154e2d85718ebf126a15dd2bc043c29f1b9af4192e9ed600bab9046b

Request headers

:method: GET
:authority: eb2.3lift.com
:scheme: https
:path: /sync?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.flomarching.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: tluid=12851295919676944657
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.flomarching.com/

Response headers

date: Sat, 14 Aug 2021 00:43:17 GMT
content-type: text/html; charset=utf-8
content-length: 479
set-cookie: sync=CgoIgQIQxt_zkLQvCgoIkQIQxt_zkLQvCgoI4gEQxt_zkLQvCgoIkgIQxt_zkLQvCgoI5gEQxt_zkLQvCgoIhwIQxt_zkLQvCgkIOhDG3_OQtC8KCQgLEMbf85C0LwoJCF8Qxt_zkLQvCgkIHxDG3_OQtC8=; Max-Age=7776000; Expires=Fri, 12 Nov 2021 00:43:17 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=12851295919676944657; Max-Age=7776000; Expires=Fri, 12 Nov 2021 00:43:17 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding: gzip
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame C076 14 KB
5 KB 64ms
64ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160547
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160547/3819/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?kdntuid=1&p=160547
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.flomarching.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KTPCACOOKIE=YES; KADUSERCOOKIE=CC7C6877-2A73-4B10-A400-04B134E1BA52
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.flomarching.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=44009
expires: Sat, 14 Aug 2021 12:56:45 GMT
date: Sat, 14 Aug 2021 00:43:16 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame D660 52 KB
17 KB 597ms
75ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160547/3819/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.flomarching.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: uuid2=3159346312987195551
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.flomarching.com/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Sun, 15 Aug 2021 00:43:19 GMT
Date: Sat, 14 Aug 2021 00:43:17 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 295C 1 KB
1 KB 1139ms
45ms Document
text/html 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160547/3819/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: 91eb2998154e2d85718ebf126a15dd2bc043c29f1b9af4192e9ed600bab9046b

Request headers

:method: GET
:authority: eb2.3lift.com
:scheme: https
:path: /sync?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.flomarching.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: tluid=12851295919676944657
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.flomarching.com/

Response headers

date: Sat, 14 Aug 2021 00:43:17 GMT
content-type: text/html; charset=utf-8
content-length: 479
set-cookie: sync=CgoIgQIQxd_zkLQvCgoIkQIQxd_zkLQvCgoI4gEQxd_zkLQvCgoIkgIQxd_zkLQvCgoI5gEQxd_zkLQvCgoIhwIQxd_zkLQvCgkIOhDF3_OQtC8KCQgLEMXf85C0LwoJCF8Qxd_zkLQvCgkIHxDF3_OQtC8=; Max-Age=7776000; Expires=Fri, 12 Nov 2021 00:43:17 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=12851295919676944657; Max-Age=7776000; Expires=Fri, 12 Nov 2021 00:43:17 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding: gzip
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate

GET
H2 200 prbds2s Show response
rtb.gumgum.com/usync/ Frame D63A 4 KB
2 KB 1185ms
61ms Document
text/html 52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160547/3819/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: c7d3fd3b472734275f5326d71a9bd9f92132a99526af56642ca920c9ad981562

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.flomarching.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.flomarching.com/

Response headers

date: Sat, 14 Aug 2021 00:43:17 GMT
content-type: text/html;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
set-cookie: vst=e_c79a09d6-2be0-4836-95dd-9892fc85b2fc; Domain=.gumgum.com; Expires=Sun, 14-Aug-2022 00:43:17 GMT; Path=/; Secure; SameSite=None
etag: W/"060e0394919b2b917016b57f2d0fa14dd"
timing-allow-origin: *
content-encoding: gzip

GET
H2

200

verify
pbs.publishers.tremorhub.com/pubsync/
Redirect Chain

https://pbs.publishers.tremorhub.com/pubsync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dtelaria%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%5Btvid%5D
https://pbs.publishers.tremorhub.com/pubsync/verify?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dtelaria%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%5Btvid%5D

43 B
182 B

94ms
94ms

Image
image/gif

2600:1f18:612b:4200:3aa:8894:1069:c551
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbs.publishers.tremorhub.com/pubsync/verify?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dtelaria%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%5Btvid%5D
Requested by: Host: www.flomarching.com
URL: https://www.flomarching.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4200:3aa:8894:1069:c551 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:16 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

Redirect headers

location: pubsync/verify?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dtelaria%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%5Btvid%5D
date: Sat, 14 Aug 2021 00:43:16 GMT
server: Apache-Coyote/1.1
content-length: 0
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'

GET
H2

200

setuid
ow.pubmatic.com/
Redirect Chain

https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dsharethrough%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
https://ow.pubmatic.com/setuid?bidder=sharethrough&gdpr=0&gdpr_consent=&uid=f20fb7cd-ab6d-4269-80d0-bf84c44caad4

0
461 B

51ms
51ms

Image
text/plain

185.64.189.116
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ow.pubmatic.com/setuid?bidder=sharethrough&gdpr=0&gdpr_consent=&uid=f20fb7cd-ab6d-4269-80d0-bf84c44caad4
Requested by: Host: www.flomarching.com
URL: https://www.flomarching.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.116 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:24 GMT
content-length: 0

Redirect headers

location: https://ow.pubmatic.com/setuid?bidder=sharethrough&gdpr=0&gdpr_consent=&uid=f20fb7cd-ab6d-4269-80d0-bf84c44caad4
date: Sat, 14 Aug 2021 00:43:24 GMT
content-length: 0

GET
H2 204 current
prebid-match.dotomi.com/match/bounce/ 0
104 B 110ms
64ms Image
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dconversant%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Requested by: Host: www.flomarching.com
URL: https://www.flomarching.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 00:43:16 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 200 integrator.js Show response
adservice.google.pl/adsid/ 107 B
853 B 34ms
14ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.pl/adsid/integrator.js?domain=www.flomarching.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081001.js?31062246

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 14 Aug 2021 00:43:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 34ms
14ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.flomarching.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081001.js?31062246

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 14 Aug 2021 00:43:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 12 KB
7 KB 356ms
356ms XHR
text/plain 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=941306300643587&correlator=1226662952965774&output=ldjh&impl=fif&eid=31062142%2C31062147%2C31062246%2C31062272%2C31062276%2C20211866%2C31062297&vrg=2021081001&ptt=17&sc=1&sfv=1-0-38&ecs=20210814&iu_parts=43625987%2Cflomarching.3%2Cwow%2C728x90_flex_btf&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x250%7C970x90&prev_scp=amznbid%3D2%26amznp%3D2%26ad_position%3D0.3333333333333333%26experiment%3Dwatch_v2_control&eri=1&cust_params=amznbid%3D0%26amznp%3D0&cookie_enabled=1&bc=31&abxe=1&lmt=1628901796&dt=1628901796739&dlt=1628901795311&idt=915&frm=20&biw=1600&bih=1200&oid=3&adxs=437&adys=790&adks=4106546090&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.flomarching.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x90&msz=728x0&ga_vid=220365323.1628901796&ga_sid=1628901797&ga_hid=245173166&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: www.flomarching.com
URL: https://www.flomarching.com/polyfills-es2015.2ebf71d0bda85b2f65d1.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

df60f2af3195129f46caa850374e3d6095424a40f529811ebba7cfeabb7bd3c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7108
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.flomarching.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
a1a4ef964424114d68c538763efe3d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B01F 6 KB
3 KB 48ms
14ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a1a4ef964424114d68c538763efe3d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081001.js?31062246

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: a1a4ef964424114d68c538763efe3d7c.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.flomarching.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.flomarching.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sat, 14 Aug 2021 00:43:16 GMT
expires: Sun, 14 Aug 2022 00:43:16 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 / Show response
ow.pubmatic.com/cookie_sync/ 2 KB
2 KB 52ms
51ms XHR
application/json 185.64.189.116
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://ow.pubmatic.com/cookie_sync/?sec=1
Requested by: Host: www.flomarching.com
URL: https://www.flomarching.com/polyfills-es2015.2ebf71d0bda85b2f65d1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.116 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 1385a1b4e302c35b69c4264a59cfb51244eff272631291e996feb2a7d956f25f

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.flomarching.com
date: Sat, 14 Aug 2021 00:43:16 GMT
access-control-allow-credentials: true
content-type: application/json; charset=utf-8

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame C076 2 KB
3 KB 60ms
60ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=81636960&p=160547&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160547
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0ed8aa0254183d470b8cdb2af9390b8a3c665c2df20781c751ee0e4035c36168

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:15 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 match Show response
c1.adform.net/serving/cookie/ Frame 4970 35 B
467 B 45ms
45ms Document
image/gif 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?party=14&cid=CC7C6877-2A73-4B10-A400-04B134E1BA52

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160547

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: c1.adform.net
:scheme: https
:path: /serving/cookie/match?party=14&cid=CC7C6877-2A73-4B10-A400-04B134E1BA52
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: uid=5113922427259333072
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Sat, 14 Aug 2021 00:43:16 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
set-cookie: uid=5113922427259333072; expires=Wed, 13 Oct 2021 00:43:16 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 pubmatic Show response
d5p.de17a.com/getuid/ Frame 75C1 35 B
134 B 158ms
51ms Document
image/gif 213.155.156.168
TELIANET Telia Ca...

General

Check archive.org

Show headers Download Go to

Full URL: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160547
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 213.155.156.168 Uppsala, Sweden, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS: 213-155-156-168.teliacarrier-cust.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

:method: GET
:authority: d5p.de17a.com
:scheme: https
:path: /getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

content-length: 35
content-type: image/gif
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 451D 43 B
338 B 434ms
61ms Document
image/gif 178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160547
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method: GET
:authority: dis.criteo.com
:scheme: https
:path: /dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache
pragma: no-cache
content-type: image/gif
expires: Sat, 14 Aug 2021 00:00:00 GMT
server: Microsoft-IIS/10.0
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1793
date: Sat, 14 Aug 2021 00:43:16 GMT
content-length: 43

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C076
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=zHxodypzSxCkAASxNOG6Ug%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

14 KB
14 KB

64ms
64ms

Image
text/html

2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160547
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:21 GMT
content-encoding: gzip
last-modified: Tue, 15 Jun 2021 06:08:03 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3945-5c4c7cc02bd56"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=44004
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 5054
expires: Sat, 14 Aug 2021 12:56:45 GMT

Redirect headers

pragma: no-cache
date: Sat, 14 Aug 2021 00:43:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame C076
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=aa816117-11a5-4200-82a0-e8a7a151ef16

0
260 B

152ms
49ms

Image
text/plain

185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=aa816117-11a5-4200-82a0-e8a7a151ef16
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160547
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:16 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Sat, 14 Aug 2021 00:45:33 GMT
Server: MT3 3831 a91c15f master cdg-pixel-x15
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=aa816117-11a5-4200-82a0-e8a7a151ef16
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 14 Aug 2021 00:45:32 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame C076
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=CC7C6877-2A73-4B10-A400-04B134E1BA52
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=12a0fe6dfd125e94053a5f5041fe2a5
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
https://pixel.onaudience.com/?partner=147&mapped=b35d41fb-cdbb-462e-bed1-2d379e31cbab&icm
https://spl.zeotap.com/?zdid=1332&zcluid=4c4bc5e88a45b1c9
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=ab152c93-1eb8-474e-4dd6-3876e3c50f91&reqId=8e0dc1eb-b0d2-494e-657e-c854cc01cfc7&zclui...
https://mwzeom.zeotap.com/mw?google_gid=CAESEE21YqvblIEjBlCO5ywSPLM&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=ab152c93-1eb8-474e-4dd6-3876e3c50f91&reqId=8e0dc1eb-b0d2-494e-657e-c85...

95 B
187 B

24ms
21ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESEE21YqvblIEjBlCO5ywSPLM&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=ab152c93-1eb8-474e-4dd6-3876e3c50f91&reqId=8e0dc1eb-b0d2-494e-657e-c854cc01cfc7&zcluid=4c4bc5e88a45b1c9&zdid=1332
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160547
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:21 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 67e62603e9c51772-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Sat, 14 Aug 2021 00:43:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEE21YqvblIEjBlCO5ywSPLM&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=ab152c93-1eb8-474e-4dd6-3876e3c50f91&reqId=8e0dc1eb-b0d2-494e-657e-c854cc01cfc7&zcluid=4c4bc5e88a45b1c9&zdid=1332
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 469
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame C076
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Q0M3QzY4NzctMkE3My00QjEwLUE0MDAtMDRCMTM0RTFCQTUy&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
186 B

52ms
51ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160547
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:21 GMT
cache-control: no-store, no-cache, private
x-lat: amspug002:0:396
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sat, 14 Aug 2021 00:43:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame C076
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEC9fyT-FYmboZaKglTPX0wo&google_cver=1

42 B
438 B

52ms
51ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEC9fyT-FYmboZaKglTPX0wo&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160547
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:19 GMT
cache-control: no-store, no-cache, private
x-lat: amspug001:0:418
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sat, 14 Aug 2021 00:43:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEC9fyT-FYmboZaKglTPX0wo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame C076 43 B
611 B 7275ms
81ms Image
image/gif 159.253.128.188
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160547

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

bc.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:24 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Fri, 13 Aug 2021 00:43:24 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame C076
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5113922427259333072

42 B
233 B

309ms
69ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5113922427259333072
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160547
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:17 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug009:0:404
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sat, 14 Aug 2021 00:43:16 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5113922427259333072
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame C076
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:8bda6117-11a5-4100-9c32-67585b21793c&gdpr=0&gdpr_consent=

42 B
339 B

64ms
63ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:8bda6117-11a5-4100-9c32-67585b21793c&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160547
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:17 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug016:0:302
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Sat, 14 Aug 2021 00:45:33 GMT
Server: MT3 3831 a91c15f master cdg-pixel-x27
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:8bda6117-11a5-4100-9c32-67585b21793c&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 14 Aug 2021 00:45:32 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame C076
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b35d41fb-cdbb-462e-bed1-2d379e31cbab

42 B
603 B

227ms
69ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b35d41fb-cdbb-462e-bed1-2d379e31cbab
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160547
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:17 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug010:0:414
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sat, 14 Aug 2021 00:43:16 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b35d41fb-cdbb-462e-bed1-2d379e31cbab
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame C076
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3159346312987195551&gdpr=0&gdpr_consent=

42 B
520 B

406ms
52ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3159346312987195551&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160547
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:16 GMT
cache-control: no-store, no-cache, private
x-lat: amspug008:0:422
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Sat, 14 Aug 2021 00:43:16 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 71c7181f-299c-449a-ae44-e68ee2a4faeb
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3159346312987195551&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 CC7C6877-2A73-4B10-A400-04B134E1BA52
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame C076 43 B
923 B 103ms
34ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/CC7C6877-2A73-4B10-A400-04B134E1BA52?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160547

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:16 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame 6D73 2 KB
3 KB 73ms
73ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.flomarching.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 2ccd8fcc4e2192f8357210525c1ebcc55343bc710c87e7dc5c198e540b4d3203

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://js-sec.indexww.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMID=YRcRo0fgEjsXzRMc5XLtngAA; CMPS=1155; CMPRO=1105; CMST=YRcRo2EXEaMA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 45|39|241|230|191|47|3|40
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1881
Expires: Sat, 14 Aug 2021 00:43:16 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 14 Aug 2021 00:43:16 GMT
Connection: keep-alive
Set-Cookie: CMID=YRcRo0fgEjsXzRMc5XLtngAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 14 Aug 2022 00:43:16 GMT CMPS=1155;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 12 Nov 2021 00:43:16 GMT CMPRO=1105;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 12 Nov 2021 00:43:16 GMT CMST=YRcRo2EXEaQA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 15 Aug 2021 00:43:16 GMT CMRUM3=bf611711a405a0&03611711a405a0&28611711a405a00&27611711a40b40&2f611711a405a0&f1611711a405a0&2d611711a405a0&e6611711a42760;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 14 Aug 2022 00:43:16 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.pl/adsid/ 107 B
122 B 29ms
16ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.pl/adsid/integrator.js?domain=www.flomarching.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081001.js?31062246

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 14 Aug 2021 00:43:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 29ms
15ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.flomarching.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081001.js?31062246

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 14 Aug 2021 00:43:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 25 KB
11 KB 427ms
426ms XHR
text/plain 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=941306300643587&correlator=1226662952965774&output=ldjh&impl=fif&eid=31062142%2C31062147%2C31062246%2C31062272%2C31062276%2C20211866%2C31062297&vrg=2021081001&ptt=17&sc=1&sfv=1-0-38&ecs=20210814&iu_parts=43625987%2Cflomarching.3%2Cwow%2C728x90_flex_1&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x250%7C970x90&prev_scp=amznbid%3D2%26amznp%3D2%26experiment%3Dwatch_v2_control&eri=1&cust_params=amznbid%3D0%26amznp%3D0&cookie_enabled=1&bc=31&abxe=1&lmt=1628901796&dt=1628901796918&dlt=1628901795311&idt=915&frm=20&biw=1600&bih=1200&oid=3&adxs=437&adys=84&adks=3163323242&ucis=2&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.flomarching.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x90&msz=728x0&ga_vid=220365323.1628901796&ga_sid=1628901797&ga_hid=245173166&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: www.flomarching.com
URL: https://www.flomarching.com/polyfills-es2015.2ebf71d0bda85b2f65d1.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ffcedaf21dc62b75ab720ed6ddef08aa642408c244f3c34759549115e8cffa4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:17 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10794
x-xss-protection: 0
google-lineitem-id: 5376321350
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138311985612
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.flomarching.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 container.html Show response
a1a4ef964424114d68c538763efe3d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 450D 6 KB
3 KB 20ms
7ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a1a4ef964424114d68c538763efe3d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081001.js?31062246

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: a1a4ef964424114d68c538763efe3d7c.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.flomarching.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.flomarching.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sat, 14 Aug 2021 00:43:16 GMT
expires: Sun, 14 Aug 2022 00:43:16 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
28 KB 40ms
20ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081001.js?31062246

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7761979199bf20d25fe4726392f9e6c268295e5d179b2bb5a683cb10fb6ad0d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:17 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628854342869989"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27733
x-xss-protection: 0
expires: Sat, 14 Aug 2021 00:43:17 GMT

GET
H/1.1 200
OK Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame 2D7B 2 KB
3 KB 75ms
73ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.flomarching.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 4121372dac2d72f2debea8d91e375c525cb66249dd1812aa1f67ddf999c17c05

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://js-sec.indexww.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMID=YRcRo0fgEjsXzRMc5XLtngAA; CMPS=1155; CMPRO=1105; CMST=YRcRo2EXEaQA; CMRUM3=bf611711a405a0&03611711a405a0&28611711a405a00&27611711a40b40&2f611711a405a0&f1611711a405a0&2d611711a405a0&e6611711a42760
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 46|73|4|206|8|45|51|190
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1560
Expires: Sat, 14 Aug 2021 00:43:17 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 14 Aug 2021 00:43:17 GMT
Connection: keep-alive
Set-Cookie: CMID=YRcRo0fgEjsXzRMc5XLtngAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 14 Aug 2022 00:43:17 GMT CMPS=1155;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 12 Nov 2021 00:43:17 GMT CMPRO=1105;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 12 Nov 2021 00:43:17 GMT CMRUM3=08611711a505a00&ce611711a505a0&e6611711a42760&2f611711a405a0&33611711a505a0&be611711a505a0&2e611711a505a0&f1611711a405a0&2d611711a505a0&49611711a505a0&28611711a405a00&27611711a40b40&04611711a505a0&bf611711a405a0&03611711a405a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 14 Aug 2022 00:43:17 GMT CMST=YRcRo2EXEaUA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 15 Aug 2021 00:43:17 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 6D73
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YRcRo0fgEjsXzRMc5XLtngAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEtSTl_anYXWibW1858IzYo&google_cver=1

43 B
1 KB

86ms
86ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEtSTl_anYXWibW1858IzYo&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.flomarching.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Aug 2021 00:43:21 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 14 Aug 2021 00:43:21 GMT

Redirect headers

pragma: no-cache
date: Sat, 14 Aug 2021 00:43:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEtSTl_anYXWibW1858IzYo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 6D73 70 B
264 B 66ms
64ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YRcRo0fgEjsXzRMc5XLtngAA&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.flomarching.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 00:43:17 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 6D73
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YRcRo0fgEjsXzRMc5XLtngAABFEAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YRcRo0fgEjsXzRMc5XLtngAABFEAAAIB&dcc=t

43 B
645 B

142ms
142ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YRcRo0fgEjsXzRMc5XLtngAABFEAAAIB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.flomarching.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Aug 2021 00:43:17 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 510SB4Q93BES2C7T4EKT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 14 Aug 2021 00:43:17 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 9C4WF5MFTNVSCT5ESFKT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YRcRo0fgEjsXzRMc5XLtngAABFEAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 6D73
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YRcRo0fgEjsXzRMc5XLtngAABFEAAAIB&gdpr_consent=&us_privacy=&gdpr=1
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEClIYg9pMJHIAgiiJ7GTnzE&google_cver=1

43 B
315 B

93ms
92ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEClIYg9pMJHIAgiiJ7GTnzE&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.flomarching.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Aug 2021 00:43:21 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Sat, 14 Aug 2021 00:43:21 GMT

Redirect headers

pragma: no-cache
date: Sat, 14 Aug 2021 00:43:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEClIYg9pMJHIAgiiJ7GTnzE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 index
dmp.brand-display.com/cm/api/ Frame 6D73 43 B
253 B 7566ms
178ms Image
image/gif 35.241.40.233
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.flomarching.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.40.233 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 233.40.241.35.bc.googleusercontent.com
Software: nginx/1.21.1 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 00:43:24 GMT
via: 1.1 google
last-modified: Sat, 14 Aug 2021 00:43:24 GMT
server: nginx/1.21.1
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc: clear
content-length: 43
expires: Sat, 14 Aug 2021 00:43:25 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 6D73
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=lSlqFtNj1MeHLK5&gdpr=1

43 B
1 KB

577ms
576ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=lSlqFtNj1MeHLK5&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.flomarching.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Aug 2021 00:43:24 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 14 Aug 2021 00:43:24 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 14 Aug 2021 00:43:23 GMT
Server: PingMatch/v2.0.30-661-ga8ef792#rel-ec2-master i-08f8fc1eb6758b8c0@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=604800; includeSubDomains
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=lSlqFtNj1MeHLK5&gdpr=1
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 6D73
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=1b196117-11a5-4100-8be9-6cf9afe2cb88&gdpr=1&gdpr_consent=

43 B
1 KB

370ms
65ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=1b196117-11a5-4100-8be9-6cf9afe2cb88&gdpr=1&gdpr_consent=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.flomarching.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Aug 2021 00:43:17 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 14 Aug 2021 00:43:17 GMT

Redirect headers

Date: Sat, 14 Aug 2021 00:45:33 GMT
Server: MT3 3831 a91c15f master cdg-pixel-x26
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=1b196117-11a5-4100-8be9-6cf9afe2cb88&gdpr=1&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 14 Aug 2021 00:45:32 GMT

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame 6D73 43 B
425 B 66ms
64ms Image
image/gif 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YRcRo0fgEjsXzRMc5XLtngAA%261105
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.flomarching.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 14 Aug 2021 00:43:17 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "da1f1d-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=2314
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 14 Aug 2021 01:21:51 GMT

GET
H2

200

cs&eq_cc=1 Show response
um2.eqads.com/um/ Frame 89D4
Redirect Chain

https://um2.eqads.com/um/cs
https://um2.eqads.com/um/cs&eq_cc=1

186 B
370 B

134ms
134ms

Document
text/html

18.233.75.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://um2.eqads.com/um/cs&eq_cc=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.flomarching.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.233.75.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-233-75-25.compute-1.amazonaws.com
Software: /
Resource Hash: a900d6393129a670d397bbaa2a15ec0cbfda01b22d9bacb4ce2d1f4bf6c77ca2

Request headers

:method: GET
:authority: um2.eqads.com
:scheme: https
:path: /um/cs&eq_cc=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ssum-sec.casalemedia.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: EQUser=UID=3d274556-8be1-465a-a6f9-5475012866c8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ssum-sec.casalemedia.com/

Response headers

date: Sat, 14 Aug 2021 00:43:24 GMT
content-type: text/html; charset=utf-8
content-length: 186
cache-control: no-cache, must-revalidate
expires: Sat, 6 May 1995 12:00:00 GMT
last-modified: Sat, 14 Aug 2021 00:43:24 GMT
pragma: no-cache

Redirect headers

date: Sat, 14 Aug 2021 00:43:24 GMT
content-type: text/html; charset=utf-8
content-length: 41
location: /um/cs&eq_cc=1
set-cookie: EQUser=UID=3d274556-8be1-465a-a6f9-5475012866c8; Path=/; Domain=eqads.com; Expires=Sun, 14 Nov 2021 00:43:24 GMT; Secure; SameSite=None

GET
H/1.1 200
OK saq_pxl Show response
tags.srv.stackadapt.com/ 138 B
446 B 130ms
129ms XHR
text/plain 52.202.228.151
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=ajbLiasE6AJqVblU_xKC6Q&is_js=true&landing_url=https%3A%2F%2Fwww.flomarching.com%2F&t=Marching%20%7C%20News%2C%20Videos%20%26%20Articles%20-%20FloMarching&host=https://www.flomarching.com
Requested by: Host: www.flomarching.com
URL: https://www.flomarching.com/polyfills-es2015.2ebf71d0bda85b2f65d1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.202.228.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-202-228-151.compute-1.amazonaws.com
Software: /
Resource Hash: 89333ea77c09ad38607e6ea817a20f0cd3eed25e6f992a2c710c7514084656db

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 14 Aug 2021 00:43:17 GMT
Access-Control-Allow-Methods: GET
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://www.flomarching.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 138

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame FA71 0
16 B 17ms
16ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNzg5AEQ9ePxARia6NyvATAB&v=APEucNXDUKkmrJEVjY01_ih8XyV0WQvw_FSRyAl9QHHGflCtga7bxavcFIUv74aEBeymku5mIWoU5_yaYo7zpeXjbW18_cgqSw

Requested by

Host: a1a4ef964424114d68c538763efe3d7c.safeframe.googlesyndication.com
URL: https://a1a4ef964424114d68c538763efe3d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CNzg5AEQ9ePxARia6NyvATAB&v=APEucNXDUKkmrJEVjY01_ih8XyV0WQvw_FSRyAl9QHHGflCtga7bxavcFIUv74aEBeymku5mIWoU5_yaYo7zpeXjbW18_cgqSw
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://a1a4ef964424114d68c538763efe3d7c.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkAw7YJ52ZHKI0J8mWXlmlsy3DpJkIVQkYkWkgVxP0WkUTDnhBoD0U9NpmJ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://a1a4ef964424114d68c538763efe3d7c.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 14 Aug 2021 00:43:17 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 450D 45 KB
22 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D5_IumvdeX-NVEYqCCQuBCzaHXMPZFadlMYOzDeyvxuhAmgvN8In3UNn4QyjPNku9AVhiNVbyU_Kd5W30Ugbf1waqehSfm7tsf0hASdb8BNrE_5L4qrDt2j5rhWfBfe_Zo0R-dj_ZFwDOt2pZuZk7nuVOXtQ&dbm_d=AKAmf-Dkort2gFshAEfHPoqGgUXvSMmBHLJc2FtUdV2eeiS-etIavDCbD_DJOsMuglQyvYwEs-CJlO6XTFtm-hLO0Sxv0eYvgqPKuQTnnhnVpRVPqzE75esLXqndcJOsjOX3jMlJ01B8wM9mNhOuuKqvm0Gzbo5dsdarUZ0Qcq-j7nWI3Lirz8k2A3vMjuFkLPuICiqOkMWCkMPMbYD9rxgJ9LBTkcfySuU-ThoWOGs8kRLG3JdtmozCTpZYM4KAcRNdiYeJTRp_BQrd-APNK79sRBgPvMeP4dZvQh_Mbbz5DqUgKB3TUZSpamogky_uqQDUQS6JdY7Dz-BlE6R4WRl2and3RJzqyG7i-rwiq8T9EoO-y5dVFj0REl1_OIgmFhljgw4TFYcPAXYZSVkJlaVuzP45YD123miSKyf4LRmOWnpikviDZGw4dINX82MZ2zZg55b7kUTNK2VAhKJGpDqLjZqESh40VYjaCGOZ9opb5HXSeDUzlsRxheIs1qd3esaBCiW1V8erKYvYg1Do8WdRoiFnxgvYUOLjKbpClWUOpLZFracYVGSrCUHYpLjV66RtV5zAdzWQ7uD3WbKZ66Snlz0H_O6JhImxGuKbgTniPkiec7Lx_L9KM2vU9azLxW6oOoTtEwZ7EOKWyQsaWkZ53GudiokEx_xhejl0JBPDT8axcxmmfpTYeyvwDdgKUEHo5apDS0yBnETAvcX3euVlkyRIP84PTsv_D0YdA8rbJDJ1Su3dxkuFwGAzZKY1uV6qllN7LcVKUhh-3juy79MRWs-gHHCyWtKS92tLUsA1ZYc7XxNznzItJCopoyMg3tk6w0OrAOeQ8bYuj7fYa07s56CQ0aCRAKN5yDgo7Z5-wKcV5821qSPFsyWps4x405rtM2fjwMWrcgGVWcRAmR9375g2s5FloMJps44ynyOMSit_9jeNDwRHY5GGMcqbfBhy6Mic24N4hOt3V3xntkePw4E9acrDtFLXCwrqtYyEgGfbN7weCWc0_b_lnAGkvKBtDcuOyJ9fLrwR2zMLXAVd0MvNQTrciQQ0ugWgvnvzmRV1TmGqR15ylQ2BG5trBl98QIlpLdbvMTafWpJ_-zcASvl9r1J6YwkgSj-r9poF8T5Pe-z654g7fkDI46XaSsHvE7GIKflKmWPYeYmkXMbiAWHBSl7lXFC5jhsG_zm4lhCa1_c-m1GaIH1W3ZRHs3r5EvFYZP-QrDSBmFH9WAGVBX-Y0xAv_c3URncTqnLKcmzFRPSKulbPXqg_YRfnscxzxw6N8cl8ANh6VjU5V8HC0_-2FgCpLTrt_WGAwL5cJzmWhczHZwE60UoC6f4Nv0XcUq37IMS7yGmOgACjdmH6ZhlmUYIe5A2iR7ALHXnUj08cF_ix0rFacJAO6h71TqEOuLQD6-5j5j1FPlbZyawg0UtiUyyq7eeV__flPHsPYePKtOyjH92Y4_RWWu4l9VDNqC2jeQ8r7bDoJ1tHuxGBWuf9A4zqwm4Gt1yNk9IDhX6S6SGc0ifLfzHPFNCOn-ZL-dt--oxv1nshFeDP2bAZpBTN_9qbQSYMPSuYler0xt__K4PLph9iPMUtysFMl3GhJ7565BmMEnTQRHFbiXkUhTH0qESOz9mEUsy7IcOQyssifd5y98jD7tNAUj4LcQmmxlfQ7agPBnOqCHjz7yEGU2ffUEUgjXuDmHEbKVK0-hF5vIPI-c0JnIMxw7fCxV3PDfJt3xB4EgyeORduYgPQ3W7EDCxQFpLi-HfWl0dDeME60qnkjlTd4vMYRmsKfflkUjDgPCcTef1IztZ9P5ZRfLx9CNVNlZ0JqzkVse7PKoOL0Y4Fh1aVfU9U2jNE5qf7TwRiE3fVSHUUChoCZqBiIgDAV7aytka_9-gkfV24WSe9fxcQkfebafVsc4haOMVB537zYtsA0RuSjsSYa6IyjlHrtLJV81gT3RFkZJzZJqOv18kDgY8WrljBbB-m6kVq__EPAf9rUlmbhH73w4l0WHFFiLegajTZWdHd534i7Bhi3M7Jlc5SEn6slD38SZiRMBtAmn_l839fmvJCgeWM3jIJfhRI5WY1IIadighHx16i-0uc1iBoyXEU-tdHG5h_fuWXVIQFLZsZtzzL5JWMvFWda4NNQlZXwMmHG3t2nSC3_ppXOerOiUqkguHTqY9xBqfAkc9MC7V5sZ30tj8FAwAxT4DmLBhdjP1qffootysiXkfOxW0gBSO2iI7_PrySxZ57Guk_HPkJDneZK62pFt4IcB-p9OAZwjmsqjdJNVDme4O7gcqxrp7Dk0M1h2aeyzDSIYtsd8IPxDZZjVCqVFU6jOF1Z7QuoqiEK6CmAF0W3s9g6WMNTwebFX-nI5iOnyb_Q9RIaHoadIJ_6lDdJENjVhUjqNnIdhR9mhIChb0_W8as8SwFkkUoR9q3W2yn8KQDDz3eimT_hSZHVByezmpHri6-gNhNtYT2VqcKNjVFCacJkjoUhZdbxMItraWDli5kfRhYJEd2wB_g7B-mCaTHEef-9scgZ2ugQ0xEWLBSoboFLEhaav0Fx3eAeCB2E78GRz5jK_MI3D7ez5JgG5WvYWvlptV5h5OH1uhhJuakZXerUVXNEsRxuKryhx8hyTe8OHGCVmF7t45JQKu4br2ADcLZtFpUqhuuDzgdGUOLHxcchm8Mqi_RwXNoAvQ73Ui69HDRZuU0_bG0sQIboX3SvVzcqAzPihKmhov8-dnx1BSGYJ7zaqj08KaRcGlHBYfh9C-xXuJc-Vk6GeXJAVhw57J0IuBk1flVtBwuHf45n1YzqnAcBd7SakjtCBQmKldA7Jjx8_CRxL66CzRzHzkp4sj42LSJzkSvkpz2HjFRRR1eHL-aBohlBSD8DyEntiBuS6FmMbpbGTUS5hPBxoc5xZ0CD5WXskEXDYDEflKL_xwrjAzFWTxmYG1p4RM58nXpdf9YI_C3e6aL57ZBfCuqLiMLMFc-FHtY3ejM7Wgrat0bL1A&cid=CAASPeRovPoSj-iiLwodzHjmp9Ko4bGJMl_Py6tgq1KF5_VMTpeTunTYG1dRc1MzuIiwGTlEin7V9VTre1iTnl0&rfl=1%2Chttps%253A%252F%252Fwww.flomarching.com%252F%240

Requested by

Host: www.flomarching.com
URL: https://www.flomarching.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee8a7b1f8ee4f795df728f703b21ba03148b32a44c724348205926adb1c720e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a1a4ef964424114d68c538763efe3d7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 00:43:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22432
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 450D 42 B
251 B 84ms
79ms Image
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ANby4TxnUs4b1Lu2ViLOJrZKST8LiNBLomteWA7NE5fTNwYq6QcfxKQlxxHHj8qFdy1skOOqi--wF2PvmjZJ8n6_ixjpHCeGZLh8Ivztnp-VK17nw

Requested by

Host: a1a4ef964424114d68c538763efe3d7c.safeframe.googlesyndication.com
URL: https://a1a4ef964424114d68c538763efe3d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a1a4ef964424114d68c538763efe3d7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 00:43:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/ Frame 450D 2 KB
1 KB 47ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/window_focus_fy2019.js

Requested by

Host: a1a4ef964424114d68c538763efe3d7c.safeframe.googlesyndication.com
URL: https://a1a4ef964424114d68c538763efe3d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a1a4ef964424114d68c538763efe3d7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:38:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 295
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 28 Aug 2021 00:38:22 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 450D 124 KB
37 KB 51ms
18ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a1a4ef964424114d68c538763efe3d7c.safeframe.googlesyndication.com
URL: https://a1a4ef964424114d68c538763efe3d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37fbc56848d8a6f47f63521ede0688ab5769b28faecbd34e9fecbfc9e1dcd029

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a1a4ef964424114d68c538763efe3d7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:17 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628854326415524"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38195
x-xss-protection: 0
expires: Sat, 14 Aug 2021 00:43:17 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/ Frame 450D 14 KB
7 KB 46ms
5ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: a1a4ef964424114d68c538763efe3d7c.safeframe.googlesyndication.com
URL: https://a1a4ef964424114d68c538763efe3d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a1a4ef964424114d68c538763efe3d7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:41:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 87
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 11055049251678278959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 28 Aug 2021 00:41:50 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210809/r20110914/ Frame 450D 24 KB
9 KB 48ms
47ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210809/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D5_IumvdeX-NVEYqCCQuBCzaHXMPZFadlMYOzDeyvxuhAmgvN8In3UNn4QyjPNku9AVhiNVbyU_Kd5W30Ugbf1waqehSfm7tsf0hASdb8BNrE_5L4qrDt2j5rhWfBfe_Zo0R-dj_ZFwDOt2pZuZk7nuVOXtQ&dbm_d=AKAmf-Dkort2gFshAEfHPoqGgUXvSMmBHLJc2FtUdV2eeiS-etIavDCbD_DJOsMuglQyvYwEs-CJlO6XTFtm-hLO0Sxv0eYvgqPKuQTnnhnVpRVPqzE75esLXqndcJOsjOX3jMlJ01B8wM9mNhOuuKqvm0Gzbo5dsdarUZ0Qcq-j7nWI3Lirz8k2A3vMjuFkLPuICiqOkMWCkMPMbYD9rxgJ9LBTkcfySuU-ThoWOGs8kRLG3JdtmozCTpZYM4KAcRNdiYeJTRp_BQrd-APNK79sRBgPvMeP4dZvQh_Mbbz5DqUgKB3TUZSpamogky_uqQDUQS6JdY7Dz-BlE6R4WRl2and3RJzqyG7i-rwiq8T9EoO-y5dVFj0REl1_OIgmFhljgw4TFYcPAXYZSVkJlaVuzP45YD123miSKyf4LRmOWnpikviDZGw4dINX82MZ2zZg55b7kUTNK2VAhKJGpDqLjZqESh40VYjaCGOZ9opb5HXSeDUzlsRxheIs1qd3esaBCiW1V8erKYvYg1Do8WdRoiFnxgvYUOLjKbpClWUOpLZFracYVGSrCUHYpLjV66RtV5zAdzWQ7uD3WbKZ66Snlz0H_O6JhImxGuKbgTniPkiec7Lx_L9KM2vU9azLxW6oOoTtEwZ7EOKWyQsaWkZ53GudiokEx_xhejl0JBPDT8axcxmmfpTYeyvwDdgKUEHo5apDS0yBnETAvcX3euVlkyRIP84PTsv_D0YdA8rbJDJ1Su3dxkuFwGAzZKY1uV6qllN7LcVKUhh-3juy79MRWs-gHHCyWtKS92tLUsA1ZYc7XxNznzItJCopoyMg3tk6w0OrAOeQ8bYuj7fYa07s56CQ0aCRAKN5yDgo7Z5-wKcV5821qSPFsyWps4x405rtM2fjwMWrcgGVWcRAmR9375g2s5FloMJps44ynyOMSit_9jeNDwRHY5GGMcqbfBhy6Mic24N4hOt3V3xntkePw4E9acrDtFLXCwrqtYyEgGfbN7weCWc0_b_lnAGkvKBtDcuOyJ9fLrwR2zMLXAVd0MvNQTrciQQ0ugWgvnvzmRV1TmGqR15ylQ2BG5trBl98QIlpLdbvMTafWpJ_-zcASvl9r1J6YwkgSj-r9poF8T5Pe-z654g7fkDI46XaSsHvE7GIKflKmWPYeYmkXMbiAWHBSl7lXFC5jhsG_zm4lhCa1_c-m1GaIH1W3ZRHs3r5EvFYZP-QrDSBmFH9WAGVBX-Y0xAv_c3URncTqnLKcmzFRPSKulbPXqg_YRfnscxzxw6N8cl8ANh6VjU5V8HC0_-2FgCpLTrt_WGAwL5cJzmWhczHZwE60UoC6f4Nv0XcUq37IMS7yGmOgACjdmH6ZhlmUYIe5A2iR7ALHXnUj08cF_ix0rFacJAO6h71TqEOuLQD6-5j5j1FPlbZyawg0UtiUyyq7eeV__flPHsPYePKtOyjH92Y4_RWWu4l9VDNqC2jeQ8r7bDoJ1tHuxGBWuf9A4zqwm4Gt1yNk9IDhX6S6SGc0ifLfzHPFNCOn-ZL-dt--oxv1nshFeDP2bAZpBTN_9qbQSYMPSuYler0xt__K4PLph9iPMUtysFMl3GhJ7565BmMEnTQRHFbiXkUhTH0qESOz9mEUsy7IcOQyssifd5y98jD7tNAUj4LcQmmxlfQ7agPBnOqCHjz7yEGU2ffUEUgjXuDmHEbKVK0-hF5vIPI-c0JnIMxw7fCxV3PDfJt3xB4EgyeORduYgPQ3W7EDCxQFpLi-HfWl0dDeME60qnkjlTd4vMYRmsKfflkUjDgPCcTef1IztZ9P5ZRfLx9CNVNlZ0JqzkVse7PKoOL0Y4Fh1aVfU9U2jNE5qf7TwRiE3fVSHUUChoCZqBiIgDAV7aytka_9-gkfV24WSe9fxcQkfebafVsc4haOMVB537zYtsA0RuSjsSYa6IyjlHrtLJV81gT3RFkZJzZJqOv18kDgY8WrljBbB-m6kVq__EPAf9rUlmbhH73w4l0WHFFiLegajTZWdHd534i7Bhi3M7Jlc5SEn6slD38SZiRMBtAmn_l839fmvJCgeWM3jIJfhRI5WY1IIadighHx16i-0uc1iBoyXEU-tdHG5h_fuWXVIQFLZsZtzzL5JWMvFWda4NNQlZXwMmHG3t2nSC3_ppXOerOiUqkguHTqY9xBqfAkc9MC7V5sZ30tj8FAwAxT4DmLBhdjP1qffootysiXkfOxW0gBSO2iI7_PrySxZ57Guk_HPkJDneZK62pFt4IcB-p9OAZwjmsqjdJNVDme4O7gcqxrp7Dk0M1h2aeyzDSIYtsd8IPxDZZjVCqVFU6jOF1Z7QuoqiEK6CmAF0W3s9g6WMNTwebFX-nI5iOnyb_Q9RIaHoadIJ_6lDdJENjVhUjqNnIdhR9mhIChb0_W8as8SwFkkUoR9q3W2yn8KQDDz3eimT_hSZHVByezmpHri6-gNhNtYT2VqcKNjVFCacJkjoUhZdbxMItraWDli5kfRhYJEd2wB_g7B-mCaTHEef-9scgZ2ugQ0xEWLBSoboFLEhaav0Fx3eAeCB2E78GRz5jK_MI3D7ez5JgG5WvYWvlptV5h5OH1uhhJuakZXerUVXNEsRxuKryhx8hyTe8OHGCVmF7t45JQKu4br2ADcLZtFpUqhuuDzgdGUOLHxcchm8Mqi_RwXNoAvQ73Ui69HDRZuU0_bG0sQIboX3SvVzcqAzPihKmhov8-dnx1BSGYJ7zaqj08KaRcGlHBYfh9C-xXuJc-Vk6GeXJAVhw57J0IuBk1flVtBwuHf45n1YzqnAcBd7SakjtCBQmKldA7Jjx8_CRxL66CzRzHzkp4sj42LSJzkSvkpz2HjFRRR1eHL-aBohlBSD8DyEntiBuS6FmMbpbGTUS5hPBxoc5xZ0CD5WXskEXDYDEflKL_xwrjAzFWTxmYG1p4RM58nXpdf9YI_C3e6aL57ZBfCuqLiMLMFc-FHtY3ejM7Wgrat0bL1A&cid=CAASPeRovPoSj-iiLwodzHjmp9Ko4bGJMl_Py6tgq1KF5_VMTpeTunTYG1dRc1MzuIiwGTlEin7V9VTre1iTnl0&rfl=1%2Chttps%253A%252F%252Fwww.flomarching.com%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

f9da31cabd7ad9f32c9a2c18ce1838a6eaeeca9fbf55995a3e5a2abb2aface6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a1a4ef964424114d68c538763efe3d7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 23:44:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3535
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9343
x-xss-protection: 0
server: cafe
etag: 12459758733850244510
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Aug 2021 23:44:22 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210809/r20110914/elements/html/ Frame 450D 8 KB
3 KB 46ms
45ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210809/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a1a4ef964424114d68c538763efe3d7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 23:58:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2705
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 27 Aug 2021 23:58:12 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 450D 0
107 B 438ms
89ms Ping
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstijJ0cSvzUf643IDPClHiD1q4EovIMJRt_HGrTo_htQ91Ze3R8V_nQMJk8nMbgn4S1bAzQSUyD53JSs5pebZqHlnHKE848ZWg0A7XGkGJbucH2FH8PCNWezzUCLCczleYvKIovxO0FEhWfTA0zK1_WXyTLsghEjf98vuo1ceYG7qeeA0SRXPfopgG2rQXzWKeOgrQMug_L5E7mS-cwJk-KAav1x7jfdkuXPac8q4Xh8NhHbrFGt8cAPrwUoAVT2ETmA6MHGV_AEWdLXhhBWXHA2hNOcAVYHd_9SOXof-WTI69yH6y_kJZNXPpFA_45pv164vZPeU3-qT7UP7w82N5QYvFconbNrByZYMVlI4pJyEOKjdmOnPBc00NyW-uBY5dYUyMdOAiTYWiKJowQKqDwXHTf1AewGavBQCKMvdbday_WoAU3A4j_ZDEfkLiCsNVT7sm2SP-I4281_u99tC6QlzMsQxon9RF3XVaFFpEKtt1u0cENl61Phfc08kOIfzzTJ1L9Bl2kMDjbW5fu9BseqB0RvMF6rm2EhQNorLWQkR6eL-26K0U7WPUc5BMgRRGjcnatL6JvPhvDobj_0OkAumls1dY7268m37HdF8tBWVEy4ovKFmcLQaSYA-Gx2rs-AAOlwgTfF37s-IjQXb9FoQYTUSyJf1JPGRcuDMvUP34TjS60cE7zNz6PwwfQk7r-5FVoy6JKCSFrRnaF9PGQUuunHIvMlcwdggiHt_ulxbsQoLzhyYzxTjD8uIoCYES7rbeWog8bZ2BuByDOzyEQSdLu11p2pDkZJOm9xJTAXApYNk7_PLITgSd1pCqDzA0ercPQg4sn3_HB_88TjenlEJ9A2wtD7XSEKJa0QsOtftxOmY68gGfU6uCKOEsOcxveaK0dVc03kP1CaaUvg-RWJvbThSATLKs92eyL9GuqRCrLdL2tzyYD4x_cUkEsp__YIjkpeZcH-IHYn32mZn2HdFmTUwk3gaYVMNhmUYvx3O7gtlPwFZv6MpslGC4Nrag5UCh8Zp-xX3lUi6zLb2U8g2fxCvjb0mV7h0eSHAU9zeLb5LQwXdPELD_1tZWGj7xGkUM97SGqxERRLVmYnyDKDonX5bOhaoWUMSWzbLl7Q60o3LgJHmaUimD-tdiDn_ZDrd3d0PQqr7h2fetciJ3W8S9qJZFozM_Zrzyeg4gg7e0hVrZU8uo0C-OkD_z2qbQlsjweur4OyusT&sai=AMfl-YSJT6U_nMk0dRQbY1gBoJQlqULHwNXqv312zIC9b3u2zBR0oq1o78-xvS20pd-9uxTbztquCn9IXu-x24qmN_Q4E-PtNw_nyrt_jexnT6TCxQvC_LqYEOkO0rLEU_Wi4zNXBVdWiSnaYu0g51zYJgper4YxMcmLH5yOCnfvPft_kkH6sOA3A3Kt_jd6LkTiEZLI7JXiYLYRPoIvqzJlI_rS4Z5JRMjcgvrTLfhG0uPu9NhK0BJB_yJc6FCnTv1amQ&sig=Cg0ArKJSzLlKDZpJJrwnEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210809.41736&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a1a4ef964424114d68c538763efe3d7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Sat, 14 Aug 2021 00:43:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 450D 41 KB
15 KB 21ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a1a4ef964424114d68c538763efe3d7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 09:42:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54071
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Aug 2022 09:42:06 GMT

GET
H2 200 07142021-022659826-PL-pl_DAP-linia1_750x200_BAN_0_MG.jpg
s0.2mdn.net/9093145/ Frame 450D 88 KB
88 KB 28ms
7ms Image
image/jpeg 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9093145/07142021-022659826-PL-pl_DAP-linia1_750x200_BAN_0_MG.jpg

Requested by

Host: a1a4ef964424114d68c538763efe3d7c.safeframe.googlesyndication.com
URL: https://a1a4ef964424114d68c538763efe3d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

877c08ad97253f76277c2e8b38beec5c407f25b3bbc2bc59647eeaa33508d228

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a1a4ef964424114d68c538763efe3d7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 12:31:25 GMT
x-content-type-options: nosniff
last-modified: Wed, 14 Jul 2021 09:26:59 GMT
server: sffe
age: 43912
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89721
x-xss-protection: 0
expires: Sat, 14 Aug 2021 12:31:25 GMT

GET
H/1.1 400
Request failed due to privacy signals getuid
secure.adnxs.com/ Frame 2D7B 0
0 806ms
47ms Image
text/html 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.flomarching.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 YRcRo0fgEjsXzRMc5XLtngAABFEAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 2D7B 43 B
192 B 34ms
34ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/YRcRo0fgEjsXzRMc5XLtngAABFEAAAIB?gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.flomarching.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:17 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 2D7B
Redirect Chain

https://ad.turn.com/r/cs?pid=21&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=9081283208147017607

43 B
1 KB

315ms
65ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=9081283208147017607
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.flomarching.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Aug 2021 00:43:17 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 14 Aug 2021 00:43:17 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=9081283208147017607
pragma: no-cache
date: Sat, 14 Aug 2021 00:43:16 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1 204
No Content sync
ups.analytics.yahoo.com/ups/55940/ Frame 2D7B 0
234 B 234ms
60ms Image
text/plain 3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YRcRo0fgEjsXzRMc5XLtngAABFEAAAIB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.flomarching.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.128 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 14 Aug 2021 00:43:17 GMT
Server: ATS/7.1.2.128
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 2D7B
Redirect Chain

https://beacon.lynx.cognitivlabs.com/ix.gif
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=60fc15b6-e0d5-4fc3-b539-851fb74027fa&expiration=1660437797

43 B
1 KB

65ms
64ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=60fc15b6-e0d5-4fc3-b539-851fb74027fa&expiration=1660437797
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.flomarching.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Aug 2021 00:43:17 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 14 Aug 2021 00:43:17 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=60fc15b6-e0d5-4fc3-b539-851fb74027fa&expiration=1660437797
date: Sat, 14 Aug 2021 00:43:17 GMT
server: Kestrel
content-length: 0

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 2D7B
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YRcRo0fgEjsXzRMc5XLtngAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEtSTl_anYXWibW1858IzYo&google_cver=1

43 B
1 KB

66ms
66ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEtSTl_anYXWibW1858IzYo&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.flomarching.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Aug 2021 00:43:21 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 14 Aug 2021 00:43:21 GMT

Redirect headers

pragma: no-cache
date: Sat, 14 Aug 2021 00:43:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEtSTl_anYXWibW1858IzYo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame 2D7B 43 B
145 B 59ms
58ms Image
image/gif 52.59.115.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=index&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.flomarching.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.115.28 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-115-28.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:17 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H/1.1 400
Request failed due to privacy signals getuid
ib.adnxs.com/ Frame 2D7B 0
0 47ms
46ms Image
text/html 185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.flomarching.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame 2D7B 43 B
425 B 63ms
63ms Image
image/gif 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YRcRo0fgEjsXzRMc5XLtngAA%261105
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.flomarching.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 14 Aug 2021 00:43:17 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "da1f1d-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=2314
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 14 Aug 2021 01:21:51 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 3633 0
731 B 744ms
46ms Script
text/html 185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Aug 2021 00:43:17 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: d6fd9cac-bb3e-4e41-a9b7-3467cb87d2f2
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 2EE3 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://a1a4ef964424114d68c538763efe3d7c.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://a1a4ef964424114d68c538763efe3d7c.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Fri, 13 Aug 2021 09:42:06 GMT
expires: Sat, 13 Aug 2022 09:42:06 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 54071
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ping
ping.chartbeat.net/ 43 B
200 B 133ms
133ms Image
image/gif 54.88.105.93
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=flomarching.com&p=%2F&u=BWUp8ZDzIc3MDLUybN&d=flomarching.com&g=27388&g0=Watch&g1=No%20Author&n=1&f=00001&c=0.02&x=0&m=0&y=2550&o=1600&w=1200&j=30&R=1&W=0&I=0&E=1&e=1&r=&b=1166&t=DKr60UCCuhla84IBBEHt9s2D_n&V=128&tz=-120&_acct=anon&sn=2&sv=9W8QwCTdkT_D-L_AiBBfDEHCmGrx5&sd=1&im=06532c43&_
Requested by: Host: www.flomarching.com
URL: https://www.flomarching.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.88.105.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-88-105-93.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 00:43:17 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 450D 0
545 B 388ms
84ms Ping
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a1a4ef964424114d68c538763efe3d7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sat, 14 Aug 2021 00:43:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 1ybhf5PHJCoiRTy-ubeljLlyS14gR-QFfTY_U8tl74U.js Show response
pagead2.googlesyndication.com/bg/ Frame 2EE3 35 KB
13 KB 4253ms
45ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1ybhf5PHJCoiRTy-ubeljLlyS14gR-QFfTY_U8tl74U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

d726e17f93c7242a22453cbeb9b7a58cb9724b5e2047e4057d363f53cb65ef85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:32:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69070
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13373
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 09:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 13 Aug 2022 05:32:11 GMT

GET
DATA 200
OK truncated
/ Frame 450D 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7d868f0fc96c8639f7dc7d79e5921917e5148074e6502b5383ce120b1e3f3ce1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2575 0
0 56ms
56ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvrjavmwxWjc8sMAvY9Zim_4LDsX2JBhJan0KH6m6wSMddvP_srGRqordbXK8W3oaJewVlAA8yXrTKDtt3BDby6koQo3aP5jn11JYaB0kNr1tpzXSUfcxyBa9dbOMtxehDhpQ1v7Oy9FwRUGE1v8vNY575RZa-9KmpszGYBpVTFBWOxXbvcY0QM_-7Fu_RVZme8jQIFsOpvMdpYh4Dw6fAnidEypkv6dKJCAzlXHis7IpqO3TnKsVlFaMuQkRAjmd5w1-RyYmoFKFr-pP8Ifr9KZ5ZziuWw5xIDO-vUZsNFHwBFNFO1hrHwidxHYoi2gutIWc35lZnvwM0dIZMbh7sO4wEI&sig=Cg0ArKJSzCDHS3NavCftEAE&adurl=

Requested by

Host: www.flomarching.com
URL: https://www.flomarching.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 14 Aug 2021 00:43:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/ Frame 2575 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081001.js?31062246

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:38:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 295
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 28 Aug 2021 00:38:22 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2575 124 KB
37 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081001.js?31062246

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37fbc56848d8a6f47f63521ede0688ab5769b28faecbd34e9fecbfc9e1dcd029

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:17 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628854326415524"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38195
x-xss-protection: 0
expires: Sat, 14 Aug 2021 00:43:17 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 2575 0
0 15ms
14ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSgiu_DrbRC7uFsujZbga_kmXgfV0brON6F55yh5Qt2ugGOoriAytEHjPLKU6u8dwdkFU4P
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081001.js?31062246
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 14947156845319702344
tpc.googlesyndication.com/simgad/ Frame 2575 57 KB
57 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14947156845319702344

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081001.js?31062246

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f552ba1d7c4557836e064793708dbf89c980811eb7b0c06f081145ae0a8df367

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 14:44:11 GMT
x-content-type-options: nosniff
age: 208746
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58417
x-xss-protection: 0
last-modified: Tue, 19 May 2020 20:20:06 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 Aug 2022 14:44:11 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame D660 0
731 B 588ms
46ms Script
text/html 185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Aug 2021 00:43:17 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: b1b6c9a0-7a8f-46c6-97e2-a89b7fe7c1c0
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2575 0
0 51ms
51ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstTCHuHHtY6a-drvci6JxOwwaIUBCnbOwnZMAq7epSwJp2csFmw2B2HAZ6pknOT8UTuJ0of7LKg04VSK-LO8t_ZnCcGrh47rURKxPkgqXva2BQQXVF8gtB8_5GDxq51SV0gmQROTTBSlrIEP8xqSVbisU2bl3khEUZDjoTNlfLcfgyVIjB0ZoUhOV15BQKkZhYIHOThEk41X1xfKrxqyraW1y1IAoXxvYLnp8igyygHT4CYjo993yCkfQoJgkREm7-XftgWnd9zEhuqavrGNaDxf7ujHLCs973dBvU0q4jl3P64oWmRg0S0Ve0eg81lzDznkkCNQeBqMOqQZRafXKEukJ3jRHY&sig=Cg0ArKJSzLRXqrHm1DOUEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 14 Aug 2021 00:43:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 14 Aug 2021 00:43:17 GMT

GET
DATA 200
OK truncated
/ Frame 2575 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c3d7e02d38961a14eb6593672d7dca6719efd1f9f907ecb9a3397a884cea8642

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 295C 70 B
264 B 59ms
59ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 00:43:17 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

xuid
eb2.3lift.com/ Frame 295C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEL_6mElO3wzELrR_N-8SlWo&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1

37 B
353 B

46ms
46ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEL_6mElO3wzELrR_N-8SlWo&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:21 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Sat, 14 Aug 2021 00:43:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEL_6mElO3wzELrR_N-8SlWo&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 295C
Redirect Chain

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI4NTEyOTU5MTk2NzY5NDQ2NTc%3D

170 B
232 B

3669ms
81ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI4NTEyOTU5MTk2NzY5NDQ2NTc%3D

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 00:43:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI4NTEyOTU5MTk2NzY5NDQ2NTc%3D
date: Sat, 14 Aug 2021 00:43:17 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 c.gif
c.bing.com/ Frame 295C 42 B
467 B 47ms
28ms Image
image/gif 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?xid=12851295919676944657&Red3=TLMS_pd
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 00:43:17 GMT
etag: "9d284f105d6fd71:0"
last-modified: Fri, 02 Jul 2021 16:12:32 GMT
x-msedge-ref: Ref A: D22FB5D5078E4469A6A13E4CFB23305B Ref B: FRAEDGE1319 Ref C: 2021-08-14T00:43:17Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

GET
H2

200

xuid
eb2.3lift.com/ Frame 295C
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/triplelift/12851295919676944657?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2662&xuid=y-63G8DDdE2oTN3V9acS.LnfhL8nzKHhjzxlzfvvQGfA--~A&dongle=0883

37 B
353 B

46ms
46ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2662&xuid=y-63G8DDdE2oTN3V9acS.LnfhL8nzKHhjzxlzfvvQGfA--~A&dongle=0883
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:17 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Sat, 14 Aug 2021 00:43:17 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://eb2.3lift.com/xuid?mid=2662&xuid=y-63G8DDdE2oTN3V9acS.LnfhL8nzKHhjzxlzfvvQGfA--~A&dongle=0883
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 295C
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent=
https://eb2.3lift.com/xuid?mid=3335&xuid=3159346312987195551&dongle=4d58&gdpr=1&gdpr_consent=

37 B
353 B

47ms
46ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3335&xuid=3159346312987195551&dongle=4d58&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:18 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma: no-cache
Date: Sat, 14 Aug 2021 00:43:18 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 8e25a426-72a3-4669-b8b5-fd47f4a199fd
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://eb2.3lift.com/xuid?mid=3335&xuid=3159346312987195551&dongle=4d58&gdpr=1&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

iu3
s.amazon-adsystem.com/ Frame 295C
Redirect Chain

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=12851295919676944657
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=12851295919676944657&dcc=t

0
0

141ms
141ms

Image
text/html

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=12851295919676944657&dcc=t
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Sat, 14 Aug 2021 00:43:17 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: ZMAFKZPTTVTCG0QB8GXH
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=12851295919676944657&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 295C
Redirect Chain

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

37 B
139 B

45ms
45ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:18 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

Location: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma: no-cache
Date: Sat, 14 Aug 2021 00:43:18 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 95
Content-Type: text/html; charset=utf-8

GET
H/1.1 400
Request failed due to privacy signals setuid
ib.adnxs.com/prebid/ Frame 295C 0
0 187ms
47ms Image
text/html 185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=1&gdpr_consent=&uid=12851295919676944657
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 400
Request failed due to privacy signals setuid
ib.adnxs.com/prebid/ Frame 295C 0
0 240ms
52ms Image
text/html 185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=1&gdpr_consent=&uid=12851295919676944657
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 2D93 70 B
264 B 61ms
58ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 00:43:17 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

xuid
eb2.3lift.com/ Frame 2D93
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEL_6mElO3wzELrR_N-8SlWo&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1

37 B
353 B

46ms
46ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEL_6mElO3wzELrR_N-8SlWo&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:21 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Sat, 14 Aug 2021 00:43:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEL_6mElO3wzELrR_N-8SlWo&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 2D93
Redirect Chain

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI4NTEyOTU5MTk2NzY5NDQ2NTc%3D

170 B
232 B

3667ms
80ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI4NTEyOTU5MTk2NzY5NDQ2NTc%3D

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 00:43:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI4NTEyOTU5MTk2NzY5NDQ2NTc%3D
date: Sat, 14 Aug 2021 00:43:17 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 c.gif
c.bing.com/ Frame 2D93 42 B
247 B 46ms
28ms Image
image/gif 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?xid=12851295919676944657&Red3=TLMS_pd
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 00:43:17 GMT
etag: "9d284f105d6fd71:0"
last-modified: Fri, 02 Jul 2021 16:12:32 GMT
x-msedge-ref: Ref A: 81F905E89B1A43EDB332EA49F81BF1E9 Ref B: FRAEDGE1319 Ref C: 2021-08-14T00:43:17Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

GET
H2

200

xuid
eb2.3lift.com/ Frame 2D93
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/triplelift/12851295919676944657?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2662&xuid=y-63G8DDdE2oTN3V9acS.LnfhL8nzKHhjzxlzfvvQGfA--~A&dongle=0883

37 B
353 B

46ms
46ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2662&xuid=y-63G8DDdE2oTN3V9acS.LnfhL8nzKHhjzxlzfvvQGfA--~A&dongle=0883
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:17 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Sat, 14 Aug 2021 00:43:17 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://eb2.3lift.com/xuid?mid=2662&xuid=y-63G8DDdE2oTN3V9acS.LnfhL8nzKHhjzxlzfvvQGfA--~A&dongle=0883
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 2D93
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent=
https://eb2.3lift.com/xuid?mid=3335&xuid=3159346312987195551&dongle=4d58&gdpr=1&gdpr_consent=

37 B
353 B

47ms
46ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3335&xuid=3159346312987195551&dongle=4d58&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:18 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma: no-cache
Date: Sat, 14 Aug 2021 00:43:18 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 64d789a4-fc57-4c64-b117-7166855892cb
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://eb2.3lift.com/xuid?mid=3335&xuid=3159346312987195551&dongle=4d58&gdpr=1&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

iu3
s.amazon-adsystem.com/ Frame 2D93
Redirect Chain

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=12851295919676944657
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=12851295919676944657&dcc=t

0
0

145ms
145ms

Image
text/html

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=12851295919676944657&dcc=t
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Sat, 14 Aug 2021 00:43:17 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 798A8YTYRC6HKHRZPAP6
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=12851295919676944657&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 2D93
Redirect Chain

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

37 B
139 B

45ms
45ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:18 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

Location: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma: no-cache
Date: Sat, 14 Aug 2021 00:43:18 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 95
Content-Type: text/html; charset=utf-8

GET
H/1.1 400
Request failed due to privacy signals setuid
ib.adnxs.com/prebid/ Frame 2D93 0
0 578ms
46ms Image
text/html 185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=1&gdpr_consent=&uid=12851295919676944657
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 400
Request failed due to privacy signals setuid
ib.adnxs.com/prebid/ Frame 2D93 0
0 686ms
46ms Image
text/html 185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=1&gdpr_consent=&uid=12851295919676944657
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2

200

usersync
rtb.gumgum.com/ Frame D63A
Redirect Chain

https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
https://rtb.gumgum.com/usersync?b=apn&i=3159346312987195551

35 B
237 B

67ms
67ms

Image
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=apn&i=3159346312987195551
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 00:43:18 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Pragma: no-cache
Date: Sat, 14 Aug 2021 00:43:18 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 7babaa4f-b869-4f04-ac5c-2aef7103562c
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://rtb.gumgum.com/usersync?b=apn&i=3159346312987195551
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

usersync
rtb.gumgum.com/ Frame D63A
Redirect Chain

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_c79a09d6-2be0-4836-95dd-9892fc85b2fc&gdpr=0&gdpr_consent=&us_privacy=
https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_c79a09d6-2be0-4836-95dd-9892fc85b2fc&gdpr=0&gdpr_consent=&us_privacy=
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2
https://x.bidswitch.net/sync?dsp_id=59&user_id=a0f0ebcd-36c3-412c-bf6d-c2f675633b68&ssp=gumgum2
https://rtb.gumgum.com/usersync?b=bsw&i=bd9a7795-55e5-4248-9e96-fd7e6be7ded0

35 B
237 B

67ms
67ms

Image
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=bsw&i=bd9a7795-55e5-4248-9e96-fd7e6be7ded0
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 00:43:18 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

location: //rtb.gumgum.com/usersync?b=bsw&i=bd9a7795-55e5-4248-9e96-fd7e6be7ded0
date: Sat, 14 Aug 2021 00:43:18 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

usersync
rtb.gumgum.com/ Frame D63A
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
https://rtb.gumgum.com/usersync?b=sta&i=0-2f0ac21d-6c52-445d-5814-968c43065bae$ip$194.99.105.99

35 B
237 B

67ms
67ms

Image
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=sta&i=0-2f0ac21d-6c52-445d-5814-968c43065bae$ip$194.99.105.99
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 00:43:18 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Location: https://rtb.gumgum.com/usersync?b=sta&i=0-2f0ac21d-6c52-445d-5814-968c43065bae$ip$194.99.105.99
Date: Sat, 14 Aug 2021 00:43:18 GMT
Connection: keep-alive
Content-Length: 122
Content-Type: text/html; charset=utf-8

GET
H2

200

usersync
rtb.gumgum.com/ Frame D63A
Redirect Chain

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_c79a09d6-2be0-4836-95dd-9892fc85b2fc&gdpr=0&gdpr_consent=&us_privacy=
https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=0

35 B
237 B

63ms
63ms

Image
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=0
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 00:43:18 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Location: https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=0
Pragma: no-cache
Date: Sat, 14 Aug 2021 00:43:18 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 78
Content-Type: text/html; charset=utf-8

GET
H2

200

usersync
rtb.gumgum.com/ Frame D63A
Redirect Chain

https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7601057945
https://sync.1rx.io/usersync/tradedesk/b35d41fb-cdbb-462e-bed1-2d379e31cbab
https://sync.targeting.unrulymedia.com/csync/RX-98f142c5-bef2-419f-b8d9-274f29dd00cc-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-98f142c5-bef2-419f-b8d9-274f29dd00cc-003
https://rtb.gumgum.com/usersync?b=rhy&i=RX-98f142c5-bef2-419f-b8d9-274f29dd00cc-003

35 B
237 B

67ms
67ms

Image
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=rhy&i=RX-98f142c5-bef2-419f-b8d9-274f29dd00cc-003
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 00:43:21 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

location: https://rtb.gumgum.com/usersync?b=rhy&i=RX-98f142c5-bef2-419f-b8d9-274f29dd00cc-003
date: Sat, 14 Aug 2021 00:43:21 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX98f142c5bef2419fb8d9274f29dd00cc003
content-type: text/html

GET
H2

200

usersync
rtb.gumgum.com/ Frame D63A
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
https://rtb.gumgum.com/usersync?b=pln&i=phzdtFYKOiMn&ev=1&pid=558355

35 B
237 B

71ms
67ms

Image
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=pln&i=phzdtFYKOiMn&ev=1&pid=558355
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 00:43:21 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://rtb.gumgum.com/usersync?b=pln&i=phzdtFYKOiMn&ev=1&pid=558355
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-84459f4bbf-zcrxd
expires: -1

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame D63A
Redirect Chain

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
https://rtb.gumgum.com/usersync?b=obn&i=ENC%285eOV3qK9wHr1Pnxyq7QjmSvK_34Fx1ou9KSYlX52qnibpJJ0vq-ch_Jd6akyI2yZ%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_c79a09d6-2be0-4836-95dd-9892fc85b2fc&obuid=ENC(5eOV3qK9wHr1Pnxyq7QjmSvK_34Fx1ou9KSYlX52qnibpJJ0vq-ch_Jd6akyI2yZ)
https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
https://image8.pubmatic.com/AdServer/ImgSync?p=160065&gdpr=PM_GDPR&gdpr_consent=PM_CONSENT&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160065%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%...
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=CC7C6877-2A73-4B10-A400-04B134E1BA52&redir=true&gdpr=0&gdpr_consent=PM_CONSENT
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-nJ6l4T1E2uUxnX4KRfyhC27ipPk3K3o-~A&gdpr=0&gdpr_consent=

0
128 B

50ms
49ms

Image
text/plain

185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-nJ6l4T1E2uUxnX4KRfyhC27ipPk3K3o-~A&gdpr=0&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:25 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Sat, 14 Aug 2021 00:43:26 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-nJ6l4T1E2uUxnX4KRfyhC27ipPk3K3o-~A&gdpr=0&gdpr_consent=
Connection: keep-alive
Content-Length: 0

GET
H2

200

usersync
rtb.gumgum.com/ Frame D63A
Redirect Chain

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://rtb.gumgum.com/usersync?b=opx&i=26cecf96-e423-4f79-acb2-4cd0f3c2cfc8

35 B
237 B

68ms
67ms

Image
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=opx&i=26cecf96-e423-4f79-acb2-4cd0f3c2cfc8
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 00:43:18 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

date: Sat, 14 Aug 2021 00:43:17 GMT
content-encoding: gzip
server: OXGW/16.213.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://rtb.gumgum.com/usersync?b=opx&i=26cecf96-e423-4f79-acb2-4cd0f3c2cfc8
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H2

200

usersync
rtb.gumgum.com/ Frame D63A
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
https://rtb.gumgum.com/usersync?b=oth&i=y-PMH7BrtE2pceJ2rt68lKNcZ9VGmUWHdcMbdI~A

35 B
237 B

67ms
67ms

Image
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=oth&i=y-PMH7BrtE2pceJ2rt68lKNcZ9VGmUWHdcMbdI~A
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 00:43:17 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

date: Sat, 14 Aug 2021 00:43:17 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://rtb.gumgum.com/usersync?b=oth&i=y-PMH7BrtE2pceJ2rt68lKNcZ9VGmUWHdcMbdI~A
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

usersync
rtb.gumgum.com/ Frame D63A
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%...
https://rtb.gumgum.com/usersync?b=vnt&i=a285370c-fc98-11eb-89b6-6fc81c3bfb3d

35 B
237 B

68ms
67ms

Image
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=vnt&i=a285370c-fc98-11eb-89b6-6fc81c3bfb3d
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 00:43:25 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Location: https://rtb.gumgum.com/usersync?b=vnt&i=a285370c-fc98-11eb-89b6-6fc81c3bfb3d
Date: Sat, 14 Aug 2021 00:43:25 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 0
X-CI-RTID: a285370d-fc98-11eb-89b6-6fc81c3bfb3d

GET
H2 204 services
sync.technoratimedia.com/ Frame D63A 0
294 B 7748ms
162ms Image
text/plain 193.122.128.135
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 193.122.128.135 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:25 GMT
via: 1.1 varnish
server: nginx
age: 0
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 559036194
access-control-allow-origin: https://rtb.gumgum.com/
access-control-allow-credentials: true

GET
H2 200 142
match.deepintent.com/usersync/ Frame D63A 0
44 B 7729ms
158ms Image
text/plain 169.197.150.8
DEEPINTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.deepintent.com/usersync/142
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS: g.deepintent.com
Software: b /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:25 GMT
content-length: 0
server: b

GET
H2

200

usersync
rtb.gumgum.com/ Frame D63A
Redirect Chain

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://rtb.gumgum.com/usersync?b=idi&i=30d8ddd5-b3bf-45ae-a1e1-3860165ec149

35 B
237 B

69ms
68ms

Image
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=idi&i=30d8ddd5-b3bf-45ae-a1e1-3860165ec149
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 00:43:18 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

location: https://rtb.gumgum.com/usersync?b=idi&i=30d8ddd5-b3bf-45ae-a1e1-3860165ec149
date: Sat, 14 Aug 2021 00:43:18 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

usersync
rtb.gumgum.com/ Frame D63A
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=15
https://rtb.gumgum.com/usersync?b=sad&i=7131293978292161307&gdpr=1&gdpr_consent=

35 B
237 B

67ms
67ms

Image
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=sad&i=7131293978292161307&gdpr=1&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 00:43:19 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

location: https://rtb.gumgum.com/usersync?b=sad&i=7131293978292161307&gdpr=1&gdpr_consent=
date: Sat, 14 Aug 2021 00:43:18 GMT
content-length: 0

GET
H2 200 setuid
ow.pubmatic.com/ Frame D63A 0
346 B 57ms
50ms Image
text/plain 185.64.189.116
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ow.pubmatic.com/setuid?bidder=gumgum&gdpr=0&gdpr_consent=&uid=e_c79a09d6-2be0-4836-95dd-9892fc85b2fc
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.116 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:17 GMT
content-length: 0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 855C 14 KB
5 KB 69ms
64ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KADUSERCOOKIE=CC7C6877-2A73-4B10-A400-04B134E1BA52; KCCH=YES; chkChromeAb67Sec=1; DPSync3=1630108800%3A201_197_219%7C1628985600%3A174; SyncRTB3=1630108800%3A220_161_7_71_21_13_56_54_3%7C1630195200%3A35; KRTBCOOKIE_377=6810-b35d41fb-cdbb-462e-bed1-2d379e31cbab&KRTB&22918-b35d41fb-cdbb-462e-bed1-2d379e31cbab&KRTB&23031-b35d41fb-cdbb-462e-bed1-2d379e31cbab; PUBMDCID=3; KRTBCOOKIE_391=22924-5113922427259333072&KRTB&23263-5113922427259333072; KRTBCOOKIE_57=22776-3159346312987195551; KRTBCOOKIE_27=16735-uid:8bda6117-11a5-4100-9c32-67585b21793c&KRTB&16736-uid:8bda6117-11a5-4100-9c32-67585b21793c&KRTB&23019-uid:8bda6117-11a5-4100-9c32-67585b21793c&KRTB&23114-uid:8bda6117-11a5-4100-9c32-67585b21793c; PugT=1628901797; SPugT=1628901796
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=44008
expires: Sat, 14 Aug 2021 12:56:45 GMT
date: Sat, 14 Aug 2021 00:43:17 GMT
vary: Accept-Encoding

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame DD33
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
https://rtb.gumgum.com/usersync?b=ttd&i=b35d41fb-cdbb-462e-bed1-2d379e31cbab&t=1631493797

35 B
237 B

67ms
67ms

Document
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=ttd&i=b35d41fb-cdbb-462e-bed1-2d379e31cbab&t=1631493797
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=ttd&i=b35d41fb-cdbb-462e-bed1-2d379e31cbab&t=1631493797
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_c79a09d6-2be0-4836-95dd-9892fc85b2fc
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Sat, 14 Aug 2021 00:43:18 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

date: Sat, 14 Aug 2021 00:43:17 GMT
content-type: text/html
content-length: 209
location: https://rtb.gumgum.com/usersync?b=ttd&i=b35d41fb-cdbb-462e-bed1-2d379e31cbab&t=1631493797
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
set-cookie: TDID=b35d41fb-cdbb-462e-bed1-2d379e31cbab; domain=.adsrvr.org; expires=Sun, 14-Aug-2022 00:43:17 GMT; path=/; secure; SameSite=None TDCPM=CAESFwoIcHVibWF0aWMSCwiEneyc0bHvORAFGAEgASgCMgsI8sy60-ex7zkQBTgBWgZndW1ndW1gAg..; domain=.adsrvr.org; expires=Sun, 14-Aug-2022 00:43:17 GMT; path=/; secure; SameSite=None
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 5406
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
https://eus.rubiconproject.com/usync.html?p=gumgum

281 B
554 B

47ms
46ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://rtb.gumgum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: rsid=1|AIfsdBUH+v3fWCPuzNowDE/csJlhOqmt0nZRUZWfOgh1poCfUm/pXMGaZ9WE5/rIRx3CvDzGDmXGQhinMyiRFxj1oVYGhl0PykR7JZeOex0hvG2vYKQxffShJKG3Nw==; ses2=; vis2=373064^1; khaos=KSB22M9O-23-KUSN; audit=1|naVuGyos1qq+bgT6uiJM5Jqpp78UDnSwKhjxf09oswcR7OB5rEhhEa9R9rS+z1HuFVvvrO0Vl4fggJ3pD4CYmyXv4D0lv28c0A+VO7RH1E0=; pux=1512%3D101833%262249%3D101833%262307%3D101833%262974%3D101833%263778%3D101833%262249-DV360-Hosted%3D101833%26idl%3D101833%26goog%3D101833%26
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 14 Aug 2021 00:43:25 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=gumgum
Date: Sat, 14 Aug 2021 00:43:25 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame FABF
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
https://rtb.gumgum.com/usersync?b=mmh&i=1b196117-11a5-4100-8be9-6cf9afe2cb88&gdpr=0&gdpr_consent=

35 B
237 B

67ms
67ms

Document
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=mmh&i=1b196117-11a5-4100-8be9-6cf9afe2cb88&gdpr=0&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=mmh&i=1b196117-11a5-4100-8be9-6cf9afe2cb88&gdpr=0&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_c79a09d6-2be0-4836-95dd-9892fc85b2fc
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Sat, 14 Aug 2021 00:43:18 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Date: Sat, 14 Aug 2021 00:45:33 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Server: MT3 3831 a91c15f master cdg-pixel-x11
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://rtb.gumgum.com/usersync?b=mmh&i=1b196117-11a5-4100-8be9-6cf9afe2cb88&gdpr=0&gdpr_consent=
Expires: Sat, 14 Aug 2021 00:45:32 GMT

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 5FC5
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YRcRqAADwN88bwA4
https://rtb.gumgum.com/usersync?b=atm&i=YRcRqAADwN88bwA4&gdpr=0&gdpr_consent=&_test=YRcRqAADwN88bwA4

35 B
237 B

67ms
67ms

Document
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=atm&i=YRcRqAADwN88bwA4&gdpr=0&gdpr_consent=&_test=YRcRqAADwN88bwA4
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=atm&i=YRcRqAADwN88bwA4&gdpr=0&gdpr_consent=&_test=YRcRqAADwN88bwA4
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_c79a09d6-2be0-4836-95dd-9892fc85b2fc
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Sat, 14 Aug 2021 00:43:20 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

server: Varnish
retry-after: 0
location: https://rtb.gumgum.com/usersync?b=atm&i=YRcRqAADwN88bwA4&gdpr=0&gdpr_consent=&_test=YRcRqAADwN88bwA4
accept-ranges: bytes
date: Sat, 14 Aug 2021 00:43:20 GMT
via: 1.1 varnish
x-served-by: cache-fra19161-FRA
x-cache: HIT
x-cache-hits: 0
x-timer: S1628901800.298183,VS0,VE0
cache-control: no-cache
pragma: no-cache
content-length: 0

GET
H2 200 pixel Show response
cm.g.doubleclick.net/ Frame FF8A 170 B
243 B 3642ms
54ms Document
image/png 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9jNzlhMDlkNi0yYmUwLTQ4MzYtOTVkZC05ODkyZmM4NWIyZmM=&gdpr=0&gdpr_consent=

Requested by

Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D0%26gdpr_consent%3D%26uid%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

:method: GET
:authority: cm.g.doubleclick.net
:scheme: https
:path: /pixel?google_nid=gumgum_dbm&google_hm=ZV9jNzlhMDlkNi0yYmUwLTQ4MzYtOTVkZC05ODkyZmM4NWIyZmM=&gdpr=0&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkAw7YJ52ZHKI0J8mWXlmlsy3DpJkIVQkYkWkgVxP0WkUTDnhBoD0U9NpmJ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

content-type: image/png
date: Sat, 14 Aug 2021 00:43:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 170
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame DCF8 0
0 7746ms
165ms Document
text/plain 208.100.17.171
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.171 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip171.208-100-17.static.steadfastdns.net
Software: 33XP003 /
Resource Hash

Request headers

:method: GET
:authority: ssc-cms.33across.com
:scheme: https
:path: /ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

x-33x-status: 200000000000000002000208
server: 33XP003
date: Sat, 14 Aug 2021 00:43:25 GMT

GET
H2 204 um
cs.emxdgt.com/ Frame DCB5 0
0 7587ms
80ms Document
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: cs.emxdgt.com
:scheme: https
:path: /um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

content-type: text/html
date: Sat, 14 Aug 2021 00:43:25 GMT
content-length: 0

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 61C2
Redirect Chain

https://tg.socdm.com/aux/idsync?proto=gumgum
https://rtb.gumgum.com/usersync?b=sus&i=YRcRp8Co5tAAAM7PGD4AAAAA

35 B
237 B

68ms
67ms

Document
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=sus&i=YRcRp8Co5tAAAM7PGD4AAAAA
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=sus&i=YRcRp8Co5tAAAM7PGD4AAAAA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_c79a09d6-2be0-4836-95dd-9892fc85b2fc
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Sat, 14 Aug 2021 00:43:19 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Server: nginx
Date: Sat, 14 Aug 2021 00:43:19 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: private
Location: https://rtb.gumgum.com/usersync?b=sus&i=YRcRp8Co5tAAAM7PGD4AAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
X-SO-Ads-Time: 5
X-SO-HostName: m-ad208.dc4p.scaleout.jp
X-SO-LB-Hostname: a-tgng40012.dc2p.scaleout.jp
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":6,"gdpr":true,"ipv4":"0.0.0.0","key":"YRcRp8Co5tAAAM7PGD4AAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad208"}
X-SO-Key: YRcRp8Co5tAAAM7PGD4AAAAA
X-SO-IP: 194.99.105.99
X-SO-Cluster-ID: 6
X-SO-Upstream-ID: m-ad208

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 723E
Redirect Chain

https://p.rfihub.com/cm?pub=42796&in=1
https://rtb.gumgum.com/usersync?b=zet&i=2159827873217128555

35 B
237 B

68ms
67ms

Document
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=zet&i=2159827873217128555
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=zet&i=2159827873217128555
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_c79a09d6-2be0-4836-95dd-9892fc85b2fc
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Sat, 14 Aug 2021 00:43:19 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Date: Sat, 14 Aug 2021 00:43:19 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: eud=H4sIAAAAAAAAAFslxmtoZmRhaWBobmlpbGoJAOULTkIQAAAA; Path=/; Domain=.rfihub.com; Expires=Thu, 8 Sep 2022 00:43:19 GMT; Secure; SameSite=None rud=H4sIAAAAAAAAAOMSNjI0tbQwMrcwNzYyNDc0sjA1NRXiM9T1TY8qMglyNq900jWW4jU0M7KwNDA0t7Q0NrUAAD4Rl1s0AAAA; Path=/; Domain=.rfihub.com; Expires=Thu, 8 Sep 2022 00:43:19 GMT; Secure; SameSite=None ruds=H4sIAAAAAAAAAOMSNjI0tbQwMrcwNzYyNDc0sjA1NRXiM9T1TY8qMglyNq900jUGAAGpjwslAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
Location: https://rtb.gumgum.com/usersync?b=zet&i=2159827873217128555
Content-Length: 0
Server: Jetty(9.3.29.v20201019)

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame A597
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://creativecdn.com/cm-notify?pi=gumgum&tc=1
https://rtb.gumgum.com/usersync?b=rth&i=bHF1b5xmklFSoHn9LAbo&pi=gumgum&tc=1

35 B
237 B

68ms
68ms

Document
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=rth&i=bHF1b5xmklFSoHn9LAbo&pi=gumgum&tc=1
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=rth&i=bHF1b5xmklFSoHn9LAbo&pi=gumgum&tc=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_c79a09d6-2be0-4836-95dd-9892fc85b2fc
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Sat, 14 Aug 2021 00:43:19 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

date: Sat, 14 Aug 2021 00:43:19 GMT Sat, 14 Aug 2021 00:43:19 GMT
location: https://rtb.gumgum.com/usersync?b=rth&i=bHF1b5xmklFSoHn9LAbo&pi=gumgum&tc=1
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 3633 0
731 B 1394ms
47ms Script
text/html 185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Aug 2021 00:43:19 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 922f5b3e-bb0a-40d6-ba30-13b4bfa8da82
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 450D 42 B
64 B 32ms
17ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvMal5kRWWU6-KOkpI0EGd0y-xTm6FeEbLVV6q9zjs3Sb9NvZ2hi453IxnLkgHUcdOLbimp_du_xTVaNQw0tZHBoxdK4lTXtlZpT2INcEfD58xpfxTvsAUPZ6NmBw&sai=AMfl-YQUBGrrmSUrtSvscz4hQ9rull6_OlCmfHNsl6FpGXGd9TYAGkw1mmGR9H-uJzcxkzU5mxoF4YPniYPTAaVaLaBUzvP_0vw7XBDFJMwt3ReqrYTW9MfAKtPY4tl5&sig=Cg0ArKJSzKo9qIYoftXNEAE&cid=CAASPeRovPoSj-iiLwodzHjmp9Ko4bGJMl_Py6tgq1KF5_VMTpeTunTYG1dRc1MzuIiwGTlEin7V9VTre1iTnl0&id=lidar2&mcvt=1000&p=790,426,994,1176&asp=790,426,994,1176&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20210813&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=4106546090&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1628901797126&dlt=33&rpt=231&isd=0&lsd=0&msd=0&r=v&speed=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a1a4ef964424114d68c538763efe3d7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 00:43:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame D660 0
731 B 1284ms
46ms Script
text/html 185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Aug 2021 00:43:19 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 808efe28-8635-45ed-97a6-f68ef7bd9a99
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 451 envelope Show response
api.rlcdn.com/api/identity/ 44 B
331 B 149ms
55ms XHR
text/plain 34.120.133.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity/envelope?pid=13396

Requested by

Host: www.flomarching.com
URL: https://www.flomarching.com/polyfills-es2015.2ebf71d0bda85b2f65d1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 14 Aug 2021 00:43:18 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.flomarching.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 44

GET
H2 200 rid Show response
match.adsrvr.org/track/ 108 B
691 B 60ms
59ms XHR
application/json 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: www.flomarching.com
URL: https://www.flomarching.com/polyfills-es2015.2ebf71d0bda85b2f65d1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 51f304d81d7c53907c11bf1fd42ec6b9631e35163bccde1f6b176b104ef7eacb

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 14 Aug 2021 00:43:18 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.flomarching.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 108
expires: Mon, 13 Sep 2021 00:43:18 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2575 42 B
64 B 14ms
14ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstrL5sfnxXEf9HDAerE3JfBBqiRoBQDdCbQVKA2aEHC0CEE5_u3xZI6aUFRB3Rg2f60Z67QAQBF0b6Tpv_4wA7BAaJWveIbbP7m8jwH37M4zzFhoWhZ&sig=Cg0ArKJSzMgDyQ4dfpEkEAE&id=lidar2&mcvt=1000&p=84,316,174,1286&asp=84,316,174,1286&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210813&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=3163323242&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1628901797387&rpt=58&isd=0&lsd=0&msd=0&r=v&speed=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 00:43:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
185 B 151ms
48ms XHR
text/plain 185.64.189.226
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=160547
Requested by: Host: www.flomarching.com
URL: https://www.flomarching.com/polyfills-es2015.2ebf71d0bda85b2f65d1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 00:43:18 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.flomarching.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
97 B 175ms
72ms XHR
text/plain 185.64.189.226
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=160547
Requested by: Host: www.flomarching.com
URL: https://www.flomarching.com/polyfills-es2015.2ebf71d0bda85b2f65d1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 00:43:18 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.flomarching.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame C076 0
260 B 538ms
406ms Script
text/plain 185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=160547&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160547
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:19 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 8130 31 KB
10 KB 50ms
50ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 33d0055d1b702fe9fbad04895ac749f4b960b461ec4b1969d24535df841016fc

Request headers

Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 14 Aug 2021 00:43:19 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Jul 2021 17:07:27 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=26804
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9359
Expires: Sat, 14 Aug 2021 08:10:03 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8130
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjU5NmYwZjg0NjZiOGIzYzM2M2M5MjMyZDk4OTIyYTYzNDRlMzBjZg

170 B
232 B

1500ms
80ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjU5NmYwZjg0NjZiOGIzYzM2M2M5MjMyZDk4OTIyYTYzNDRlMzBjZg

Requested by

Host: www.flomarching.com
URL: https://www.flomarching.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 00:43:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjU5NmYwZjg0NjZiOGIzYzM2M2M5MjMyZDk4OTIyYTYzNDRlMzBjZg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 8130
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YRcRqAADduivcABg
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YRcRqAADduivcABg&_test=YRcRqAADduivcABg

0
239 B

48ms
48ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YRcRqAADduivcABg&_test=YRcRqAADduivcABg
Requested by: Host: www.flomarching.com
URL: https://www.flomarching.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Aug 2021 00:43:20 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1628901800.306061,VS0,VE0
x-served-by: cache-fra19161-FRA
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YRcRqAADduivcABg&_test=YRcRqAADduivcABg
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 8130
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDayozoIVNoO1R387_INgwY&google_cver=1

0
239 B

47ms
47ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDayozoIVNoO1R387_INgwY&google_cver=1
Requested by: Host: www.flomarching.com
URL: https://www.flomarching.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Aug 2021 00:43:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDayozoIVNoO1R387_INgwY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 451 709414.gif
id.rlcdn.com/ Frame 8130 0
66 B 1148ms
49ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif
Requested by: Host: www.flomarching.com
URL: https://www.flomarching.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:21 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 8130
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/0xIfWn1uQ5mRmxV_ciMkvcn5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3436555917658132694

0
239 B

169ms
45ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3436555917658132694
Requested by: Host: www.flomarching.com
URL: https://www.flomarching.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/gif

Redirect headers

date: Sat, 14 Aug 2021 00:43:20 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3436555917658132694
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 8130
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=1b196117-11a5-4100-8be9-6cf9afe2cb88

0
239 B

189ms
46ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=1b196117-11a5-4100-8be9-6cf9afe2cb88
Requested by: Host: www.flomarching.com
URL: https://www.flomarching.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/gif

Redirect headers

Date: Sat, 14 Aug 2021 00:45:36 GMT
Server: MT3 3831 a91c15f master cdg-pixel-x30
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=1b196117-11a5-4100-8be9-6cf9afe2cb88
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 14 Aug 2021 00:45:35 GMT

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 8130 70 B
264 B 60ms
60ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Requested by: Host: www.flomarching.com
URL: https://www.flomarching.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 00:43:20 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8130
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NCMjJNOU8tMjMtS1VTTg==

170 B
232 B

1405ms
81ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NCMjJNOU8tMjMtS1VTTg==

Requested by

Host: www.flomarching.com
URL: https://www.flomarching.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 00:43:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NCMjJNOU8tMjMtS1VTTg==
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 m-outer-775bcd17e5e345e5c78406e66e355cd7.html Show response
js.stripe.com/v3/ Frame 2A45 215 B
955 B 101ms
101ms Document
text/html 52.84.45.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-775bcd17e5e345e5c78406e66e355cd7.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.45.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-45-121.mrs52.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

4de975f97fecd028e959b36ad8636ff6b418f8894caa2ec16cf18581643ece47

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/m-outer-775bcd17e5e345e5c78406e66e355cd7.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.flomarching.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.flomarching.com/

Response headers

content-type: text/html; charset=utf-8
content-length: 215
x-amz-id-2: PagVuMOMX/fXUV9EUTxhYZTVnVDB4JJUYlRzphZj2NTrDPWABmA2U/b4m6L+mOs6oJL1SXdclKE=
x-amz-request-id: NQ1MFP5G95A3FYSV
last-modified: Wed, 04 Aug 2021 20:44:45 GMT
accept-ranges: bytes
server: AmazonS3
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
access-control-allow-origin: *
content-security-policy: default-src 'self'; connect-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none';
date: Sat, 14 Aug 2021 00:40:38 GMT
cache-control: public, max-age=300
etag: "775bcd17e5e345e5c78406e66e355cd7"
x-cache: Hit from cloudfront
via: 1.1 e79b73e5f9ad915693bd9b6946372e82.cloudfront.net (CloudFront)
x-amz-cf-pop: MRS52-P1
x-amz-cf-id: zMhwe4M-RQ_RECKPz5RJVW3etkJQxENLDukUhBbJRbfy8EVAH7gdJA==
age: 172

GET
H2 200 m-outer-6d5bfd64b1e0529131bed3eaf87b7c9b.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 2A45 1 KB
1 KB 112ms
111ms Script
application/javascript 52.84.45.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-6d5bfd64b1e0529131bed3eaf87b7c9b.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-775bcd17e5e345e5c78406e66e355cd7.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.84.45.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-84-45-121.mrs52.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

691b9a514dcd9541c4d3fa26dc23c391eaf00535415d84f9cda5f910fe721840

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/v3/m-outer-775bcd17e5e345e5c78406e66e355cd7.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
etag: W/"78581b5abad6c4e7b59c0f8ee45a8134"
age: 210
via: 1.1 e79b73e5f9ad915693bd9b6946372e82.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-request-id: ZN7TYCYBGKVRBYEH
x-amz-id-2: DHQoQvV11SCfo8jgb2K+YcRmu8AVmBp5f3zL9N2naSWIt+3nbhsAjn+T0t+2pT8I0qasz2MQ5yE=
last-modified: Wed, 04 Aug 2021 20:44:37 GMT
server: AmazonS3
date: Sat, 14 Aug 2021 00:39:52 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop: MRS52-P1
timing-allow-origin: *
x-amz-cf-id: IAEwvxxH9jOh97arxlf9osBNaEakgJMhC9r-xsgwS79lvqDbZb3DlQ==

POST
H3-29 204 collect
www.google-analytics.com/g/ 0
17 B 13ms
13ms Ping
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-03GX1D5BJ3&gtm=2oe8b0&_p=245173166&sr=1600x1200&ul=en-us&cid=220365323.1628901796&dl=https%3A%2F%2Fwww.flomarching.com%2F&dt=Marching%20%7C%20News%2C%20Videos%20%26%20Articles%20-%20FloMarching&sid=1628901796&sct=1&seg=0&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-03GX1D5BJ3&l=dataLayer&cx=c
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 00:43:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.flomarching.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 inner.html Show response
m.stripe.network/ Frame A4AB 932 B
1 KB 55ms
12ms Document
text/html 2600:9000:20eb:b800:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-6d5bfd64b1e0529131bed3eaf87b7c9b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20eb:b800:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c4a8402fde1e397bcabe7467c0de035e7851eeb1bad9af5d1b67487e7d7f2a4a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: m.stripe.network
:scheme: https
:path: /inner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://js.stripe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://js.stripe.com/

Response headers

content-type: text/html; charset=utf-8
server: nginx
last-modified: Thu, 12 Aug 2021 00:00:27 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-security-policy: default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
content-encoding: gzip
date: Sat, 14 Aug 2021 00:41:06 GMT
cache-control: public, max-age=300
etag: W/"6114649b-3a4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: W-MmlCEr8m-UVwNaHv8-HBfcGZvg8PCj_p4UP7e-MoED7AnhaCh1_A==
age: 135

GET
H2 200 out-4.5.40.js Show response
m.stripe.network/ Frame A4AB 85 KB
19 KB 14ms
13ms Script
application/x-javascript 2600:9000:20eb:b800:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.40.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20eb:b800:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

6a6915872afa798395a56c7aa50d086cb325ff7214ad78ada3c7a96350bbad39

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
etag: W/"6114649b-154bc"
age: 279
x-cache: Hit from cloudfront
last-modified: Thu, 12 Aug 2021 00:00:27 GMT
server: nginx
date: Sat, 14 Aug 2021 00:38:42 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
via: 1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
cache-control: public, max-age=300
content-security-policy: default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop: FRA2-C1
timing-allow-origin: *
x-amz-cf-id: g8_b3YUvXTBSkgCZ0ueDMU5SrKhaGSeNyf-6ITpxOZPNuQbRfyU9Vg==

POST
H2 200 6 Show response
m.stripe.com/ Frame A4AB 156 B
517 B 653ms
218ms XHR
text/plain 54.186.42.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.40.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.42.192 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

33e9f9cc059fb6ebb5391be831cd5f413311085f697d0ff920501f750de7971d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 14 Aug 2021 00:43:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
content-type: text/plain;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
strict-transport-security: max-age=31556926; includeSubDomains; preload
access-control-allow-headers: Content-Type

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2EE3 0
58 B 80ms
80ms Image
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BAMUHpREXYdGZC5rO7_UPpbuvgAQAAAAAOAHgBAI&bg=!srGlsfXNAAbOj6irzo87ACkAdvg8WmeP2PmzKP81BiAyppRJLM-_uRJyuEYWPRalV1A474zM3SSZUQIAAACGUgAAAA1oAQcKALolpryuyfOapujFtLv0waWqY86aCEbNvK25IjNNnFxG3X8UB26eMcksABc4_ZuGnWMShqHGb3AlvNicMQ-hcxtSsXND-JQhpEoP8tF6lqMJG2i-MvT79X-Bc5oS53J3sZ2HbaQRlMXxNLRFoqBT16UCDM0NpnYwnmoMIcvpu0TOlJD62kjJYgatfeuVBGxH3LN1cZao5YxuS1uvb5RjBaJ7K29l8M_PSdfGBcYNZrbIMMu-hMeoSvR35AiZAszmhmxOxqW49C9Rm3y_DnjEANmSjk3RiaLnF3wTGJ2ySaVBwXI5VHe8eA65MpcvZ-iA6xfhIub0v4XfezSdYt62FuG0FRbPSDdfm0F9SdSzzgy1m5u_Fgx7hzdgiMcZHOIWsfMeU8C9LYTcTyUFv1wP-lU6aTgWVs_gnkz-Xc_QdG19uTfrpSh0hAp3BS60pq43-Y8AfSSwvjdKKSuax6f1VX01gxnZia5WeqOpTvZwLnp_b3XLAyKlAt0BIzOoEUKTvG_PHrdbeFZGGEkmp1GLZ_5sCmeLgQ_-3YRKRr7awu03m8sgUtCo7lJ4R7VEixWyL5EV0n0HKb0ec9jNMimoGMXoiCgqBspoITmER7aR8my1wANc0xeA3Cf9b4WrD8RMDgdle-0Ddetv059QQMjg4-RgPdQQttBKjjuQ3S67RwuxzIN7tNebysuFeqLQx8U4cU8i5Y0fBAqD9W4CeviIbgtca-iQ49Tbn00R1Q4XFg74lmZNtb0VJUpRQL8rZw1bmaXfh7POas1OwJsKuaLHoyha2iEVjCudIkiy1AcYXd0JhLCp7EIkUEizydQ8eGflZrJneJH0K8kqFmg034-Nq7Orb3G8XEzwP2XfZ0EB_J7nta1ZsE7JirLcVFTLVVomgtjHoA6xlov3rYbm2r1nR6Xe4UjIheOF2Nvu54SaR5cHpMFoX6NGhBpR8V42lvyYkaMcBBr9i7WFy8F4KOr4wlkyflk75zO9La1FSlXZ3XxIg8P5pslc0SNFiO03qUxzEhH8ZEN_kUi_068CL9MzvywXu0Tsb_i05KF7jQtRVtnYkNyyK1mfrPhQummYaTwBuJ6JKK9hlQHsU02MgWET3_trOGuZFc7hIzRNKntctvWDZ9yaPA2OFhJxw8Y9hAJ2Vk_JDIzGkRwsN-g86wXVW7xNxjAacNMPgNzBB4UZ4FcnyYalq0fb6DwsIg

Requested by

Host: www.flomarching.com
URL: https://www.flomarching.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 00:43:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK crum
dsum-sec.casalemedia.com/ Frame 89D4 43 B
1 KB 79ms
79ms Image
image/gif 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=3d274556-8be1-465a-a6f9-5475012866c8&expiration=1636850604
Requested by: Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://um2.eqads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Aug 2021 00:43:25 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 14 Aug 2021 00:43:25 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 5406 31 KB
10 KB 52ms
51ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 33d0055d1b702fe9fbad04895ac749f4b960b461ec4b1969d24535df841016fc

Request headers

Referer: https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 14 Aug 2021 00:43:25 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Jul 2021 17:07:27 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=26798
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9359
Expires: Sat, 14 Aug 2021 08:10:03 GMT

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 5406 0
239 B 49ms
48ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/gif

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame C54A 0
182 B 203ms
66ms Document
text/html 52.30.148.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=ea5b4ws&ref=https%3A%2F%2Fwww.flomarching.com%2F&upid=uv8d36q&upv=1.1.3
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.148.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-148-233.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: insight.adsrvr.org
:scheme: https
:path: /track/up?adv=ea5b4ws&ref=https%3A%2F%2Fwww.flomarching.com%2F&upid=uv8d36q&upv=1.1.3
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.flomarching.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: TDID=b35d41fb-cdbb-462e-bed1-2d379e31cbab; TDCPM=CAESFwoIcHVibWF0aWMSCwiEneyc0bHvORAFGAEgASgCMgsItqHp8eex7zkQBTgBWgthZGNvbmR1Y3RvcmAC
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.flomarching.com/

Response headers

date: Sat, 14 Aug 2021 00:43:26 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 47ms
26ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021081001&st=env

Requested by

Host: www.flomarching.com
URL: https://www.flomarching.com/polyfills-es2015.2ebf71d0bda85b2f65d1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9c02528f819b69389ef0aec070ad2d9ccdb1f312a7e821995f101bf260f3adfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 14 Aug 2021 00:43:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8614
x-xss-protection: 0

POST
H2 200 t Show response
siop.flosports.tv/v1/ 21 B
73 B 706ms
706ms XHR
application/json 151.101.194.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://siop.flosports.tv/v1/t
Requested by: Host: www.flomarching.com
URL: https://www.flomarching.com/polyfills-es2015.2ebf71d0bda85b2f65d1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.flomarching.com
date: Sat, 14 Aug 2021 00:43:27 GMT
accept-ranges: bytes
content-length: 21
vary: Origin
content-type: application/json

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=634980329980573&ev=Navigation%20Timed&dl=https%3A%2F%2Fwww.flomarching.com%2F&rl=&if=false&ts=1628901806653&cd[browser]=Chrome&cd[component]=HomeComponent&cd[device]=Desktop&cd[page_category]=Home&cd[site_id]=27&cd[subscriber_portal_id]=27&cd[vertical]=flomarching&cd[action]=Navigate&cd[name]=Page%20Load&cd[ttfb]=376&cd[dom_interactive]=178&cd[dom_content_loaded]=310&cd[dom_complete]=11269&cd[dns]=14&cd[calculation_version]=1&sw=1600&sh=1200&v=2.9.44&r=stable&a=seg&ec=5&o=30&fbp=fb.1.1628901796198.1604526980&it=1628901796066&coo=false&dpo=LDU&dpoco=0&dpost=0&eid=ajs-4446f5e34233e1af1685e495db7b1f94&tm=2&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:26 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Sat, 14 Aug 2021 00:43:26 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j92&a=245173166&t=event&ni=0&_s=7&dl=https%3A%2F%2Fwww.flomarching.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Watch%20Home&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Watch&ea=Navigation%20Timed&ev=0&_u=aGBAgEAjAAAAAE~&jid=&gjid=&cid=220365323.1628901796&tid=UA-105225828-24&_gid=1487550766.1628901796&z=72935998

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 10:06:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 52628
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel;r=606896021;event=click;labels=Navigation%20Timed;rf=0;a=p-e8u2ehsCGVQg-;url=https%3A%2F%2Fwww.flomarching.com%2F;uht=2;fpan=0;fpa=P0-752184933-1628901796149;pbcn=1;pbc=650ec091-9d4b-442d-8ce...
pixel.quantserve.com/ 35 B
210 B 11ms
10ms Image
image/gif 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=606896021;event=click;labels=Navigation%20Timed;rf=0;a=p-e8u2ehsCGVQg-;url=https%3A%2F%2Fwww.flomarching.com%2F;uht=2;fpan=0;fpa=P0-752184933-1628901796149;pbcn=1;pbc=650ec091-9d4b-442d-8ce4-c6cd73a7ac1d;ns=0;ce=1;qjs=1;qv=eccc2c00-20210811224039;cm=;gdpr=0;ref=;d=flomarching.com;je=0;sr=1600x1200x24;dst=1;et=1628901806666;tzo=-120;ogl=locale.en_US%2Ctitle.Marching%20%7C%20News%252C%20Videos%20%26%20Articles%20-%20FloMarching%2Cdescription.Marching%20competitions%252C%20videos%252C%20news%252C%20%26%20articles%252E%20Watch%20%26%20stream%20live%20marching%20ev%2Cimage.https%3A%2F%2Fd6fm3yzmawlcs%252Ecloudfront%252Enet%2FogImages%2FMarching-1920x1080%252Ejpg%2Ctype.website%2Curl.https%3A%2F%2Fwww%252Eflomarching%252Ecom

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 00:43:26 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081001.js?31062246

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 00:43:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Sat, 14 Aug 2021 00:43:26 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame E3B8 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.flomarching.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.flomarching.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Fri, 13 Aug 2021 20:39:22 GMT
expires: Sat, 13 Aug 2022 20:39:22 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 14644
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B482 783 B
533 B 16ms
16ms Document
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

02ebcc5f89ddb5ffe49ba56d3440cdc6892859b2004548cf1b53189896164932

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KD0g52HW8e1kC2dejmYOCQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.flomarching.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=221=F82og0EcD5ILASl74goRnQTLi4yNkTWtWM4qJl6EHrpeqAg6Qoo7L0ym1hD8aeTdCEqk1_XjD4RxF59r300EwYX95i6i5fJJjSgwQDjLBk6XGjj2QoeSQaljMvzWQxcFN-qzIXZgXC59BEZnuNgm-EvM1Kr2W86jhKraHgx1OdE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.flomarching.com/

Response headers

expires: Sat, 14 Aug 2021 00:43:26 GMT
date: Sat, 14 Aug 2021 00:43:26 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-KD0g52HW8e1kC2dejmYOCQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 1ybhf5PHJCoiRTy-ubeljLlyS14gR-QFfTY_U8tl74U.js Show response
pagead2.googlesyndication.com/bg/ Frame E3B8 35 KB
13 KB 46ms
45ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1ybhf5PHJCoiRTy-ubeljLlyS14gR-QFfTY_U8tl74U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

d726e17f93c7242a22453cbeb9b7a58cb9724b5e2047e4057d363f53cb65ef85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 05:32:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69075
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13373
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 09:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 13 Aug 2022 05:32:11 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 82ms
82ms Image
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021081001&jk=941306300643587&bg=!-Pul-7_NAAbOj6irzo87ACkAdvg8Wn4lH4diji-DhUK7zZgWRJF6UcXjgOHA3jhenwh_St_Y2iJ38AIAAABVUgAAAAloAQeZAodQKeuSteODuHYse2Iz8ahE7Kar2LceMqBZ9wFIeYNx-Y5UZLh3nroT5Ame1aPxpQLh39ftu5zolPdjnn3DfSl_tCQuPZpOKskLSJE1GqTlf9NppzbiXIGFjGljETIxjzrQ2r-Ge8xYZsT5ewYZWnYWBYUb-AW7BkMdVB2t40_Dy7WGFjIXIBr1wiTWcZbzmyfk8ljCCaTbUMQUt1SdINbXh6dhEMUok_aKDDLdxS_JcQT_Bp17fe2tKGFIbczoPlkKJrYxCVGIAlJRA6yxvWXM-NzTWXwcPRywNWcrtmy7WHieeQexpuRi8utqN4ejVsG-tAj2vCbs4LG2EsQqAfc8bdiLE9D-wK3i2HdPfR9EkP6NjA8AgrVGI6k9s1jgQeaz-V_ksCzE22Vns2DtO8o5S88sewm5UWcuTWJL7r9qRCwPCIrPVAXT6zqTqTXuB36tW2tXe6nIlIW7--DvWEgOMPI5fVvJOIATMrr_wB2t5WGqPwiNmEr0Fe4ceGH6B8kamJS-5X2pTBku94jP38lREgcvEjW4WVoM5QUiVPRx0VwsdYgcaRBcwlEOIknxiLl2DPQ-Ssj7OGn66AG-29l_44VgFlr9qryWs0DQoqEwkaicLTKAMHUw9K34-T6Iw3OoKu60EeOEs2XFC1cX4pT7EJtHz2FcwcAAS48VF_SM1V3lSBSgQlz4miHI9P1LS6bzZzhHFbnLOvwlFAHqYz0u3JA7QCsZ22u1TRLGRivrKqdempA1E9nceNAJLH56oaffpBukA4dA_nh21y_8NXqKO63CDFwCdf8_DJM34W6YRbNC3vZsS_YEiANb7tAl7cPKWYWCnf5RdxEUtFB0hcQNTdnyQVP6yA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 00:43:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ats.js Show response
ats.rlcdn.com/ 184 KB
57 KB 170ms
49ms Script
application/x-javascript 65.9.73.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ats.rlcdn.com/ats.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160547/3819/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.73.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cffabe0948ab31d5e6574c15c4e0d494ecc146d91cd0434d684c9ace31f9c068

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 13 Aug 2021 08:04:54 GMT
content-encoding: br
last-modified: Fri, 11 Jun 2021 10:13:39 GMT
server: AmazonS3
age: 59914
etag: W/"535a44cb49d4769cf9ec82fbcba860c8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: KFvtQEF49ZQSVuqNgx9QL0DaILhmyKFe
via: 1.1 a156165ae278c5ddd408f18e7181dccd.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
content-type: application/x-javascript
x-amz-cf-id: cCML9_AEHnkRntBDS-1rymeYlgCgLXcWGYAY8htEzgr8Dz3JtkfK5g==

GET
H2 200 / Show response
geo.privacymanager.io/ 30 B
593 B 150ms
48ms Fetch
application/json 65.9.73.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: www.flomarching.com
URL: https://www.flomarching.com/polyfills-es2015.2ebf71d0bda85b2f65d1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.73.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 877caf9b036f02e5fdcff276cd942fb542b3335f698b8ea172d287c529c0001c

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 19:14:17 GMT
via: 1.1 a1cb6e97bccd4899987b343ae5d4c252.cloudfront.net (CloudFront), 1.1 362b298821815168614ba932732916eb.cloudfront.net (CloudFront)
age: 19750
x-amzn-requestid: 831444df-efe1-4ada-a48d-5684e4c0637e
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-6116c489-2707e3794654cc7c02e87626;Sampled=0
x-cache: Hit from cloudfront
x-amz-cf-pop: LHR3-C2, AMS1-C1
x-amz-apigw-id: EBOlkEyuDoEF-Xg=
content-length: 30
x-amz-cf-id: phUVn7KIGOiKYuh12gAiPfYfSfyBHUzqMylaKoQ_AEddYAm4Rz6omg==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

GET
H2 200 ping
ping.chartbeat.net/ 43 B
200 B 133ms
133ms Image
image/gif 54.88.105.93
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=flomarching.com&p=%2F&u=BWUp8ZDzIc3MDLUybN&d=flomarching.com&g=27388&g0=Watch&g1=No%20Author&n=1&f=00001&c=0.25&x=0&m=0&y=2550&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=4&r=&b=1166&t=DKr60UCCuhla84IBBEHt9s2D_n&V=128&tz=-120&_acct=anon&sn=3&sv=9W8QwCTdkT_D-L_AiBBfDEHCmGrx5&sd=1&im=06532c43&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.88.105.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-88-105-93.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 00:43:31 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

POST
H3-29 204 collect
www.google-analytics.com/g/ 0
17 B 14ms
13ms Ping
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-03GX1D5BJ3&gtm=2oe8b0&_p=245173166&sr=1600x1200&ul=en-us&cid=220365323.1628901796&_s=3&dl=https%3A%2F%2Fwww.flomarching.com%2F&dt=Marching%20%7C%20News%2C%20Videos%20%26%20Articles%20-%20FloMarching&sid=1628901796&sct=1&seg=1&en=Navigation%20Timed&_et=10394
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-03GX1D5BJ3&l=dataLayer&cx=c
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.flomarching.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 00:43:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.flomarching.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

295 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

54 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.eqads.com/	1970-01-19 22:40:50	Name: EQUser Value: UID=3d274556-8be1-465a-a6f9-5475012866c8
.adform.net/	1970-01-19 21:54:45	Name: uid Value: 5113922427259333072
.casalemedia.com/	1970-01-19 22:37:57	Name: CMPRO Value: 1105
.casalemedia.com/	1970-01-19 22:37:57	Name: CMPS Value: 1155
www.flomarching.com/	1970-01-19 20:28:23	Name: _cb_svref Value: null
.pubmatic.com/	1970-01-19 21:11:33	Name: SPugT Value: 1628901805
.casalemedia.com/	1970-01-19 20:29:48	Name: CMST Value: YRcRo2EXEawA
.pubmatic.com/	1970-01-19 20:28:21	Name: ipc Value: 160065^https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160065%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync.outbrain.com%252Fcookie-sync%253Fp%253Dpubmatic%2526obUid%253D5eOV3qK9wHr1Pnxyq7QjmSvK_34Fx1ou9KSYlX52qnibpJJ0vq-ch_Jd6akyI2yZ%2526uid%253D%2523PMUID^2^0
.doubleclick.net/	1970-01-20 05:49:57	Name: IDE Value: AHWqTUku17Jv-0R3s5e10f16aKcM7XFRHOBsb8HRP_zez0PtGrUnw3p7ZO379_3iH9o
.pubmatic.com/	1970-01-19 22:37:57	Name: chkChromeAb67Sec Value: 2
.pubmatic.com/	1970-01-19 22:37:57	Name: SyncRTB3 Value: 1630195200%3A35%7C1629504000%3A223%7C1630108800%3A7_71_21_56_54_3_161_13_220
.pubmatic.com/	1970-01-19 21:11:33	Name: KRTBCOOKIE_27 Value: 16735-uid:8bda6117-11a5-4100-9c32-67585b21793c&KRTB&16736-uid:8bda6117-11a5-4100-9c32-67585b21793c&KRTB&23019-uid:8bda6117-11a5-4100-9c32-67585b21793c&KRTB&23114-uid:8bda6117-11a5-4100-9c32-67585b21793c
.pubmatic.com/	1970-01-19 21:11:33	Name: KRTBCOOKIE_57 Value: 22776-3159346312987195551
.rubiconproject.com/	1970-01-20 05:13:57	Name: audit Value: 1\|naVuGyos1qq+bgT6uiJM5Jqpp78UDnSwKhjxf09oswcR7OB5rEhhEa9R9rS+z1HuFVvvrO0Vl4fggJ3pD4CYmyXv4D0lv28c0A+VO7RH1E0=
.pubmatic.com/	1970-01-19 21:11:33	Name: KRTBCOOKIE_391 Value: 22924-5113922427259333072&KRTB&23263-5113922427259333072
.3lift.com/sync	1970-01-19 22:37:57	Name: sync Value: CgoIgQIQxt_zkLQvCgoIkQIQxt_zkLQvCgoI4gEQxt_zkLQvCgoIkgIQxt_zkLQvCgoI5gEQxt_zkLQvCgoIhwIQxt_zkLQvCgkIOhDG3_OQtC8KCQgLEMbf85C0LwoJCF8Qxt_zkLQvCgkIHxDG3_OQtC8=
.pubmatic.com/	1970-01-19 22:37:57	Name: PUBMDCID Value: 3
.pubmatic.com/	1970-01-19 22:37:57	Name: DPSync3 Value: 1630108800%3A201_197_219%7C1628985600%3A174
.pubmatic.com/	1970-01-19 22:37:57	Name: KADUSERCOOKIE Value: CC7C6877-2A73-4B10-A400-04B134E1BA52
.flomarching.com/	1970-01-20 13:59:33	Name: _ga_03GX1D5BJ3 Value: GS1.1.1628901796.1.0.1628901796.0
.pubmatic.com/	1970-01-19 21:11:33	Name: PugT Value: 1628901799
www.flomarching.com/	1970-01-20 05:50:04	Name: cto_bidid Value: HWwcLl9yUFM2azA5RXFyUFlJYWVFRUF1dXcxRzAwMWpZejVOU2pkZ2diQlo1eEdpUEh3ZmRRZmFVdENEZXUlMkZBS3IlMkIwcnFSNkR3ODlsaVRIOVk5SFdkdHVKekElM0QlM0Q
www.flomarching.com/	1970-01-20 05:50:04	Name: cto_bundle Value: -_rKpl9heWloR1FMYmVJellTTVhMOEJsR1dRa2pXVHVRciUyQkkxNVFHOSUyRmg5bllwZ0E0UyUyQm1XJTJGYkFJRER5NDNralB6bnBQZTZLME5OcXd0SzZDWDZUbWJRSWFBNTdWdW5TNXVKJTJGRzI2M2h5aTZzb3U1Qzh0aTZIS0pTbGtVTlVlN1BPaFA
.3lift.com/	1970-01-19 22:37:57	Name: tluid Value: 12851295919676944657
.rubiconproject.com/	1970-01-20 05:13:57	Name: khaos Value: KSB22M9O-23-KUSN
.pubmatic.com/	1970-01-19 22:37:57	Name: KRTBCOOKIE_80 Value: 22987-CAESEC9fyT-FYmboZaKglTPX0wo&KRTB&16514-CAESEC9fyT-FYmboZaKglTPX0wo&KRTB&23025-CAESEC9fyT-FYmboZaKglTPX0wo
.flomarching.com/	1970-01-19 20:29:48	Name: _gid Value: GA1.2.1487550766.1628901796
www.flomarching.com/	1970-01-19 21:11:33	Name: _pbjs_userid_consent_data Value: 3524755945110770
.rubiconproject.com/	1970-01-19 20:30:07	Name: vis2 Value: 373064^1
.rubiconproject.com/	1969-12-31 23:59:59	Name: rsid Value: 1\|AIfsdBUH+v3fWCPuzNowDE/csJlhOqmt0nZRUZWfOgh1poCfUm/pXMGaZ9WE5/rIRx3CvDzGDmXGQhinMyiRFxj1oVYGhl0PykR7JZeOex0hvG2vYKQxffShJKG3Nw==
.casalemedia.com/	1970-01-20 05:13:57	Name: CMRUM3 Value: 08611711a5276060fc15b6-e0d5-4fc3-b539-851fb74027fa&e6611711a42760&ce611711a505a0&2f611711ac2760lSlqFtNj1MeHLK5&be611711a505a0&33611711a505a0&2e611711a505a0&2d611711a92760CAESEEtSTl_anYXWibW1858IzYo&f1611711a405a0&28611711a405a00&49611711a505a0&27611711a40b40&04611711a505a0&bf611711a405a0&03611711a527601b196117-11a5-4100-8be9-6cf9afe2cb88
www.flomarching.com/	1970-01-19 21:11:33	Name: pbjs-unifiedid Value: %7B%22TDID%22%3A%22b35d41fb-cdbb-462e-bed1-2d379e31cbab%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222021-07-14T00%3A43%3A18%22%7D
.flomarching.com/	1970-01-20 05:13:57	Name: ajs_anonymous_id Value: %224dc50bbe-4b2d-4bf0-92c7-ca28c199db51%22
www.flomarching.com/	1970-01-20 05:57:09	Name: _cb_ls Value: 1
.www.flomarching.com/	1970-01-20 05:13:57	Name: __stripe_mid Value: cc876f43-5d7f-4c44-b422-fd3a050fe740b997f7
www.flomarching.com/	1970-01-19 21:11:33	Name: _lr_env_src_ats Value: false
.pubmatic.com/	1970-01-19 21:11:33	Name: KRTBCOOKIE_377 Value: 6810-b35d41fb-cdbb-462e-bed1-2d379e31cbab&KRTB&22918-b35d41fb-cdbb-462e-bed1-2d379e31cbab&KRTB&23031-b35d41fb-cdbb-462e-bed1-2d379e31cbab
.gumgum.com/	1970-01-20 05:13:57	Name: vst Value: e_c79a09d6-2be0-4836-95dd-9892fc85b2fc
.www.flomarching.com/	1970-01-19 20:28:23	Name: __stripe_sid Value: 6903d5b8-9bc5-406a-922a-f0647b969909996493
.flomarching.com/	1970-01-20 05:49:57	Name: __gads Value: ID=4c30f06443c2d732:T=1628901796:S=ALNI_MbidCsz8EwBbMnrISJY2XnJ3BFPoQ
www.flomarching.com/	1970-01-20 05:57:09	Name: _cb Value: BWUp8ZDzIc3MDLUybN
.flomarching.com/	1970-01-19 21:11:33	Name: _pubcid Value: 650ec091-9d4b-442d-8ce4-c6cd73a7ac1d
.flomarching.com/	1970-01-19 20:28:21	Name: _gat Value: 1
www.flomarching.com/	1970-01-19 20:28:25	Name: _lr_retry_request Value: true
.casalemedia.com/	1970-01-20 05:13:57	Name: CMID Value: YRcRo0fgEjsXzRMc5XLtngAA
eus.rubiconproject.com/	1970-01-19 22:37:57	Name: pux Value: 1512%3D101833%262249%3D101833%262307%3D101833%262974%3D101833%263778%3D101833%262249-DV360-Hosted%3D101833%26idl%3D101833%26goog%3D101833%26
.adnxs.com/	1970-01-19 22:37:57	Name: uuid2 Value: 3159346312987195551
.flomarching.com/	1970-01-20 05:52:50	Name: __qca Value: P0-752184933-1628901796149
.flomarching.com/	1970-01-19 21:13:00	Name: x-flo-ab Value: flo_12894_signup_copy_v3-2\|flo_12811_ads_on_premium_vods-1\|flo_12887_google_social_login_v2-1\|flo_12890_testimonials_v2-0\|flo_12846_reactivate_button_v3-1\|flo_13608_usd_on_bikes-1\|flo_13616_watch_on_web_v2c-0\|flo_13720_vod_transmit_ads_v2-0\|flo_13740_favorites_in_front_of_pay-1\|flo_13965_annual_pricing_language-1\|flo_13801_athletes_teams_nav-1
.flomarching.com/	1970-01-19 22:37:57	Name: _fbp Value: fb.1.1628901796198.1604526980
.rubiconproject.com/	1970-01-19 20:30:07	Name: ses2 Value:
.flomarching.com/	1969-12-31 23:59:59	Name: _dlt Value: 1
www.flomarching.com/	1970-01-20 05:57:09	Name: _chartbeat2 Value: .1628901796088.1628901796088.1.9W8QwCTdkT_D-L_AiBBfDEHCmGrx5.1
.flomarching.com/	1970-01-20 13:59:33	Name: _ga Value: GA1.1.220365323.1628901796

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://ads.pubmatic.com/AdServer/js/pwt/160547/3819/pwt.js(Line 1) Message: fun-hooks: referenced 'registerAdserver' but it was never created
console-api	error	URL: https://www.flomarching.com/polyfills-es2015.2ebf71d0bda85b2f65d1.js(Line 1) Message: Unhandled Promise rejection: Cannot read property 'getItem' of null ; Zone: <root> ; Task: Promise.then ; Value: TypeError: Cannot read property 'getItem' of null TypeError: Cannot read property 'getItem' of null at https://ats.rlcdn.com/ats.js:1:169295 at Je (https://ats.rlcdn.com/ats.js:1:169337) at https://ats.rlcdn.com/ats.js:1:167789 at c (https://ats.rlcdn.com/ats.js:1:31651) at Generator._invoke (https://ats.rlcdn.com/ats.js:1:31404) at Generator.next (https://ats.rlcdn.com/ats.js:1:32010) at n (https://ats.rlcdn.com/ats.js:1:1495) at s (https://ats.rlcdn.com/ats.js:1:1706) at https://ats.rlcdn.com/ats.js:1:1765 at new D (https://www.flomarching.com/polyfills-es2015.2ebf71d0bda85b2f65d1.js:1:21488)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=900

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4788290a-f608-454f-9b84-d62b35cdcd20.redfastlabs.com
a1a4ef964424114d68c538763efe3d7c.safeframe.googlesyndication.com
acdn.adnxs.com
ad.360yield.com
ad.turn.com
ads.avct.cloud
ads.pubmatic.com
adservice.google.com
adservice.google.pl
ajax.googleapis.com
api.rlcdn.com
apis.google.com
app30.flosports.tv
ats.rlcdn.com
b1sync.zemanta.com
beacon.lynx.cognitivlabs.com
bh.contextweb.com
btlr.sharethrough.com
c.amazon-adsystem.com
c.bing.com
c1.adform.net
c2shb.ssp.yahoo.com
cdn.oribi.io
cm.g.doubleclick.net
connect.facebook.net
creativecdn.com
cs.emxdgt.com
d2779tscntxxsw.cloudfront.net
d5p.de17a.com
dis.criteo.com
dmp.brand-display.com
dsum-sec.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
flomarching.com
geo.privacymanager.io
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
insight.adsrvr.org
js-sec.indexww.com
js.adsrvr.org
js.stripe.com
live-api-3.flosports.tv
m.stripe.com
m.stripe.network
match.adsrvr.org
match.deepintent.com
match.sharethrough.com
mug.criteo.com
mwzeom.zeotap.com
ow.pubmatic.com
p.rfihub.com
pagead2.googlesyndication.com
pbs.publishers.tremorhub.com
ping.chartbeat.net
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-match.dotomi.com
resources.xg4ken.com
rtb.gumgum.com
rules.quantcount.com
s.amazon-adsystem.com
s0.2mdn.net
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
siop.flosports.tv
spl.zeotap.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
static.chartbeat.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
t.pubmatic.com
tags.srv.stackadapt.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
um.simpli.fi
um2.eqads.com
ups.analytics.yahoo.com
us-u.openx.net
www.facebook.com
www.flomarching.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
104.109.78.125
13.224.193.90
13.248.242.197
142.250.184.194
142.250.185.162
142.250.185.194
142.250.185.98
151.101.130.114
151.101.14.49
151.101.194.114
151.101.2.114
159.253.128.188
169.197.150.8
178.250.0.163
178.250.2.146
18.157.193.56
18.195.155.181
18.195.58.36
18.233.75.25
184.31.84.150
185.184.8.65
185.29.135.227
185.33.221.53
185.64.189.110
185.64.189.112
185.64.189.114
185.64.189.116
185.64.189.226
185.64.190.78
185.64.190.79
185.64.190.80
185.64.190.81
185.86.139.104
193.0.160.128
193.122.128.135
198.148.27.140
2.18.232.130
2.18.233.180
2.18.234.21
2.19.35.65
2001:678:cb4:bbbb::11
202.241.208.100
208.100.17.171
213.155.156.168
213.19.147.45
213.19.162.61
2600:1f18:612b:4200:3aa:8894:1069:c551
2600:9000:20eb:b800:19:7d10:bd80:93a1
2600:9000:20eb:d400:18:1fcd:34f:cdc1
2600:9000:2104:4a00:6:3e38:9800:21
2600:9000:2104:b200:6:44e3:f8c0:93a1
2600:9000:21f3:1c00:17:5c81:fb80:93a1
2600:9000:21f3:3a00:13:c079:7880:93a1
2606:4700:10::6816:1857
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2620:1ec:c11::200
2a00:1288:110:c305::8000
2a00:1450:4001:802::2004
2a00:1450:4001:803::200a
2a00:1450:4001:808::2008
2a00:1450:4001:808::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2003
2a00:1450:4001:827::2002
2a00:1450:4001:827::200e
2a00:1450:4001:828::2001
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2006
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a00:1450:4001:831::200a
2a00:1450:400c:c08::9d
2a02:2638::1c
2a02:fa8:8806:13::1400
2a03:2880:f045:10:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.123.143.157
3.126.220.154
3.126.56.137
34.120.133.55
34.98.64.218
35.156.78.196
35.241.40.233
35.244.174.68
37.157.4.23
37.252.172.36
51.210.112.236
52.19.154.16
52.202.228.151
52.205.83.58
52.208.103.128
52.208.210.171
52.28.203.152
52.30.148.233
52.46.130.91
52.59.115.28
52.84.44.170
52.84.45.121
54.186.42.192
54.194.211.3
54.87.192.123
54.88.105.93
54.90.144.255
64.202.112.127
65.9.73.18
65.9.73.23
65.9.73.41
65.9.78.118
69.173.144.139
70.42.32.95
76.223.111.18
02ebcc5f89ddb5ffe49ba56d3440cdc6892859b2004548cf1b53189896164932
030d7c998269627b04c6d9fdc96c2a704c4c7d00142a598635555227589311cc
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
060ea0ac3c4e50f805673b0f458b0b2a671cb6b3cae6d4a537c683a26356e834
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0a9beef5ee6896e9bc44d1bdaee3d5e5391fc88b9fff13993d23e59ceb37f8a0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c4a6e852dacaa95701c33001ec71f74850f06ae6eb90e625d24737326cf7994
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
0ed8aa0254183d470b8cdb2af9390b8a3c665c2df20781c751ee0e4035c36168
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
10eb0d993f73e9302344725ed4e59deba677c020bc510edad479d057e6f1d05d
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
1385a1b4e302c35b69c4264a59cfb51244eff272631291e996feb2a7d956f25f
1392069733eb4c6d6df8d79771ff6a86d03d5b21ae55296054c370e744864802
13dc7983f0f20952c727e55aeac98d6c5f8a78425822870190ec747a7448e6ad
163954c4821b36836cef3f5c69240a1d0c234418a2b6b6d69558ae196c8dfdf4
1844b83d89f8ad298b8f7496a9d793dee535781736b8e12e886f3acbffd69dcc
1c3bd00be556bf95f92a2ab1119b8b26544a1997ab0c09f86490bc32339ad32e
1d6d3b9f8e0313f53a32160e14ffb19c80aa84fc2534b3d4acdfe8880059d83f
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
1f31fbd6c353cda90b0acbfcc0a8f3beb7051e216bb4d9b8007816f58941c44a
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
281ebcf418fe495868ff63157a5780d68b4f52452b1c210557a4305d72447ad1
2bd891156214f92463ac5242f1baa7a1db087992fd54d78cc939a99b10f0856a
2ccd8fcc4e2192f8357210525c1ebcc55343bc710c87e7dc5c198e540b4d3203
2d0c068778f9ddf50cfd9b3ba3dae7d045cad544b1b9efabeb647bef10fa170c
31dc5ab8323d97d4c0afea8a8d1b3d52f3d64e35f70bc7802519f0ee4cc39a6a
33d0055d1b702fe9fbad04895ac749f4b960b461ec4b1969d24535df841016fc
33e9f9cc059fb6ebb5391be831cd5f413311085f697d0ff920501f750de7971d
37498a8e0dc72bfd2ca25db11c1757695609c9a352bf3e05ddb71628dc4b217e
37fbc56848d8a6f47f63521ede0688ab5769b28faecbd34e9fecbfc9e1dcd029
3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66
3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7
3d45e17edaa2bd0c9d3de3f020b1a890f8a6fd81ea69cd1a9aa26f7a89054da5
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4121372dac2d72f2debea8d91e375c525cb66249dd1812aa1f67ddf999c17c05
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4691b46e5ed0f4452b0b1a0651408350fc5d99a1b17b71e64602d2353f8b8109
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48f0843f79cffa9ff89aff9dce8cf1b00bcbfdcb4ff4b5bc04d1ed067b67edd1
4afecaa473d14d021d631ed55b529c72e2ca6614da1de0b3b995a801c5872f63
4b375fd81efc46a2aa06055ad2ab2b1f7ea3b524a52396c746e7313447b55a61
4de975f97fecd028e959b36ad8636ff6b418f8894caa2ec16cf18581643ece47
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51f304d81d7c53907c11bf1fd42ec6b9631e35163bccde1f6b176b104ef7eacb
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55bc7f344301bb4134213fdd47aa1f03dcd41ca5f1164fa61893c00ba4b94bc1
5752a3425159ff555cb77ed0b34e5727ccf227b3e7f6dc3c4d01d21eb9a158ed
5a0c72ca12bddce31f01a7b21048970cbf8225b7b6257b51fe62835ba67e12f9
5ec901495f68ec38ecf49ec132c8ffaeed049bc7865691a539ebd01f074dfa94
5fa8481878b49167133eff726e4ab736239b15e171b6c668718f63e29165eb2e
612e6b00354d56a1726cd40dc9a28d83ffda033d63214eae704d1e61ef59b3b5
6276ef44e1b039a72a40be45493677f307cd6788f0db0c7a384006375ffd2b3d
6401f2e25898c6034f2b33dead7f4f3d57fa4b23e63b04df6efe1e0df1271131
669a7761d32471eec3ff2fbaf0836575a15ab8616e6ad72a9cd3578dcb86d0de
66e15eee954519921a7153ab235ea09cd92cac7f8beae4eedb1ec4eb26df3458
691b9a514dcd9541c4d3fa26dc23c391eaf00535415d84f9cda5f910fe721840
6a6915872afa798395a56c7aa50d086cb325ff7214ad78ada3c7a96350bbad39
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6be2d3525ac65706af2673badcb5232afe47ae9e1bf5099948db1f767565b8b7
71108fc3ed6547574504446a633969af8f709d6bc30b75301c43a3ff1d61d6b4
72f303712229aedd969de04a9bae84be2c9c0f7e22a3387499474df19de0e9c6
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7761979199bf20d25fe4726392f9e6c268295e5d179b2bb5a683cb10fb6ad0d2
79cc39ab51de99510d98e22dfc56bd456b3ffbb29671e3d2e61719ee50792565
7c0d08933537eec00050d60f0955e4088385a35bcb115e7d9d8fe9016cb17b2c
7d868f0fc96c8639f7dc7d79e5921917e5148074e6502b5383ce120b1e3f3ce1
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
813da193d2491df516bbda18ec2172783c70b3ee25e755348588c2f71db674da
8142b23b08d6b668705c31424ce4f71db119128a5b56d29a985cccedf675f66e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
877c08ad97253f76277c2e8b38beec5c407f25b3bbc2bc59647eeaa33508d228
877caf9b036f02e5fdcff276cd942fb542b3335f698b8ea172d287c529c0001c
883e29abad1c269bf9efc4d908a69cfd872469bddc6321714c89f641b9b8967c
88d66dd235a51db8964750afb6766283c32d0a0e0f07f310a13b13935b4ddb7b
89333ea77c09ad38607e6ea817a20f0cd3eed25e6f992a2c710c7514084656db
8938c578cb609a095da3e62c54aa6a8a2b278561bb51eeb98b4dd714181162a8
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8a106b8652b91ab3ac437fa477ffbe98af9fb3db2456128af897ab098c52349e
8cc2e0240761836b85800156847304dee1879ccd514846733fb710cdb830c5ae
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
91c52f74446960de5f120555da753975d717c24ac3c101c696d3d9aa764ce49c
91eb2998154e2d85718ebf126a15dd2bc043c29f1b9af4192e9ed600bab9046b
9270785b7bdfb22633fbabd7e1ad13ffc06bc99ec0955e68f62c983ff529e7b1
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
95b17ad661699c049d42195b8ccd1d855045a1fcfbd20d8609a6d87fa5703810
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
999a1f816dc7558feadba3fcdb682a974851a11b7d9b3c6386f288b62a2650e4
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9c02528f819b69389ef0aec070ad2d9ccdb1f312a7e821995f101bf260f3adfc
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a492c608a17e551b2718602bc34222f0952188b42127595afcafd5b86f23323c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a734a9ed391eabb9b4ce0a6db4ab199bd03abee8bbe756b3917c81d4062662dd
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a900d6393129a670d397bbaa2a15ec0cbfda01b22d9bacb4ce2d1f4bf6c77ca2
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2482d7fb3fbb58fa8c029b7237aaacde13628966abbcc74a76a565da23eec40
b559bcc186aaab30f3995f33ceb09f366a89df958d3903d68bcabc75f3cfcff0
b5b7a750630ae55f522395642f16a3a13a3d43e27679ec65dfd4737f46ff3ea5
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b8bce86865b37d63bc547996728b11fd6d80ddfcc926ef00038749570219a78c
ba302e46d9c96068219a0b2391af3e44a1e5f8b1f6c5a880c6ab008ddc7d854a
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c04789a4fbbb25f63ccd19d28273ff5530c60a3e46fb6d78f45dff3459a1ad53
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3d7e02d38961a14eb6593672d7dca6719efd1f9f907ecb9a3397a884cea8642
c4243f7f5aa95631ca62fab376c3804859e808b66d373d07270872d23b8b081b
c4a8402fde1e397bcabe7467c0de035e7851eeb1bad9af5d1b67487e7d7f2a4a
c57668d799c05b305d72263688290fbfd9d4f7ec2e86cfece76501bc4da3c85a
c7d3fd3b472734275f5326d71a9bd9f92132a99526af56642ca920c9ad981562
c8804f79c4dc4d92da7ef9e8940574296a91e895a26a281d9b661d1949e67d6b
c8965c190e3d63121553f0f8af08d24178fcb4ed5745252627b882d2c6f4eb44
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf6e6e7f929f310bc6bc0a087d7a9b34314104917001c9a9947aaf1622e61663
cffabe0948ab31d5e6574c15c4e0d494ecc146d91cd0434d684c9ace31f9c068
d726e17f93c7242a22453cbeb9b7a58cb9724b5e2047e4057d363f53cb65ef85
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
df60f2af3195129f46caa850374e3d6095424a40f529811ebba7cfeabb7bd3c2
e27b7e86082eae3822f7182bcc00a3b03272b9bb62c54a388588c15e79b401de
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e522aef7f4a48d6be72e5cd47ace8dfa736df9728c1c4c1af30cf57d869b9df6
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e7a1375f883984026b922acfbe7cbc0bd02effdbfbfdde9354922a6055502624
ecb21dfcccca26bfa76080c5e80c2f6a56deb4510378f9e99cfccf090ced00ec
ee8a7b1f8ee4f795df728f703b21ba03148b32a44c724348205926adb1c720e1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0baed7b640416225f22ce166314bc89ec44cda300fa1d3626dffed70edde7ca
f51278e5dc725439bb4feea142914eb646127b5bb1b1b0e64cdff601f4aa11bf
f552ba1d7c4557836e064793708dbf89c980811eb7b0c06f081145ae0a8df367
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f9da31cabd7ad9f32c9a2c18ce1838a6eaeeca9fbf55995a3e5a2abb2aface6b
ffcedaf21dc62b75ab720ed6ddef08aa642408c244f3c34759549115e8cffa4b

www.flomarching.com Open in urlscan Pro 151.101.130.114 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

299 Requests

100 %HTTPS

29 %IPv6

75 Domains

119 Subdomains

89 IPs

10 Countries

3107 kBTransfer

8368 kBSize

54 Cookies

5 Outgoing links

Page URL History

Redirected requests

299 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.flomarching.com Open in urlscan Pro
151.101.130.114 Public Scan

Screenshot
Live screenshot

Full Image

299
Requests

100 %
HTTPS

29 %
IPv6

75
Domains

119
Subdomains

89
IPs

10
Countries

3107 kB
Transfer

8368 kB
Size

54
Cookies

299 HTTP transactions
2 data transactions