www.xxlmag.com Open in urlscan Pro
192.229.233.172 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.xxlmag.com/
Effective URL:
https://www.xxlmag.com/
Submission: On July 27 via manual (July 27th 2022, 8:15:08 am UTC) from US — Scanned from DE

Summary HTTP 334 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 84 IPs in 10 countries across 66 domains to perform 334 HTTP transactions. The main IP is 192.229.233.172, located in United States and belongs to EDGECAST, US. The main domain is www.xxlmag.com. The Cisco Umbrella rank of the primary domain is 193827.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on July 3rd 2022. Valid for: 4 months.

This is the only time www.xxlmag.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 25	192.229.233.172 192.229.233.172	15133 (EDGECAST) (EDGECAST)
32	192.229.144.129 192.229.144.129	15133 (EDGECAST) (EDGECAST)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:214... 2600:9000:214f:8600:7:7419:8e80:21	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
4	23.35.236.247 23.35.236.247	16625 (AKAMAI-AS) (AKAMAI-AS)
4	192.229.233.218 192.229.233.218	15133 (EDGECAST) (EDGECAST)
8	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1 1	2a03:2880:f21... 2a03:2880:f21c:80c4:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK)
1 2	2a03:2880:f20... 2a03:2880:f207:e5:face:b00c:0:4420	32934 (FACEBOOK) (FACEBOOK)
3	23.206.210.112 23.206.210.112	16625 (AKAMAI-AS) (AKAMAI-AS)
6	65.9.71.118 65.9.71.118	16509 (AMAZON-02) (AMAZON-02)
4	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
4	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
5	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
2	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2	34.95.69.49 34.95.69.49	15169 (GOOGLE) (GOOGLE)
1	34.120.133.55 34.120.133.55	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
11	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:13::1460	41041 (VCLK-EU-SE) (VCLK-EU-SE)
4	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
4	104.96.149.237 104.96.149.237	16625 (AKAMAI-AS) (AKAMAI-AS)
4	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a02:fa8:8806... 2a02:fa8:8806:12::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
3	18.193.53.70 18.193.53.70	16509 (AMAZON-02) (AMAZON-02)
3	35.157.192.91 35.157.192.91	16509 (AMAZON-02) (AMAZON-02)
5	34.252.153.54 34.252.153.54	16509 (AMAZON-02) (AMAZON-02)
6 12	185.89.210.181 185.89.210.181	29990 (ASN-APPNEX) (ASN-APPNEX)
3	178.162.133.150 178.162.133.150	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
3	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
9	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
3	34.107.148.139 34.107.148.139	15169 (GOOGLE) (GOOGLE)
6	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
15	159.89.246.130 159.89.246.130	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
6	2602:803:c003... 2602:803:c003:200::51	26667 (RUBICONPR...) (RUBICONPROJECT)
12 27	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	13.32.110.60 13.32.110.60	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
3	143.204.215.49 143.204.215.49	16509 (AMAZON-02) (AMAZON-02)
1	92.123.36.4 92.123.36.4	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:803::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::200d	15169 (GOOGLE) (GOOGLE)
1 3	172.217.16.134 172.217.16.134	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::ac43:4686	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	2606:4700::68... 2606:4700::6812:a4f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	143.204.215.108 143.204.215.108	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::ac43:4513	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	130.211.23.194 130.211.23.194	15169 (GOOGLE) (GOOGLE)
6	23.35.236.201 23.35.236.201	16625 (AKAMAI-AS) (AKAMAI-AS)
3	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:214... 2600:9000:214f:b200:1f:2473:9080:93a1	16509 (AMAZON-02) (AMAZON-02)
8	23.205.235.133 23.205.235.133	16625 (AKAMAI-AS) (AKAMAI-AS)
3	13.32.27.88 13.32.27.88	16509 (AMAZON-02) (AMAZON-02)
3	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
1	141.95.98.70 141.95.98.70	16276 (OVH) (OVH)
3	216.52.2.39 216.52.2.39	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
3	18.184.174.1 18.184.174.1	16509 (AMAZON-02) (AMAZON-02)
3 3	193.0.160.129 193.0.160.129	54312 (ROCKETFUEL) (ROCKETFUEL)
3	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
3	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
6 6	52.57.39.168 52.57.39.168	16509 (AMAZON-02) (AMAZON-02)
12 13	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1	198.47.127.19 198.47.127.19	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 3	23.75.240.210 23.75.240.210	16625 (AKAMAI-AS) (AKAMAI-AS)
12	54.225.165.83 54.225.165.83	14618 (AMAZON-AES) (AMAZON-AES)
2 8	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
3 3	88.214.206.247 88.214.206.247	46636 (NATCOWEB) (NATCOWEB)
3	198.47.127.18 198.47.127.18	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
3	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
4 8	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
5 9	52.46.128.147 52.46.128.147	16509 (AMAZON-02) (AMAZON-02)
1 1	34.111.151.213 34.111.151.213	15169 (GOOGLE) (GOOGLE)
2 2	135.125.160.77 135.125.160.77	16276 (OVH) (OVH)
2	63.251.232.165 63.251.232.165	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
1	52.213.169.152 52.213.169.152	16509 (AMAZON-02) (AMAZON-02)
2 2	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
1	23.21.82.230 23.21.82.230	14618 (AMAZON-AES) (AMAZON-AES)
1 1	34.205.21.143 34.205.21.143	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1 1	2620:116:800d... 2620:116:800d:21:ef75:8280:f209:5ba1	16509 (AMAZON-02) (AMAZON-02)
4 4	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1288:f03... 2a00:1288:f03d:1fa::2000	10310 (YAHOO-1) (YAHOO-1)
1 1	2a05:d018:d29... 2a05:d018:d29:3602:b7de:b03a:b6d2:ca61	16509 (AMAZON-02) (AMAZON-02)
2 3	52.95.125.22 52.95.125.22	16509 (AMAZON-02) (AMAZON-02)
334	84

25 192.229.233.172 (United States) 1 redirects

ASN15133 (EDGECAST, US)

www.xxlmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 192.229.144.129 (United States)

ASN15133 (EDGECAST, US)

townsquare.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:8600:7:7419:8e80:21 (United States)

ASN16509 (AMAZON-02, US)

doi3unldljdx6.cloudfront.net.	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.35.236.247 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.229.233.218 (United States)

ASN15133 (EDGECAST, US)

cdn.production.townsquareblogs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f21c:80c4:face:b00c:0:43fe (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

platform.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f207:e5:face:b00c:0:4420 (Vienna, Austria) 1 redirects

ASN32934 (FACEBOOK, US)

www.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.206.210.112 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-210-112.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 65.9.71.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-71-118.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.69.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.69.95.34.bc.googleusercontent.com

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1460 (Singapore)

ASN41041 (VCLK-EU-SE, US)

proc.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.72 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.96.149.237 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-149-237.deploy.static.akamaitechnologies.com

cdn.conversant.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)

as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:fa8:8806:12::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)

api.conversant.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.193.53.70 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-53-70.eu-central-1.compute.amazonaws.com

krk.kargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.157.192.91 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-192-91.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.252.153.54 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-153-54.eu-west-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 185.89.210.181 (Frankfurt am Main, Germany) 6 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 939.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.162.133.150 (Rijswijk, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com

apex.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

townsquaremedia-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 159.89.246.130 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

e.serverbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
x.serverbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2602:803:c003:200::51 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 104.18.18.126 (None, ) 12 redirects

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.110.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-60.vie50.r.cloudfront.net

hb.undertone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.215.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-49.fra53.r.cloudfront.net

static.solutionshindsight.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.123.36.4 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-36-4.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.16.134 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f134.1e100.net

5352434.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4686 (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:a4f (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

action.dstillery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
action.media6degrees.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-108.fra53.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4513 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:214f:b200:1f:2473:9080:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.undertone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.27.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-88.fra56.r.cloudfront.net

sync.serverbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.70 (France)

ASN16276 (OVH, FR)
PTR: ns3216620.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.52.2.39 (United States)

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.184.174.1 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-174-1.eu-central-1.compute.amazonaws.com

cs.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 193.0.160.129 (United States) 3 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.162.133.149 (Rijswijk, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.57.39.168 (Frankfurt am Main, Germany) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-39-168.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 18.156.0.31 (Frankfurt am Main, Germany) 12 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.75.240.210 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-75-240-210.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 54.225.165.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-225-165-83.compute-1.amazonaws.com

usr.undertone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 69.173.144.139 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 88.214.206.247 (United Kingdom) 3 redirects

ASN46636 (NATCOWEB, US)
PTR: buycheapfags.com

cs.admanmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 198.47.127.18 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.16.194 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 52.46.128.147 (Ashburn, United States) 5 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.151.213 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 213.151.111.34.bc.googleusercontent.com

dmp.brand-display.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 135.125.160.77 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ns3195934.ip-135-125-160.eu

gu.dyntrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.251.232.165 (United States)

ASN29791 (VOXEL-DOT-NET, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.213.169.152 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-169-152.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.21.82.230 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-21-82-230.compute-1.amazonaws.com

rtb.adentifi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.205.21.143 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-21-143.compute-1.amazonaws.com

s.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:ef75:8280:f209:5ba1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.138 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:f03d:1fa::2000 (United Kingdom)

ASN10310 (YAHOO-1, US)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:b7de:b03a:b6d2:ca61 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.95.125.22 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	townsquare.media townsquare.media — Cisco Umbrella Rank: 20648	1 MB
31	casalemedia.com 12 redirects as-sec.casalemedia.com — Cisco Umbrella Rank: 1305 htlb.casalemedia.com — Cisco Umbrella Rank: 553 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 460 r.casalemedia.com — Cisco Umbrella Rank: 770 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 531 dsum.casalemedia.com — Cisco Umbrella Rank: 1250	25 KB
29	rubiconproject.com 9 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 516 eus.rubiconproject.com — Cisco Umbrella Rank: 598 secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1045 pixel.rubiconproject.com — Cisco Umbrella Rank: 333 token.rubiconproject.com — Cisco Umbrella Rank: 703	50 KB
25	xxlmag.com 1 redirects www.xxlmag.com — Cisco Umbrella Rank: 193827	823 KB
18	undertone.com hb.undertone.com — Cisco Umbrella Rank: 3382 cdn.undertone.com — Cisco Umbrella Rank: 6190 usr.undertone.com — Cisco Umbrella Rank: 4574	12 KB
18	serverbid.com e.serverbid.com — Cisco Umbrella Rank: 3541 sync.serverbid.com — Cisco Umbrella Rank: 7174 x.serverbid.com — Cisco Umbrella Rank: 8458	7 KB
18	amazon-adsystem.com 7 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 323 s.amazon-adsystem.com — Cisco Umbrella Rank: 287 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1294	52 KB
15	yahoo.com 13 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 285 ads.yahoo.com — Cisco Umbrella Rank: 1462 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 473	3 KB
14	doubleclick.net 5 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 211 stats.g.doubleclick.net — Cisco Umbrella Rank: 117 5352434.fls.doubleclick.net — Cisco Umbrella Rank: 72669 ad.doubleclick.net — Cisco Umbrella Rank: 202 cm.g.doubleclick.net — Cisco Umbrella Rank: 205	133 KB
13	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 505 ads.pubmatic.com — Cisco Umbrella Rank: 485 image6.pubmatic.com — Cisco Umbrella Rank: 634 image8.pubmatic.com — Cisco Umbrella Rank: 587	35 KB
12	openx.net townsquaremedia-d.openx.net — Cisco Umbrella Rank: 33420 u.openx.net — Cisco Umbrella Rank: 718 rtb.openx.net — Cisco Umbrella Rank: 1686 us-u.openx.net — Cisco Umbrella Rank: 391	2 KB
12	adnxs.com 6 redirects ib.adnxs.com — Cisco Umbrella Rank: 234	10 KB
12	google.com apis.google.com — Cisco Umbrella Rank: 164 www.google.com — Cisco Umbrella Rank: 10 accounts.google.com — Cisco Umbrella Rank: 118 adservice.google.com — Cisco Umbrella Rank: 96	223 KB
11	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 362	3 KB
11	gstatic.com fonts.gstatic.com ssl.gstatic.com	83 KB
7	youtube.com www.youtube.com — Cisco Umbrella Rank: 113	127 KB
7	consensu.org cdn.conversant.mgr.consensu.org — Cisco Umbrella Rank: 25017 api.conversant.mgr.consensu.org — Cisco Umbrella Rank: 26220	199 KB
6	advertising.com 6 redirects pixel.advertising.com — Cisco Umbrella Rank: 851	1 KB
6	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 811	1 KB
6	media.net prebid.media.net — Cisco Umbrella Rank: 1348 contextual.media.net — Cisco Umbrella Rank: 515	25 KB
6	sonobi.com apex.go.sonobi.com — Cisco Umbrella Rank: 2234 sync.go.sonobi.com — Cisco Umbrella Rank: 1017	4 KB
6	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 635 eb2.3lift.com — Cisco Umbrella Rank: 400	2 KB
6	twitter.com platform.twitter.com — Cisco Umbrella Rank: 668 syndication.twitter.com — Cisco Umbrella Rank: 871	152 KB
5	gumgum.com g2.gumgum.com — Cisco Umbrella Rank: 1549	5 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 101	335 B
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	197 KB
4	townsquareblogs.com cdn.production.townsquareblogs.com — Cisco Umbrella Rank: 36679	103 KB
4	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 585	18 KB
3	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 579	573 B
3	admanmedia.com 3 redirects cs.admanmedia.com — Cisco Umbrella Rank: 1644	1 KB
3	rfihub.com 3 redirects p.rfihub.com — Cisco Umbrella Rank: 771	2 KB
3	emxdgt.com cs.emxdgt.com — Cisco Umbrella Rank: 940	99 B
3	lijit.com ap.lijit.com — Cisco Umbrella Rank: 699	831 B
3	solutionshindsight.net static.solutionshindsight.net — Cisco Umbrella Rank: 24383	28 KB
3	kargo.com krk.kargo.com — Cisco Umbrella Rank: 2356	2 KB
3	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1682	37 KB
3	instagram.com 2 redirects platform.instagram.com — Cisco Umbrella Rank: 6709 www.instagram.com — Cisco Umbrella Rank: 962	5 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52	20 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 640	644 B
2	adgrx.com cm.adgrx.com — Cisco Umbrella Rank: 1512	816 B
2	dyntrk.com 2 redirects gu.dyntrk.com — Cisco Umbrella Rank: 1358	850 B
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1308	1 KB
2	media6degrees.com action.media6degrees.com — Cisco Umbrella Rank: 5344	408 B
2	dstillery.com 2 redirects action.dstillery.com — Cisco Umbrella Rank: 5733	351 B
2	btloader.com btloader.com — Cisco Umbrella Rank: 1186 api.btloader.com — Cisco Umbrella Rank: 1300	12 KB
2	google.de www.google.de — Cisco Umbrella Rank: 5701 adservice.google.de — Cisco Umbrella Rank: 8252	1 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 93	78 KB
2	clean.gg i.clean.gg — Cisco Umbrella Rank: 1373	15 B
2	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 922	164 KB
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 371	710 B
1	quantserve.com 1 redirects pixel.quantserve.com — Cisco Umbrella Rank: 452	505 B
1	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 824	425 B
1	company-target.com 1 redirects s.company-target.com — Cisco Umbrella Rank: 4309	399 B
1	adentifi.com rtb.adentifi.com — Cisco Umbrella Rank: 1224	35 B
1	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 186
1	bttrack.com bttrack.com — Cisco Umbrella Rank: 735	380 B
1	brand-display.com 1 redirects dmp.brand-display.com — Cisco Umbrella Rank: 1893	348 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 546	1 KB
1	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 141	2 KB
1	teads.tv a.teads.tv — Cisco Umbrella Rank: 1215	5 KB
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 123	56 KB
1	dotomi.com proc.ad.cpe.dotomi.com — Cisco Umbrella Rank: 15076	622 B
1	rlcdn.com api.rlcdn.com — Cisco Umbrella Rank: 822	360 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 181	28 KB
1	net. doi3unldljdx6.cloudfront.net.	41 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 72	2 KB
334	66

	Domain	Requested by
32	townsquare.media	www.xxlmag.com doi3unldljdx6.cloudfront.net.
25	www.xxlmag.com	1 redirects www.xxlmag.com doi3unldljdx6.cloudfront.net.
13	ups.analytics.yahoo.com	12 redirects r.casalemedia.com
12	usr.undertone.com	cdn.undertone.com r.casalemedia.com
12	ssum-sec.casalemedia.com	9 redirects js-sec.indexww.com
12	ib.adnxs.com	6 redirects cdn.production.townsquareblogs.com cdn.undertone.com
11	dsum-sec.casalemedia.com	3 redirects r.casalemedia.com
11	match.adsrvr.org	js-sec.indexww.com sync.serverbid.com cdn.undertone.com r.casalemedia.com
9	s.amazon-adsystem.com	5 redirects r.casalemedia.com
9	e.serverbid.com	cdn.production.townsquareblogs.com sync.serverbid.com
8	cm.g.doubleclick.net	4 redirects r.casalemedia.com
8	pixel.rubiconproject.com	2 redirects cdn.undertone.com
8	eus.rubiconproject.com	doi3unldljdx6.cloudfront.net. eus.rubiconproject.com cdn.undertone.com
8	apis.google.com	www.xxlmag.com doi3unldljdx6.cloudfront.net. www.youtube.com accounts.google.com apis.google.com
7	www.youtube.com	doi3unldljdx6.cloudfront.net. www.youtube.com
6	pixel.advertising.com	6 redirects
6	x.serverbid.com	sync.serverbid.com
6	ads.pubmatic.com	doi3unldljdx6.cloudfront.net. sync.serverbid.com
6	ssl.gstatic.com	accounts.google.com www.xxlmag.com
6	fastlane.rubiconproject.com	cdn.production.townsquareblogs.com
6	onetag-sys.com	cdn.production.townsquareblogs.com doi3unldljdx6.cloudfront.net.
6	c.amazon-adsystem.com	www.xxlmag.com c.amazon-adsystem.com
5	g2.gumgum.com	cdn.production.townsquareblogs.com
5	fonts.gstatic.com	fonts.googleapis.com
4	token.rubiconproject.com	4 redirects
4	cdn.conversant.mgr.consensu.org	doi3unldljdx6.cloudfront.net. cdn.conversant.mgr.consensu.org
4	www.facebook.com	www.xxlmag.com doi3unldljdx6.cloudfront.net.
4	connect.facebook.net	www.xxlmag.com doi3unldljdx6.cloudfront.net.
4	platform.twitter.com	www.xxlmag.com doi3unldljdx6.cloudfront.net.
4	cdn.production.townsquareblogs.com	www.xxlmag.com cdn.production.townsquareblogs.com
4	js-sec.indexww.com	www.xxlmag.com doi3unldljdx6.cloudfront.net.
3	aax-eu.amazon-adsystem.com	2 redirects
3	pixel-sync.sitescout.com	cdn.undertone.com
3	image8.pubmatic.com	cdn.undertone.com
3	cs.admanmedia.com	3 redirects
3	us-u.openx.net	cdn.undertone.com
3	secure-assets.rubiconproject.com	3 redirects
3	r.casalemedia.com	cdn.undertone.com
3	sync.go.sonobi.com	sync.serverbid.com
3	rtb.openx.net	sync.serverbid.com
3	p.rfihub.com	3 redirects
3	cs.emxdgt.com	sync.serverbid.com
3	ap.lijit.com	sync.serverbid.com
3	contextual.media.net	doi3unldljdx6.cloudfront.net.
3	sync.serverbid.com	doi3unldljdx6.cloudfront.net.
3	u.openx.net	doi3unldljdx6.cloudfront.net.
3	cdn.undertone.com	doi3unldljdx6.cloudfront.net.
3	eb2.3lift.com	doi3unldljdx6.cloudfront.net.
3	static.solutionshindsight.net	doi3unldljdx6.cloudfront.net.
3	hb.undertone.com	cdn.production.townsquareblogs.com
3	htlb.casalemedia.com	cdn.production.townsquareblogs.com
3	prebid.media.net	cdn.production.townsquareblogs.com
3	townsquaremedia-d.openx.net	cdn.production.townsquareblogs.com
3	hbopenbid.pubmatic.com	cdn.production.townsquareblogs.com
3	apex.go.sonobi.com	cdn.production.townsquareblogs.com
3	tlx.3lift.com	cdn.production.townsquareblogs.com
3	krk.kargo.com	cdn.production.townsquareblogs.com
3	api.conversant.mgr.consensu.org	cdn.conversant.mgr.consensu.org
3	secure.cdn.fastclick.net	www.xxlmag.com secure.cdn.fastclick.net doi3unldljdx6.cloudfront.net.
3	www.google-analytics.com	www.xxlmag.com www.google-analytics.com
2	sync-tm.everesttech.net	2 redirects
2	cm.adgrx.com	r.casalemedia.com
2	gu.dyntrk.com	2 redirects
2	ad-delivery.net	www.xxlmag.com
2	action.media6degrees.com	www.xxlmag.com
2	action.dstillery.com	2 redirects
2	5352434.fls.doubleclick.net	1 redirects doi3unldljdx6.cloudfront.net.
2	accounts.google.com	doi3unldljdx6.cloudfront.net. www.xxlmag.com
2	www.googletagmanager.com	doi3unldljdx6.cloudfront.net.
2	syndication.twitter.com	platform.twitter.com www.xxlmag.com
2	i.clean.gg	doi3unldljdx6.cloudfront.net.
2	securepubads.g.doubleclick.net	www.googletagservices.com
2	cdn.taboola.com	www.xxlmag.com doi3unldljdx6.cloudfront.net.
2	www.instagram.com	1 redirects www.xxlmag.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	ads.yahoo.com
1	px.ads.linkedin.com
1	pixel.quantserve.com	1 redirects
1	ad.turn.com	1 redirects
1	s.company-target.com	1 redirects
1	rtb.adentifi.com	r.casalemedia.com
1	dpm.demdex.net	r.casalemedia.com
1	bttrack.com	r.casalemedia.com
1	dsum.casalemedia.com	r.casalemedia.com
1	dmp.brand-display.com	1 redirects
1	image6.pubmatic.com	ads.pubmatic.com
1	id5-sync.com
1	api.btloader.com	btloader.com
1	adservice.google.de	adservice.google.com
1	ad.doubleclick.net	www.xxlmag.com
1	sb.scorecardresearch.com	doi3unldljdx6.cloudfront.net.
1	adservice.google.com	5352434.fls.doubleclick.net
1	btloader.com	doi3unldljdx6.cloudfront.net.
1	www.google.de	www.xxlmag.com
1	www.google.com	www.xxlmag.com
1	a.teads.tv	doi3unldljdx6.cloudfront.net.
1	stats.g.doubleclick.net	www.google-analytics.com
1	pagead2.googlesyndication.com	doi3unldljdx6.cloudfront.net.
1	as-sec.casalemedia.com	js-sec.indexww.com
1	proc.ad.cpe.dotomi.com	secure.cdn.fastclick.net
1	api.rlcdn.com	js-sec.indexww.com
1	platform.instagram.com	1 redirects
1	www.googletagservices.com	www.xxlmag.com
1	doi3unldljdx6.cloudfront.net.	www.xxlmag.com
1	fonts.googleapis.com	www.xxlmag.com
334	105

This site contains links to these domains. Also see Links.

Domain
shop.xxlmag.com
www.instagram.com
twitter.com
youtube.com
www.facebook.com
www.townsquaremedia.com
www.youtube.com

Subject Issuer	Validity	Valid
www5.townsquaremedia.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-03` - `2022-10-27`	4 months	crt.sh
www6.townsquaremedia.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-13` - `2022-10-27`	4 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
www8.townsquaremedia.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-14` - `2022-10-28`	4 months	crt.sh
*.apis.google.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
secure.cdn.fastclick.net DigiCert SHA2 Secure Server CA	`2022-01-15` - `2023-01-17`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-05-05` - `2022-08-03`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
i.clean.gg GTS CA 1D4	`2022-06-10` - `2022-09-08`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
ad.cpe.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-05-31` - `2023-07-02`	a year	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
cdn.conversant.mgr.consensu.org R3	`2022-05-23` - `2022-08-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-24` - `2023-06-23`	a year	crt.sh
*.conversant.mgr.consensu.org GlobalSign RSA OV SSL CA 2018	`2022-05-12` - `2023-06-13`	a year	crt.sh
*.dev.kargo.com Amazon	`2022-03-01` - `2023-03-29`	a year	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
*.gumgum.com Amazon	`2022-05-06` - `2023-06-04`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2021-12-08` - `2023-01-09`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.media.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-06` - `2023-05-04`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
*.consumableaudio.com R3	`2022-07-05` - `2022-10-03`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.undertone.com Amazon	`2021-10-04` - `2022-11-01`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
solutionshindsight.net Amazon	`2022-01-20` - `2023-02-18`	a year	crt.sh
teads.tv R3	`2022-06-01` - `2022-08-30`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
api.btloader.com GTS CA 1D4	`2022-06-22` - `2022-09-20`	3 months	crt.sh
sync.serverbid.com Amazon	`2022-04-04` - `2023-05-03`	a year	crt.sh
*.id5-sync.com R3	`2022-05-31` - `2022-08-29`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2022-05-18` - `2023-06-19`	a year	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-01` - `2023-03-28`	a year	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-21` - `2023-04-20`	a year	crt.sh
*.k8s-cluster-p-us-east-1.ramp-ut.io Amazon	`2021-10-20` - `2022-11-18`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-06-07` - `2022-11-30`	6 months	crt.sh
adentifi.com Amazon	`2021-09-04` - `2022-10-03`	a year	crt.sh

This page contains 49 frames:

Primary Page: https://www.xxlmag.com/
Frame ID: A81981D718841F673E3E3FCB83DF62C5
Requests: 177 HTTP requests in this frame

Frame: https://cdn.production.townsquareblogs.com/aleph/
Frame ID: DD8BA651952AEDCF2CBCABF5D92429E1
Requests: 3 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.dc05643fdb8d0e2b89e5cc3c1d26d1b5.html?origin=https%3A%2F%2Fwww.xxlmag.com
Frame ID: EC374D154BEA175B89067C63DC2081E8
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 9535AC725D9C1E3377ED38C88EB47EE5
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?usegapi=1&channel=XXLMagazine&count=hidden&layout=default&theme=default&origin=https%3A%2F%2Fwww.xxlmag.com&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.gzNO53US1Eg.O%2Fd%3D1%2Frs%3DAHpOoo-O-5j3TYHoQz2hPZzUvoU_Frhy2A%2Fm%3D__features__
Frame ID: 28E1E30C4FBC0ED7A3A79B009FA85924
Requests: 5 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.dc05643fdb8d0e2b89e5cc3c1d26d1b5.en.html
Frame ID: 930DB6042F3CE46A25B58A87C380D735
Requests: 2 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.xxlmag.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.gzNO53US1Eg.O%2Fd%3D1%2Frs%3DAHpOoo-O-5j3TYHoQz2hPZzUvoU_Frhy2A%2Fm%3D__features__
Frame ID: 6AAF550DD733AC50ED9A2C3EAF3D12DD
Requests: 5 HTTP requests in this frame

Frame: https://5352434.fls.doubleclick.net/activityi;dc_pre=CJuSjJzQmPkCFUWx7QodTogMOA;src=5352434;type=xxlmag;cat=xxl_f0;ord=8255264770632;gtm=2od7p0;auiddc=1892149480.1658909702;~oref=https%3A%2F%2Fwww.xxlmag.com%2F
Frame ID: 11A5B60B93DBB3C98FE47FE281A61C79
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCbg_UMjlHJg_19SZckaKajg&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.gzNO53US1Eg.O%2Fd%3D1%2Frs%3DAHpOoo-O-5j3TYHoQz2hPZzUvoU_Frhy2A%2Fm%3D__features__
Frame ID: E25420E4394C04292CDD8B19D1B3C3BF
Requests: 4 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CJuSjJzQmPkCFUWx7QodTogMOA;src=5352434;type=xxlmag;cat=xxl_f0;ord=8255264770632;gtm=2od7p0;auiddc=1892149480.1658909702;~oref=https%3A%2F%2Fwww.xxlmag.com%2F
Frame ID: 8BE6B0EF44A8669FDB6907AFF926999D
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CJuSjJzQmPkCFUWx7QodTogMOA;src=5352434;type=xxlmag;cat=xxl_f0;ord=8255264770632;gtm=2od7p0;auiddc=1892149480.1658909702;~oref=https%3A%2F%2Fwww.xxlmag.com%2F
Frame ID: 8AADDC30178B2F02789F016D2AA5A51F
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.8/plugins/like.php?action=like&app_id=184854740153433&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2c4b953e456824%26domain%3Dwww.xxlmag.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.xxlmag.com%252Ff42c68dfd55598%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fxxlmag&layout=button&locale=en_US&sdk=joey&share=false&show_faces=false&width=47px
Frame ID: FB4AA62B8AC4FF7C425F13A24F5D46AA
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156725
Frame ID: 5076F30184DE8F7FBE50F21EB1E9C1A1
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 836A265BC60C72A8B47693667F777FF5
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 68549A49196D3D46A0FEC00A829126CA
Requests: 1 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html
Frame ID: 473711CE9C5B17DC0F289E284AF72A97
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156725
Frame ID: AFD5C942798592DFF93807D2D318A2A9
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 08ACDE316E952C315D476A6755E4DDA3
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 76EF7452A3671A2693E0FF5F781D1472
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 7463D2B41765F5B2090D7112241CE9DB
Requests: 10 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html
Frame ID: E872A2BAA72AF8D0F7DF384618605CD2
Requests: 10 HTTP requests in this frame

Frame: https://sync.serverbid.com/ss/2000775.html
Frame ID: 758554CD9B0656651509B5969669768E
Requests: 10 HTTP requests in this frame

Frame: https://sync.serverbid.com/ss/2000775.html
Frame ID: 1CCA0747DD3A827B226EF7C5A54817CE
Requests: 10 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 243C5FBD139B2A3DBFAF204651DDA65D
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUMP71D3&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 45143DFBAA4C5C835175B351A12B9491
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: CEB1922190528008A3A358E2725626DA
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 006F7E40DFD27F50259EA4F956067FD6
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1658909701796
Frame ID: 654B6DE832145FDF605188E087299A0A
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1658909701841
Frame ID: C2F41B8CD7F626771075BABD86928708
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: D0FEAED144906B6C03AB2AF882B1BC5C
Requests: 1 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html
Frame ID: DD4140976C46AC052522975BC99850EB
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1658909701570
Frame ID: AF6DF929D831338A2205F61C6203408B
Requests: 1 HTTP requests in this frame

Frame: https://sync.serverbid.com/ss/2000775.html
Frame ID: CCA6F566E9971600D85CDB3FF54E7095
Requests: 10 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUMP71D3&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 90F8BC8346A0AC9ACA87F23A683AE7A6
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 0B6CB5AB806607A4BD7B819036CF5503
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUMP71D3&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 2EDA7842CE042EA112431AB4C5BDD7AD
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156725
Frame ID: 5A56B710544A1F3C7A6E99AC9D1E260D
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPcxQAAPcxQAAAXADAENCZCgAAAAAH_AAAAAAAAR2AJMNW4gC7MscGbQMIoUQIwrCQqgUAEFAMLRBYAODgp2VgEusIWACAVIRgRAgxBRgwCAAQSAJCIAJAiwQCIAiAQAAgARAIQAMTAILACwMAgABANCxACgAECQgyICI5TAgKgSCglsrEEoK9DTCAOs8AKBRGxUACJJARSAgJCwcAwRICXiyQNMUb5ACMEKAUSoAAAA.YAAAAAAAAAAA&d=https%3A%2F%2Fwww.xxlmag.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 31F9F99C1E97ECC6FDC98A76525364A4
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPcxQAAPcxQAAAXADAENCZCgAAAAAH_AAAAAAAAR2AJMNW4gC7MscGbQMIoUQIwrCQqgUAEFAMLRBYAODgp2VgEusIWACAVIRgRAgxBRgwCAAQSAJCIAJAiwQCIAiAQAAgARAIQAMTAILACwMAgABANCxACgAECQgyICI5TAgKgSCglsrEEoK9DTCAOs8AKBRGxUACJJARSAgJCwcAwRICXiyQNMUb5ACMEKAUSoAAAA.YAAAAAAAAAAA&d=https%3A%2F%2Fwww.xxlmag.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: E5448AE111DC33C5AEFE2D3EB8FFBBBD
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Frame ID: C8E10EA45A89D1C23776E146CBF42B6F
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Frame ID: 51143C69067C412CA0D5ACAB09AFBBB2
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Frame ID: 38BC2689335C3F20381440FB906CCB54
Requests: 1 HTTP requests in this frame

Frame: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Frame ID: 0AC43CD120E40A8249AA9FCD116DEE23
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: 5AA36C616AC241557A556BE3DD823ABF
Requests: 3 HTTP requests in this frame

Frame: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Frame ID: 52506E42EA9D2726A2A3B5FE01114672
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: ABCD02E010624538214C6EF19B2A2F78
Requests: 2 HTTP requests in this frame

Frame: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Frame ID: 684C025E35B31C5C3BD40DD5877FC556
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: FC84AE8B0323CF2166214E96018733C7
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPcxQAAPcxQAAAXADAENCZCgAAAAAH_AAAAAAAAR2AJMNW4gC7MscGbQMIoUQIwrCQqgUAEFAMLRBYAODgp2VgEusIWACAVIRgRAgxBRgwCAAQSAJCIAJAiwQCIAiAQAAgARAIQAMTAILACwMAgABANCxACgAECQgyICI5TAgKgSCglsrEEoK9DTCAOs8AKBRGxUACJJARSAgJCwcAwRICXiyQNMUb5ACMEKAUSoAAAA.YAAAAAAAAAAA&d=https%3A%2F%2Fwww.xxlmag.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 89FEA4163A676AAFAAF61ED71E3C520D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Hip-Hop News, Rap Music - XXL

Page URL History Show full URLs

http://www.xxlmag.com/ HTTP 301
https://www.xxlmag.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

334
Requests

87 %
HTTPS

34 %
IPv6

66
Domains

105
Subdomains

84
IPs

10
Countries

4113 kB
Transfer

10205 kB
Size

60
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: http://shop.xxlmag.com/
Title: Shop

Search URL Search Domain Scan URL

URL: https://www.instagram.com/xxl
Title: Visit us on Instagram

Search URL Search Domain Scan URL

URL: https://twitter.com/XXL
Title: Visit us on Twitter

Search URL Search Domain Scan URL

URL: https://youtube.com/user/XXLMagazine
Title: Visit us on Youtube

Search URL Search Domain Scan URL

URL: https://www.facebook.com/xxlmag
Title: Visit us on Facebook

Search URL Search Domain Scan URL

URL: http://shop.xxlmag.com/?ref=rrad

Search URL Search Domain Scan URL

URL: http://www.townsquaremedia.com/national-media/advertise
Title: Advertise

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/XXLMagazine
Title: Visit us on Youtube

Search URL Search Domain Scan URL

URL: https://www.townsquaremedia.com/
Title: , Townsquare Media, Inc

Search URL Search Domain Scan URL

URL: https://www.townsquaremedia.com/privacy-policy
Title: privacy policy.

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.xxlmag.com/ HTTP 301
https://www.xxlmag.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://platform.instagram.com/en_US/embeds.js HTTP 301
https://www.instagram.com/embed.js HTTP 302
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js

Request Chain 168

https://5352434.fls.doubleclick.net/activityi;src=5352434;type=xxlmag;cat=xxl_f0;ord=8255264770632;gtm=2od7p0;auiddc=1892149480.1658909702;~oref=https%3A%2F%2Fwww.xxlmag.com%2F HTTP 302
https://5352434.fls.doubleclick.net/activityi;dc_pre=CJuSjJzQmPkCFUWx7QodTogMOA;src=5352434;type=xxlmag;cat=xxl_f0;ord=8255264770632;gtm=2od7p0;auiddc=1892149480.1658909702;~oref=https%3A%2F%2Fwww.xxlmag.com%2F

Request Chain 188

https://action.dstillery.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=XXL&ncv=24 HTTP 302
https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=XXL&ncv=24

Request Chain 189

https://action.dstillery.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=all_tsm_sv&ncv=24 HTTP 302
https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=all_tsm_sv&ncv=24

Request Chain 233

https://p.rfihub.com/cm?pub=42786&in=1 HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=5141210821205561252

Request Chain 234

https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D&s=185073&C=1 HTTP 302
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=YuD0CYfqjmdhh0oqvKCpZgAA%265151

Request Chain 236

https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fx.serverbid.com%252Fusersync%253Fttt%253D1%2526src%253D2%2526cspi%253D0%2526cn%253D5551%2526spui%253D%2526dpui%253D%2524UID HTTP 302
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=1171986940427637677

Request Chain 238

https://pixel.advertising.com/ups/56621/occ HTTP 302
https://ups.analytics.yahoo.com/ups/56621/occ HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=

Request Chain 241

https://p.rfihub.com/cm?pub=42786&in=1 HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=5140084921364264866

Request Chain 242

https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D&s=185073&C=1 HTTP 302
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=YuD0CYfqjmdhh0oqvKCpZgAA%265151

Request Chain 244

https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fx.serverbid.com%252Fusersync%253Fttt%253D1%2526src%253D2%2526cspi%253D0%2526cn%253D5551%2526spui%253D%2526dpui%253D%2524UID HTTP 302
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=1171986940427637677

Request Chain 246

https://pixel.advertising.com/ups/56621/occ HTTP 302
https://ups.analytics.yahoo.com/ups/56621/occ HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=

Request Chain 251

https://p.rfihub.com/cm?pub=42786&in=1 HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=5131077722073015856

Request Chain 252

https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D&s=185073&C=1 HTTP 302
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=YuD0CYfqjmdhh0oqvKCpZgAA%265151

Request Chain 254

https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fx.serverbid.com%252Fusersync%253Fttt%253D1%2526src%253D2%2526cspi%253D0%2526cn%253D5551%2526spui%253D%2526dpui%253D%2524UID HTTP 302
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=8245237639611412181

Request Chain 256

https://pixel.advertising.com/ups/56621/occ HTTP 302
https://ups.analytics.yahoo.com/ups/56621/occ HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=

Request Chain 260

https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D HTTP 302
https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1

Request Chain 261

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
https://eus.rubiconproject.com/usync.html?p=12776

Request Chain 264

https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-A2w9eXlE2uFGB4ifdJn1BLQAGv_FhfcW~A

Request Chain 267

https://cs.admanmedia.com/sync/undertone?url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpartner%3Dacuityads%26uid%3D%24UID HTTP 302
https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=ff5f72e112da1d3d23adb72ad352bdb88a003da9

Request Chain 270

https://ups.analytics.yahoo.com/ups/58545/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58545/occ?verify=true HTTP 302
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-W4dB78FE2uE5GbVVM57HcFVcqzJba1H5AfYianc-~A

Request Chain 273

https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-A2w9eXlE2uFGB4ifdJn1BLQAGv_FhfcW~A

Request Chain 276

https://cs.admanmedia.com/sync/undertone?url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpartner%3Dacuityads%26uid%3D%24UID HTTP 302
https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=ff5f72e112da1d3d23adb72ad352bdb88a003da9

Request Chain 279

https://ups.analytics.yahoo.com/ups/58545/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58545/occ?verify=true HTTP 302
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-W4dB78FE2uE5GbVVM57HcFVcqzJba1H5AfYianc-~A

Request Chain 280

https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D HTTP 302
https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1

Request Chain 281

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
https://eus.rubiconproject.com/usync.html?p=12776

Request Chain 284

https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-A2w9eXlE2uFGB4ifdJn1BLQAGv_FhfcW~A

Request Chain 287

https://cs.admanmedia.com/sync/undertone?url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpartner%3Dacuityads%26uid%3D%24UID HTTP 302
https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=ff5f72e112da1d3d23adb72ad352bdb88a003da9

Request Chain 290

https://ups.analytics.yahoo.com/ups/58545/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58545/occ?verify=true HTTP 302
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-W4dB78FE2uE5GbVVM57HcFVcqzJba1H5AfYianc-~A

Request Chain 291

https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D HTTP 302
https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1

Request Chain 292

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
https://eus.rubiconproject.com/usync.html?p=12776

Request Chain 297

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YuD0CYfqjmdhh0oqvKCpZgAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKFo6sMBgVD9_oJjVrcpNbo&google_cver=1&gdpr=1

Request Chain 298

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YuD0CYfqjmdhh0oqvKCpZgAAFB8AAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YuD0CYfqjmdhh0oqvKCpZgAAFB8AAAIB&dcc=t

Request Chain 300

https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1 HTTP 302
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=dad221fa-e63d-540f-1c0efae4

Request Chain 301

https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1 HTTP 302
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=

Request Chain 307

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YuD0CYfqjmdhh0oqvKCpZgAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJRnzVDeyrrmnxJLWv6mX14&google_cver=1&gdpr=1

Request Chain 308

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YuD0CYfqjmdhh0oqvKCpZgAAFB8AAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YuD0CYfqjmdhh0oqvKCpZgAAFB8AAAIB&dcc=t

Request Chain 311

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YuD0CQAB8v09UwA0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YuD0CQAB8v09UwA0&gdpr=1&_test=YuD0CQAB8v09UwA0

Request Chain 315

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YuD0CYfqjmdhh0oqvKCpZgAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECAlXUHSleAqmrRX7w9fZns&google_cver=1&gdpr=1

Request Chain 317

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YuD0CYfqjmdhh0oqvKCpZgAAFB8AAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YuD0CYfqjmdhh0oqvKCpZgAAFB8AAAIB&dcc=t

Request Chain 320

https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=1&gdpr_consent= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1674807305&external_user_id=05f9afd7-22d0-4996-9349-8c2eec390d40

Request Chain 321

https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4587930079359360360

Request Chain 322

https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=jMoNfdzMWHSXmQp43JpFLIybC32XylAojc9ImmeS

Request Chain 324

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L63C05V4-26-K9XE

Request Chain 325

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L63C05V4-26-K9XE&sigv=1&esig=2~ce624573bf885108184b05a00f60dc7331946b62

Request Chain 326

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEK7xbk74pbgryG-ZYiHTwks&google_cver=1

Request Chain 327

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDYzQzA1VjQtMjYtSzlYRQ==

Request Chain 328

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/KjkVlus374Jt9qzAm53g2cn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3327010579581842242

Request Chain 329

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=MVUTLM9qSqmEsWBGlCjUIA&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=MVUTLM9qSqmEsWBGlCjUIA

Request Chain 330

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=LlWn9Ss-RjGShQjJbSomBA&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=LlWn9Ss-RjGShQjJbSomBA

334 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.xxlmag.com/
Redirect Chain

http://www.xxlmag.com/
https://www.xxlmag.com/

312 KB
55 KB

543ms
428ms

Document
text/html

192.229.233.172
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xxlmag.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.172 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

nginx / Express

Resource Hash

6716d90fdd2991bf68fa2431ac68ad23adf43f2b74d9e2687b330f1a05bd6056

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 213
cache-control: no-cache
content-encoding: gzip
content-length: 56342
content-type: text/html; charset=utf-8
date: Wed, 27 Jul 2022 08:14:58 GMT
etag: W/"4de16-uLaZCIHBj6QkG3WDG2Xm4A"
expires: Wed, 27 Jul 2022 08:14:57 GMT
gdpr-source: DE
server: nginx
vary: Accept-Encoding
via: 1.1 varnish
x-abgroup: B
x-cache: HIT
x-device: desktop
x-frame-options: SAMEORIGIN
x-powered-by: Express
x-ua-device: desktop
x-varnish: 437986177 437951074

Redirect headers

Cache-Control: no-cache
Content-Length: 178
Content-Type: text/html
Date: Wed, 27 Jul 2022 08:14:57 GMT
Expires: Wed, 27 Jul 2022 08:14:56 GMT
Location: https://www.xxlmag.com/
Server: nginx
X-Frame-Options: SAMEORIGIN
gdpr-source: DE

GET
H2 200 base.css
www.xxlmag.com/styles/desktop/ 571 KB
120 KB 39ms
37ms Stylesheet
text/css 192.229.233.172
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xxlmag.com/styles/desktop/base.css?ver=eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163&mver=299&gver=3

Requested by

Host: www.xxlmag.com
URL: https://www.xxlmag.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.172 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67A7) / Express

Resource Hash

c0e83ed4dab659502d6df1046247df45dafe221cb2912af01b1364b209c848b0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 27 Jul 2022 08:14:58 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 56822
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 122762
last-modified: Mon, 25 Jul 2022 16:27:46 GMT
server: ECS (frb/67A7)
etag: W/"8ed58-80N7jU2ffo5I1CdOIXYJ/Q"
x-frame-options: SAMEORIGIN
x-varnish: 424888033
via: 1.1 varnish
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: text/css; charset=utf-8
expires: Wed, 27 Jul 2022 08:14:57 GMT

GET
H2 200 main.bundle.eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163.js Show response
townsquare.media/public/dist/desktop/ 909 KB
236 KB 1819ms
310ms Script
application/javascript 192.229.144.129
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://townsquare.media/public/dist/desktop/main.bundle.eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163.js?mver=299&gver=3

Requested by

Host: www.xxlmag.com
URL: https://www.xxlmag.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.144.129 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (hhp/9ABC) / Express

Resource Hash

d01a432795fc449091f3e7f9e028fd0ec4932b67421b61ac9c91ee1578067048

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 27 Jul 2022 08:15:00 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 56833
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 240756
last-modified: Mon, 25 Jul 2022 16:26:25 GMT
server: ECS (hhp/9ABC)
etag: W/"e32af-182362e633f"
x-frame-options: SAMEORIGIN
x-varnish: 424885152
via: 1.1 varnish
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 27 Jul 2022 08:14:59 GMT

GET
H2 200 css
fonts.googleapis.com/ 22 KB
2 KB 135ms
49ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,400italic,500,500italic,700,300italic,300%7CRoboto+Condensed:300,400,700&display=swap

Requested by

Host: www.xxlmag.com
URL: https://www.xxlmag.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0d05aa7fda69e5a6629806fe1b77d18eb6ce5a777eed211f77b51b728f62b4a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 27 Jul 2022 08:14:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 27 Jul 2022 08:14:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 27 Jul 2022 08:14:58 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 121ms
36ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.xxlmag.com
URL: https://www.xxlmag.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4379
date: Wed, 27 Jul 2022 07:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 27 Jul 2022 09:02:00 GMT

GET
H2 200 autotrack.carbon.js Show response
townsquare.media/public/resources/js/ 4 KB
2 KB 1320ms
932ms Script
application/javascript 192.229.144.129
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://townsquare.media/public/resources/js/autotrack.carbon.js

Requested by

Host: www.xxlmag.com
URL: https://www.xxlmag.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.144.129 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (hhp/9AA5) / Express

Resource Hash

17c048bfb0138677a5774ee0301b7858b6d3fa8620fcaf62b6b81a0b5a37996a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 27 Jul 2022 08:15:00 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 42530
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 2031
last-modified: Thu, 03 Oct 2019 21:28:38 GMT
server: ECS (hhp/9AA5)
etag: W/"119a-16d938657f4"
x-frame-options: SAMEORIGIN
x-varnish: 1726061522 1725538167
via: 1.1 varnish
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 27 Jul 2022 08:14:59 GMT

GET
H2 200 script.js Show response
doi3unldljdx6.cloudfront.net./ 117 KB
41 KB 147ms
43ms Script
application/javascript 2600:9000:214f:8600:7:7419:8e80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://doi3unldljdx6.cloudfront.net./script.js
Requested by: Host: www.xxlmag.com
URL: https://www.xxlmag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:8600:7:7419:8e80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3b3e68476513278679da7b0f0c4605f8a39af661f1fba3878d6bbd3530286ebf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 08:14:46 GMT
content-encoding: gzip
last-modified: Tue, 26 Jul 2022 18:21:39 GMT
server: AmazonS3
age: 223
etag: W/"c8ca424e32cb654763ad0b751141dd60"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e7377cc861b31102786678df3616bf68.cloudfront.net (CloudFront)
cache-control: max-age=600,public,must-revalidate
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: iJeHndvzagvekwUPB3414K0ZhpBJoB0xVyFb5I0P8tXppcGCUCzsvg==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 82 KB
28 KB 130ms
46ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.xxlmag.com
URL: https://www.xxlmag.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f480764f12c8a3e311bfe93091348c19699a2e0f57e03e451d9d7763fcda94e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 08:14:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28346
x-xss-protection: 0
server: sffe
etag: "1285 / 3 of 1000 / last-modified: 1658873259"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 27 Jul 2022 08:14:59 GMT

GET
H/1.1 200
OK 186854-113710634486999.js Show response
js-sec.indexww.com/ht/p/ 37 KB
13 KB 176ms
38ms Script
text/javascript 23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/186854-113710634486999.js
Requested by: Host: www.xxlmag.com
URL: https://www.xxlmag.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: c1f87b6ebedfe2a978cb946c520baf745f8e3a4b47c690f9c7b353a84f7b53ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 27 Jul 2022 08:14:59 GMT
Content-Encoding: gzip
Last-Modified: Wed, 27 Jul 2022 07:46:50 GMT
Server: Apache
ETag: "da4cca-930b-5e4c49eb2151c"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=2089
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 12790
Expires: Wed, 27 Jul 2022 08:49:48 GMT

GET
H2 200 pb.js Show response
cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/ 346 KB
102 KB 1014ms
37ms Script
application/javascript 192.229.233.218
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=www.xxlmag.com&v=eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163&mver=299&gver=3

Requested by

Host: www.xxlmag.com
URL: https://www.xxlmag.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.218 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/668B) / Express

Resource Hash

0e07e8acc84a94cb2f0053c948e714497b063353afe91c38c44609dabfddac8c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 27 Jul 2022 08:14:59 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 56821
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop, desktop
x-device: carbon, carbon
content-length: 103728
access-control-allow-origin: *
last-modified: Tue, 26 Jul 2022 16:28:00 GMT
server: ECS (frb/668B)
etag: W/"5689d-C6+a7AOmOFpvTz/UUVRRcA"
x-frame-options: SAMEORIGIN, SAMEORIGIN
x-varnish: 424888720, 1721892628 1721892251
via: 1.1 varnish, 1.1 varnish
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
expires: Wed, 27 Jul 2022 08:14:58 GMT

GET
H2 200 platform.js Show response
apis.google.com/js/ 52 KB
20 KB 141ms
45ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: www.xxlmag.com
URL: https://www.xxlmag.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43e22721ce191cab06c0f7269431a9eac8a32579d764c2e005852d3502c459fc

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20332
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
date: Wed, 27 Jul 2022 08:14:59 GMT
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "e961625a9b34a42f"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 08:14:59 GMT

GET
H3

200

ab12745d93c5.js Show response
www.instagram.com/static/bundles/es6/EmbedSDK.js/
Redirect Chain

https://platform.instagram.com/en_US/embeds.js
https://www.instagram.com/embed.js
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js

15 KB
5 KB

95ms
46ms

Script
text/javascript

2a03:2880:f207:e5:face:b00c:0:4420
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
Requested by: Host: www.xxlmag.com
URL: https://www.xxlmag.com/
Protocol: H3
Server: 2a03:2880:f207:e5:face:b00c:0:4420 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 2a04fa46b4ebc4bb2c93126695f45b0acf711870e1f169bb95247592c28c24a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 05:55:32 GMT
content-encoding: br
etag: "ab12745d93c5"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
edge-control: max-age=1209600, no-transform
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
content-length: 4843
priority: u=3,i

Redirect headers

date: Wed, 27 Jul 2022 08:14:59 GMT
x-fb-trip-id: 1679558926
x-ig-origin-region: rva
content-type: text/html; charset=utf-8
location: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
cache-control: max-age=21600
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 xxl-trimmed-spacing.png
townsquare.media/site/812/files/2017/10/ 15 KB
15 KB 1006ms
619ms Image
image/png 192.229.144.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/812/files/2017/10/xxl-trimmed-spacing.png

Requested by

Host: www.xxlmag.com
URL: https://www.xxlmag.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.144.129 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (hhp/9AB6) / Express

Resource Hash

f55fdfabe595363032c7909158714a72825276b03affb5781386d4f7d1c73d0a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 27 Jul 2022 08:15:00 GMT
via: 1.1 varnish
age: 20615982
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 15520
last-modified: Thu, 12 Sep 2019 12:52:12 GMT
server: ECS (hhp/9AB6)
x-frame-options: SAMEORIGIN
x-varnish: 936438559
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/png
expires: Wed, 27 Jul 2022 08:14:59 GMT

POST
H2 200 cogitoergosum Show response
www.xxlmag.com/rest/high/api/ 128 B
482 B 141ms
140ms XHR
application/json 192.229.233.172
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xxlmag.com/rest/high/api/cogitoergosum

Requested by

Host: www.xxlmag.com
URL: https://www.xxlmag.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.172 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

nginx / Express

Resource Hash

a50854f1ed7f5374ba37a85d251f1577120afbdb4e5c48a196a1fe031b0fd9e5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.xxlmag.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-type: application/json

Response headers

date: Wed, 27 Jul 2022 08:14:58 GMT
etag: W/"80-q2QMeCcuLBgH4+FDH8RSPBYXo34"
server: nginx
x-powered-by: Express
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
x-ua-device: desktop
cache-control: no-cache
gdpr-source: DE
x-device: desktop
vary: Accept-Encoding
content-length: 128
expires: Wed, 27 Jul 2022 08:14:57 GMT

GET
H2 200 cmp.bundle.js Show response
townsquare.media/public/resources/js/ 185 KB
46 KB 1319ms
932ms Script
application/javascript 192.229.144.129
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://townsquare.media/public/resources/js/cmp.bundle.js

Requested by

Host: www.xxlmag.com
URL: https://www.xxlmag.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.144.129 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (hhp/9AAB) / Express

Resource Hash

9fe8e056e719eda00a080764b82240552e04ca6b449c5cb5ef36d5554e3bce9f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 27 Jul 2022 08:15:00 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 69049
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 46582
last-modified: Mon, 26 Oct 2020 18:28:52 GMT
server: ECS (hhp/9AAB)
etag: W/"2e534-175662b91b7"
x-frame-options: SAMEORIGIN
x-varnish: 432594793 413383249
via: 1.1 varnish
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 27 Jul 2022 08:14:59 GMT

GET
H2 200 launcher-stub.min.js Show response
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 13 KB
5 KB 132ms
40ms Script
application/javascript 23.206.210.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by: Host: www.xxlmag.com
URL: https://www.xxlmag.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.206.210.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-210-112.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7b5511237fcf94bad2aca9c53a0da15e1795be9377fac8dc44f06afd51113322

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 08:14:59 GMT
content-encoding: gzip
last-modified: Wed, 19 Jan 2022 18:00:40 GMT
server: Apache
etag: "33d8-5d5f329e9535b-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 4752
expires: Wed, 27 Jul 2022 08:29:59 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 140 KB
39 KB 130ms
43ms Script
application/javascript 65.9.71.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.xxlmag.com
URL: https://www.xxlmag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-118.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b95939599754deb2250672a0ecba1494e7af2352a3598695df9684d77f953d73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 27 Jul 2022 07:55:00 GMT
via: 1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront), 1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
last-modified: Thu, 30 Jun 2022 20:51:38 GMT
server: AmazonS3
age: 1200
etag: W/"72916dde70b34122b394074010b382ce"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-pop: FRA60-P1, FRA56-C1
content-encoding: gzip
x-amz-cf-id: 9oKnwX3kLZ53X0oXIeeji4FuW5-7PMNK0i-VYzjSfNj9UGx7aQhyDg==

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 209ms
38ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.xxlmag.com
URL: https://www.xxlmag.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BA) /
Resource Hash: ccaf59e06eb4f607fdedb30b166d8ab31ae2f92eaf4a2f998504204f1a2bf526

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 27 Jul 2022 08:14:59 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 633
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length: 29212
x-tw-cdn: VZ
Last-Modified: Tue, 19 Jul 2022 20:07:06 GMT
Server: ECS (frb/67BA)
Etag: "3b16e031477759af620cd0de990c6783+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 123ms
38ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.xxlmag.com
URL: https://www.xxlmag.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fb2c182ad912ec66dcb8138774df154a43586e9e3326da371bcd296a7e4ca1b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: pWvrrpoJR1mAERCyQHeZcQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: HrLoCtIQuvUjU4neOxdY9GD+L0udK3cPYjx7kXEivID4w0m4sv5HA0vH9gtS08UDrgl0ffy1VLkQDpqRQ4mUhQ==
x-fb-trip-id: 686109401
x-fb-content-md5: ea528ccb29a8e9647c7118a0a659506a
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 27 Jul 2022 08:14:59 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "8ffd0a697fb914b9cd8d473bbb225f5d"
timing-allow-origin: *
expires: Wed, 27 Jul 2022 08:24:05 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 90ms
39ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.xxlmag.com
URL: https://www.xxlmag.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

be7fd4a76d16eaf0869c22ccbe53a3baa540ae5cabcc08dd9dc40f68268b883d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26085
x-xss-protection: 0
pragma: public
x-fb-debug: o+cRwYpQLtlVX+VfWxCd/bQpJesC8VxEB3Stb4IEBM7U1t3eS3TgLMGi819GXnowgHJavpI+iRxaer6zyZ4q0g==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 27 Jul 2022 08:14:59 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/townsquaremediatsm-network/ 95 KB
25 KB 134ms
37ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/townsquaremediatsm-network/loader.js
Requested by: Host: www.xxlmag.com
URL: https://www.xxlmag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 046c5b28b1e8cfdc073965535cacad0d2ae72fa5e29de1f5e7f513d186e2f7dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: iBtjD45Y__kXsmtE9mmGdod5cSWox1KG
content-encoding: gzip
etag: "13730a91674e1916aa65eded988eaed5"
age: 27
x-cache: HIT
content-length: 24831
x-amz-id-2: htP2nAMDLxKAoVTl90HRQj8eedSU6FDMWJnj2pYq9JZNbSt+rewN9Pos/x6zDauGZfwKuELuhT4=
x-served-by: cache-hhn4055-HHN
last-modified: Tue, 26 Jul 2022 09:25:35 GMT
server: AmazonS3
x-timer: S1658909700.811858,VS0,VE1
date: Wed, 27 Jul 2022 08:14:59 GMT
vary: Accept-Encoding
x-amz-request-id: R604RVYY6DNB21E0
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 84
x-cache-hits: 1

GET
H2 200 / Show response
cdn.production.townsquareblogs.com/aleph/ Frame DD8B 2 KB
858 B 37ms
37ms Document
text/html 192.229.233.218
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.production.townsquareblogs.com/aleph/
Requested by: Host: www.xxlmag.com
URL: https://www.xxlmag.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.218 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/675D) / Express
Resource Hash: e455c9481ab43afb3fe882d539f47ad82eb560651f6c68a99f4dfb8ff4249d88

Request headers

Referer: https://www.xxlmag.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 27
cache-control: no-cache
content-encoding: gzip
content-length: 708
content-type: text/html; charset=UTF-8
date: Wed, 27 Jul 2022 08:14:59 GMT
etag: W/"7dd-17eb77f2c9a"
expires: Wed, 27 Jul 2022 08:14:58 GMT
gdpr-source: DE
last-modified: Tue, 01 Feb 2022 22:54:32 GMT
server: ECS (frb/675D)
vary: Accept-Encoding
via: 1.1 varnish
x-abgroup: B
x-cache: HIT
x-powered-by: Express
x-varnish: 437982036 437981861

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 127ms
40ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,500,500italic,700,300italic,300%7CRoboto+Condensed:300,400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.xxlmag.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 19:07:55 GMT
x-content-type-options: nosniff
age: 133624
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 25 Jul 2023 19:07:55 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
15 KB 169ms
82ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,500,500italic,700,300italic,300%7CRoboto+Condensed:300,400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.xxlmag.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 23:09:50 GMT
x-content-type-options: nosniff
age: 119109
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15660
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:42:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 25 Jul 2023 23:09:50 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
15 KB 180ms
93ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,500,500italic,700,300italic,300%7CRoboto+Condensed:300,400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.xxlmag.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 08:45:21 GMT
x-content-type-options: nosniff
age: 84578
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15700
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:51:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Jul 2023 08:45:21 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 134ms
47ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,500,500italic,700,300italic,300%7CRoboto+Condensed:300,400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.xxlmag.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 142207
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 25 Jul 2023 16:44:52 GMT

GET
DATA 200
OK truncated
/ 50 KB
50 KB Font
font/opentype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3400c27c9329fc2805aa324d61c60db41f90c338450da456b31cde72fd83122c

Request headers

Referer
Origin: https://www.xxlmag.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: font/opentype;charset=utf-8

GET
H2 200 attachment-The-Game-Eminem-Bobby-Shmurda.jpg
townsquare.media/site/812/files/2022/07/ 114 KB
114 KB 1240ms
931ms Image
image/jpeg 192.229.144.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/812/files/2022/07/attachment-The-Game-Eminem-Bobby-Shmurda.jpg?w=980&q=75

Requested by

Host: www.xxlmag.com
URL: https://www.xxlmag.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.144.129 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (hhp/9AA2) / Express

Resource Hash

a5d52cbd84443644376ce6d6b707823e7d78cfbc190074f7a4489d836d40848b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 27 Jul 2022 08:15:00 GMT
via: 1.1 varnish
age: 52854
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 116928
last-modified: Tue, 26 Jul 2022 17:04:00 GMT
server: ECS (hhp/9AA2)
x-frame-options: SAMEORIGIN
x-varnish: 1722941173
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 27 Jul 2022 08:14:59 GMT

GET
H2 200 base.css
www.xxlmag.com/styles/desktop/ 571 KB
571 KB 40ms
40ms Image
text/css 192.229.233.172
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.xxlmag.com/styles/desktop/base.css?ver=eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163&mver=299&gver=3

Requested by

Host: www.xxlmag.com
URL: https://www.xxlmag.com/styles/desktop/base.css?ver=eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163&mver=299&gver=3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.172 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67A7) / Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/styles/desktop/base.css?ver=eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163&mver=299&gver=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 27 Jul 2022 08:14:59 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 56578
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 122762
last-modified: Tue, 26 Jul 2022 16:32:02 GMT
server: ECS (frb/67A7)
etag: W/"8ed58-80N7jU2ffo5I1CdOIXYJ/Q"
x-frame-options: SAMEORIGIN
x-varnish: 1721964808
via: 1.1 varnish
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: text/css; charset=utf-8
expires: Wed, 27 Jul 2022 08:14:58 GMT

GET
H2 200 attachment-lupe-fiasco-photo.jpg
townsquare.media/site/812/files/2022/07/ 10 KB
11 KB 1215ms
932ms Image
image/jpeg 192.229.144.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/812/files/2022/07/attachment-lupe-fiasco-photo.jpg?w=300&q=75

Requested by

Host: www.xxlmag.com
URL: https://www.xxlmag.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.144.129 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (hhp/9AD1) / Express

Resource Hash

bf2df4df90f6a936b856b7a4638401ac532498c2803f48ee757780383074d47a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 27 Jul 2022 08:15:00 GMT
via: 1.1 varnish
age: 1087775
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 10650
last-modified: Thu, 14 Jul 2022 18:04:49 GMT
server: ECS (hhp/9AD1)
x-frame-options: SAMEORIGIN
x-varnish: 2649817508
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 27 Jul 2022 08:14:59 GMT

GET
H2 200 attachment-Kendrick-Lamar-Fan-Crying.jpg
townsquare.media/site/812/files/2022/07/ 14 KB
14 KB 1215ms
931ms Image
image/jpeg 192.229.144.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/812/files/2022/07/attachment-Kendrick-Lamar-Fan-Crying.jpg?w=540&q=75

Requested by

Host: www.xxlmag.com
URL: https://www.xxlmag.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.144.129 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (hhp/9ABC) / Express

Resource Hash

df44e521752c1498e37dfd144919c09af0f4c71f5f8628b8de4809ef270731a8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 27 Jul 2022 08:15:00 GMT
via: 1.1 varnish
age: 34082
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 14010
last-modified: Tue, 26 Jul 2022 22:46:52 GMT
server: ECS (hhp/9ABC)
x-frame-options: SAMEORIGIN
x-varnish: 1727677932 1727654292
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 27 Jul 2022 08:14:59 GMT

GET
H2 200 attachment-Soulja-Boy-Charleston-White.jpg
townsquare.media/site/812/files/2022/07/ 26 KB
26 KB 1215ms
931ms Image
image/jpeg 192.229.144.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/812/files/2022/07/attachment-Soulja-Boy-Charleston-White.jpg?w=540&q=75

Requested by

Host: www.xxlmag.com
URL: https://www.xxlmag.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.144.129 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (hhp/9AB0) / Express

Resource Hash

ef89c3ec1fc75a5bae4c42b0ff553520cf4f2918935eeebc6c98c5962f7ac28f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 27 Jul 2022 08:15:00 GMT
via: 1.1 varnish
age: 44452
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 26566
last-modified: Tue, 26 Jul 2022 19:52:19 GMT
server: ECS (hhp/9AB0)
x-frame-options: SAMEORIGIN
x-varnish: 1725059625
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 27 Jul 2022 08:14:59 GMT

GET
H2 200 attachment-Nick-Cannon-Bre-Tiesi.jpg
townsquare.media/site/812/files/2022/01/ 47 KB
47 KB 1214ms
930ms Image
image/jpeg 192.229.144.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/812/files/2022/01/attachment-Nick-Cannon-Bre-Tiesi.jpg?w=540&q=75

Requested by

Host: www.xxlmag.com
URL: https://www.xxlmag.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.144.129 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (hhp/9A8F) / Express

Resource Hash

f6071a51bf54257a9d0a3e1b26922e4f9d696c91184d0b60b5c69e49e216dfd2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 27 Jul 2022 08:15:00 GMT
via: 1.1 varnish
age: 68185
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 47678
last-modified: Sun, 30 Jan 2022 22:00:39 GMT
server: ECS (hhp/9A8F)
x-frame-options: SAMEORIGIN
x-varnish: 1719087728 1719032610
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 27 Jul 2022 08:14:59 GMT

POST
H2 200 cogitoergosum Show response
cdn.production.townsquareblogs.com/rest/high/api/ Frame DD8B 128 B
454 B 129ms
128ms Fetch
application/json 192.229.233.218
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.production.townsquareblogs.com/rest/high/api/cogitoergosum

Requested by

Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/aleph/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.218 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

nginx / Express

Resource Hash

ffc2aa2e3e28393c0bb334c2edc77186295b60d64d6eba3de05072cdd6bc47ea

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://cdn.production.townsquareblogs.com/aleph/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-type: application/json

Response headers

date: Wed, 27 Jul 2022 08:14:59 GMT
etag: W/"80-veCVyaCipITz2Qt6jI75gyZe/Ws"
server: nginx
x-powered-by: Express
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
x-ua-device: desktop
cache-control: no-cache
gdpr-source: DE
x-device: carbon
vary: Accept-Encoding
content-length: 128
expires: Wed, 27 Jul 2022 08:14:58 GMT

POST
H2 200 cogitoergosum Show response
cdn.production.townsquareblogs.com/rest/high/api/ Frame DD8B 128 B
427 B 132ms
132ms Fetch
application/json 192.229.233.218
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.production.townsquareblogs.com/rest/high/api/cogitoergosum

Requested by

Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/aleph/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.218 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

nginx / Express

Resource Hash

ffc2aa2e3e28393c0bb334c2edc77186295b60d64d6eba3de05072cdd6bc47ea

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://cdn.production.townsquareblogs.com/aleph/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-type: application/json

Response headers

date: Wed, 27 Jul 2022 08:14:59 GMT
etag: W/"80-veCVyaCipITz2Qt6jI75gyZe/Ws"
server: nginx
x-powered-by: Express
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
x-ua-device: desktop
cache-control: no-cache
gdpr-source: DE
x-device: carbon
vary: Accept-Encoding
content-length: 128
expires: Wed, 27 Jul 2022 08:14:58 GMT

GET
H2 200 launcher.min.js Show response
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 42 KB
15 KB 41ms
40ms Script
application/javascript 23.206.210.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.206.210.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-210-112.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a383ecd625c00c3b5051fd8eb6ad8ab4aa40503f4ebc2267338b11931d17875b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 08:14:59 GMT
content-encoding: gzip
last-modified: Wed, 19 Jan 2022 18:00:40 GMT
server: Apache
etag: "a7f8-5d5f329e947c3-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 15432
expires: Wed, 27 Jul 2022 08:29:59 GMT

GET
H2 200 pubads_impl_2022072101.js Show response
securepubads.g.doubleclick.net/gpt/ 378 KB
129 KB 138ms
40ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072101.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

d3112ae98e17f0ef1646d3c2a0dc0d89260387d4575be3f7a73d16dc1b6af5b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 07:41:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2015
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131903
x-xss-protection: 0
last-modified: Thu, 21 Jul 2022 08:37:35 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 27 Jul 2023 07:41:24 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 379 B
805 B 144ms
47ms XHR
application/json 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.xxlmag.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

b1732408342ec85a59f7a9b344a7e9775aacbdb1d54f41f6508b50260b7b7d17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Jul 2022 08:14:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 168
x-xss-protection: 0
expires: Wed, 27 Jul 2022 08:14:59 GMT

POST
H3 200 1a Show response
i.clean.gg/ 0
15 B 210ms
127ms XHR
application/octet-stream 34.95.69.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.xxlmag.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 27 Jul 2022 08:15:00 GMT
via: 1.1 google
server: nginx/1.21.6
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

OPTIONS
H2 204 1a
i.clean.gg/ Frame 0
0 219ms
125ms Preflight
text/plain 34.95.69.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.xxlmag.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8
date: Wed, 27 Jul 2022 08:14:59 GMT
server: nginx/1.21.6
via: 1.1 google

GET
H2 451 identity Show response
api.rlcdn.com/api/ 44 B
360 B 139ms
49ms XHR
text/plain 34.120.133.55
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity?pid=2&rt=envelope

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186854-113710634486999.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.xxlmag.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 27 Jul 2022 08:14:59 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.xxlmag.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
390 B 186ms
56ms XHR
application/json 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=186854
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186854-113710634486999.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 01981572acf2d1818efaba772a3a2541df935a8a6d3435a41aa4ff0f38b576c0

Request headers

Referer: https://www.xxlmag.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 27 Jul 2022 08:14:59 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.xxlmag.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Fri, 26 Aug 2022 08:14:59 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 294 KB
84 KB 78ms
37ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=35dd2d1c65b95f461ed8a7071b9158c6

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f287cc4748880ac3f8eb861217640350ac9e4002e80081f11a456a2fc7ff74d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.xxlmag.com/
Origin: https://www.xxlmag.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: Ub3CaMD7VEhyaCiFls5ICw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 85963
x-fb-rlafr: 0
x-fb-debug: 8qQ2+7BGc2EScZwaomK+Ans+/bEvZtfDT4bosUi8QP+5mANX5+bQ3xNmf2j7M+4tPvUXVt9iMfk4HZdBT6R7dg==
x-fb-content-md5: b75181fb25cf420d6e4b07fb9c0dcfac
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 27 Jul 2022 08:14:59 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "fa896b16f5ce28e6d0ee0a137e0d4e7f"
timing-allow-origin: *
priority: u=3,i
expires: Wed, 26 Jul 2023 22:39:36 GMT

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 248 B
605 B 38ms
37ms XHR
application/json 65.9.71.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3227&u=https%3A%2F%2Fwww.xxlmag.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-118.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 7beb96ef759b267b4159270a64ca009646a2e9a725882896b3dd431198b92058

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 06:09:09 GMT
via: 1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
server: Server
age: 7549
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.xxlmag.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
content-length: 248
x-amz-cf-id: z0eE71If1uljMffStclygG-s_UnzIEMZaU7wBsHQEIFN-FroGU1-7w==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 117ms
40ms XHR
application/javascript 65.9.71.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-118.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: ohN.Ia8q4H3SKA9S.12ooUiZoNn.3Gnl
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 16137
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 29 Jun 2022 23:14:57 GMT
server: AmazonS3
date: Wed, 27 Jul 2022 03:46:03 GMT
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 579a21a67e4dc50a655a7c0e9675261c.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: ihq4Ip_bfd9aCpefu9QY1PjzVnN87NL6_iGOFZ0fQXUsoxWfZbxNsg==

GET
H2 200 launcher Show response
proc.ad.cpe.dotomi.com/cvx/client/direct/ 415 B
622 B 165ms
40ms XHR
application/json 2a02:fa8:8806:13::1460
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.0&lid=336
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:13::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: 33e35e9cfc120a2f7a56d46bd1abb9e882362d11f5c89fc521b5f204ac423d71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 08:14:59 GMT
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.xxlmag.com
cache-control: max-age=1800
access-control-allow-credentials: true
content-length: 415
expires: Wed, 27 Jul 2022 08:44:59 GMT

GET
H2 200 631470830669776 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 39ms
38ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/631470830669776?v=2.9.66&r=stable

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2e771a626b910fcbd97ad2a1958e4298c913c60b6ee7ab26de765987dae7535c

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 86177
x-xss-protection: 0
pragma: public
x-fb-debug: eymIRasY3SFY1fxWYwV7U4loEDYGs1MI0ASHw1uWFTmyWjEybn3Cn4ZJQbAey67fKIMv+AUPOlsXtzLURP1Peg==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 27 Jul 2022 08:14:59 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 impl.20220726-3-RELEASE.js Show response
cdn.taboola.com/libtrc/ 675 KB
140 KB 43ms
43ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20220726-3-RELEASE.js
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 83114e06ee7ee9d83fd65c45ecd9f992affae8ec13c66441fe6e9a4be02a8852

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: 3jHQoEoaGqYb4bMzzm0zjbEPp5mWCfWm
content-encoding: br
etag: "266f8d9553c3cc07c7d39794f6b30952"
age: 26258
x-cache: HIT
content-length: 142608
x-amz-id-2: bDEMF3+13yZfYFIKH4RAegBOTWvBY6g3Vwdvb+ZaNzkqH3zloKW3sKWfXpcKfDnbCealduVz7eQ=
x-served-by: cache-hhn4055-HHN
last-modified: Tue, 26 Jul 2022 08:54:40 GMT
server: AmazonS3-br
x-timer: S1658909700.874131,VS0,VE0
date: Wed, 27 Jul 2022 08:14:59 GMT
vary: Accept-Encoding
x-amz-request-id: 3RYJ95C4C41YC9AP
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 59
x-cache-hits: 15510

GET
H/1.1 200
OK widget_iframe.dc05643fdb8d0e2b89e5cc3c1d26d1b5.html Show response
platform.twitter.com/widgets/ Frame EC37 320 KB
104 KB 41ms
41ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.dc05643fdb8d0e2b89e5cc3c1d26d1b5.html?origin=https%3A%2F%2Fwww.xxlmag.com
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67E2) /
Resource Hash: 4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer: https://www.xxlmag.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 648336
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105435
Content-Type: text/html; charset=utf-8
Date: Wed, 27 Jul 2022 08:14:59 GMT
Etag: "95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified: Tue, 19 Jul 2022 20:05:03 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67E2)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 53 KB
17 KB 41ms
38ms Script
application/javascript 23.206.210.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.206.210.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-210-112.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 08:14:59 GMT
content-encoding: gzip
last-modified: Tue, 01 Jun 2021 17:06:57 GMT
server: Apache
etag: "d398-5c3b75e9ebb41-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17087
expires: Wed, 27 Jul 2022 08:29:59 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 118ms
38ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=631470830669776&ev=PageView&dl=https%3A%2F%2Fwww.xxlmag.com%2F&rl=&if=false&ts=1658909699955&sw=1600&sh=1200&v=2.9.66&r=stable&ec=0&o=30&fbp=fb.1.1658909699954.555572911&it=1658909699837&coo=false&rqm=GET

Requested by

Host: www.xxlmag.com
URL: https://www.xxlmag.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 08:15:00 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Wed, 27 Jul 2022 08:15:00 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame EC37 580 B
541 B 556ms
147ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=3c1056a2806b27bc778226e9f1aa95ee1222ae09

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.dc05643fdb8d0e2b89e5cc3c1d26d1b5.html?origin=https%3A%2F%2Fwww.xxlmag.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

a502f79cb5fa985d8b516eeb3b2ce66e500731cd1999e64b3bb1cb035e784f66

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-response-time: 110
date: Wed, 27 Jul 2022 08:15:00 GMT
content-encoding: gzip
last-modified: Wed, 27 Jul 2022 08:15:00 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: ad296a84144b84d10f9b7d8705d09b3e666df2c751da9a60575f7f72f7730404
content-length: 260

GET
H2 200 gdpr-cmp-bootstrap.js Show response
cdn.conversant.mgr.consensu.org/gdpr/cmp/3/ 307 KB
68 KB 359ms
47ms Script
application/javascript 104.96.149.237
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-bootstrap.js
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.149.237 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-149-237.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: c5ce585015433e8c2e3488acd77585474b2b452580f49529a8633be8fa053773

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 08:15:00 GMT
content-encoding: gzip
last-modified: Wed, 20 Apr 2022 16:07:33 GMT
server: Apache
etag: "4cd44-5dd1830eaa2ac-gzip"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 3600
cache-control: max-age=900
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
content-length: 69090

POST
H2 200 headerstats Show response
as-sec.casalemedia.com/ 0
575 B 174ms
61ms XHR
text/plain 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=254982&u=https%3A%2F%2Fwww.xxlmag.com%2F&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186854-113710634486999.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.xxlmag.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 08:15:00 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2BFeoowlYP3jBBbdSQn6YFLnMi4ImLsrpQ2f9aLeFekcrnttjgf4CMco%2FcIy92VnBwvGfq45Z%2F3Uv33kjgwkBuT19sqTMvST5UdKrwYDdeK1J2UOHnOneKsj%2BZrTgSlFAPGp7jXxP5Q%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.xxlmag.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7313ecba9cb88ff2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 9535 0
18 B 80ms
37ms Document
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.xxlmag.com
URL: https://www.xxlmag.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.xxlmag.com
Referer: https://www.xxlmag.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.xxlmag.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Wed, 27 Jul 2022 08:15:00 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 euconsent Show response
api.conversant.mgr.consensu.org/ 105 B
293 B 239ms
79ms XHR
application/json 2a02:fa8:8806:12::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.conversant.mgr.consensu.org/euconsent?configId=10164&cmpVersion=3.6.0&c=39076456179
Requested by: Host: cdn.conversant.mgr.consensu.org
URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: 6261eaa84211fd6d5789603c39885b06a06d96a0fe3d24f4fb42116e9f4dcc22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin: https://www.xxlmag.com
date: Wed, 27 Jul 2022 08:15:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server: nginx
vary: Origin
content-type: application/json

GET
H2 200 vendor-list.json Show response
cdn.conversant.mgr.consensu.org/gdpr/vendorlist/v2/ 358 KB
47 KB 184ms
46ms XHR
application/json 104.96.149.237
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.conversant.mgr.consensu.org/gdpr/vendorlist/v2/vendor-list.json
Requested by: Host: cdn.conversant.mgr.consensu.org
URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.149.237 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-149-237.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 02bbd4863408b30a84607a06424f745dd36099dc8ab5222a93cf39bfe1602bf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 08:15:00 GMT
content-encoding: gzip
last-modified: Thu, 21 Jul 2022 16:15:01 GMT
server: Apache
etag: "59863-5e453050b5cdd-gzip"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 3600
cache-control: max-age=900
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
content-length: 47699

POST
H2 204 event Show response
api.conversant.mgr.consensu.org/gdpr/cmp/ 0
120 B 162ms
80ms XHR
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.conversant.mgr.consensu.org/gdpr/cmp/event
Requested by: Host: cdn.conversant.mgr.consensu.org
URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.xxlmag.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.xxlmag.com
date: Wed, 27 Jul 2022 08:15:01 GMT
access-control-allow-credentials: true
server: nginx
vary: Origin

GET
H2 200 gdpr-cmp-ui.js Show response
cdn.conversant.mgr.consensu.org/gdpr/cmp/3/ 326 KB
82 KB 48ms
48ms Script
application/javascript 104.96.149.237
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-ui.js
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.149.237 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-149-237.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a0b81c9b9e3f5889faa9ae2bb61877b0ccaf5f5246a28d2d8576f29acb3dd485

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 08:15:01 GMT
content-encoding: gzip
last-modified: Wed, 20 Apr 2022 16:07:33 GMT
server: Apache
etag: "5172d-5dd1830eaae64-gzip"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 3600
cache-control: max-age=900
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
content-length: 83280

GET
H2 200 en.json Show response
cdn.conversant.mgr.consensu.org/gdpr/cmp/3/languages/ 4 KB
1 KB 47ms
46ms XHR
application/json 104.96.149.237
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/languages/en.json
Requested by: Host: cdn.conversant.mgr.consensu.org
URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-ui.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.149.237 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-149-237.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7f500782cb117cf91e9efdb60a0f9dcc445cdcf735f4399690d7d8079f346d68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 08:15:01 GMT
content-encoding: gzip
last-modified: Wed, 20 Apr 2022 16:07:33 GMT
server: Apache
etag: "f30-5dd1830eac5d2-gzip"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 3600
cache-control: max-age=900
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
content-length: 1178

POST
H2 204 event Show response
api.conversant.mgr.consensu.org/gdpr/cmp/ 0
119 B 47ms
47ms XHR
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.conversant.mgr.consensu.org/gdpr/cmp/event
Requested by: Host: cdn.conversant.mgr.consensu.org
URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.xxlmag.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.xxlmag.com
date: Wed, 27 Jul 2022 08:15:01 GMT
access-control-allow-credentials: true
server: nginx
vary: Origin

POST
H2 200 cogitoergosum Show response
www.xxlmag.com/rest/high/api/ 128 B
339 B 278ms
278ms Fetch
application/json 192.229.233.172
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xxlmag.com/rest/high/api/cogitoergosum

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.172 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

nginx / Express

Resource Hash

0f94bbb298804c0c06b2df98ea803a97a2da669991b82fba55e0b0d3b78adfe8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.xxlmag.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 27 Jul 2022 08:15:01 GMT
etag: W/"80-WvIEDAox88wuqK4x+/LgJYIKv5o"
server: nginx
x-powered-by: Express
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
x-ua-device: desktop
cache-control: no-cache
gdpr-source: DE
x-device: desktop
vary: Accept-Encoding
content-length: 128
expires: Wed, 27 Jul 2022 08:15:00 GMT

GET
H3 200 status
www.facebook.com/x/oauth/ 0
0 64ms
64ms Fetch
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=184854740153433&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.xxlmag.com%2F&sdk=joey&wants_cookie_data=false

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: 0yeVEAidYL5Pd5aoZOHcw+86rtX3zbPkmgL5dejJeB3gXi/OA03DKbomjPxK00tHX/rM5Ahr6vQVgBq0TP4SZw==
fb-s: unknown
date: Wed, 27 Jul 2022 08:15:01 GMT
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.xxlmag.com
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=1
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 chunk-4.1488d756d199e623693b.1658519812594.js Show response
www.xxlmag.com/public/dist/chunks/ 6 KB
2 KB 38ms
38ms Script
application/javascript 192.229.233.172
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xxlmag.com/public/dist/chunks/chunk-4.1488d756d199e623693b.1658519812594.js

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.172 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6763) / Express

Resource Hash

fba1bd6312e410489a59cb22593f0afb5c6499610611ebdd844b987d898b256d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 27 Jul 2022 08:15:01 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 56848
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 2122
last-modified: Mon, 25 Jul 2022 16:26:25 GMT
server: ECS (frb/6763)
etag: W/"1755-182362e6277"
x-frame-options: SAMEORIGIN
x-varnish: 424913197 424880841
via: 1.1 varnish
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 27 Jul 2022 08:15:00 GMT

GET
H2 200 chunk-20.625510d0d28b869ae28a.1658519812594.js Show response
www.xxlmag.com/public/dist/chunks/ 1016 B
1 KB 38ms
38ms Script
application/javascript 192.229.233.172
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xxlmag.com/public/dist/chunks/chunk-20.625510d0d28b869ae28a.1658519812594.js

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.172 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67F3) / Express

Resource Hash

18df4e6f73e2578a6e9efc6dd6b37f9d6b366e1a1bb677288764d4b72552618f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 27 Jul 2022 08:15:01 GMT
via: 1.1 varnish
age: 56853
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 1016
last-modified: Mon, 25 Jul 2022 16:26:40 GMT
server: ECS (frb/67F3)
etag: W/"3f8-182362e9b24"
x-frame-options: SAMEORIGIN
x-varnish: 424879475
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 27 Jul 2022 08:15:00 GMT

GET
H2 200 chunk-21.6d4be2526be7c761134f.1658519812594.js Show response
www.xxlmag.com/public/dist/chunks/ 1 KB
903 B 38ms
37ms Script
application/javascript 192.229.233.172
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xxlmag.com/public/dist/chunks/chunk-21.6d4be2526be7c761134f.1658519812594.js

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.172 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67D6) / Express

Resource Hash

b4cd3b055ba32e94b5f05141b4bf92c0da37a117f3c7458e5446c1fdfccda098

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 27 Jul 2022 08:15:01 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 56822
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 783
last-modified: Mon, 25 Jul 2022 16:26:26 GMT
server: ECS (frb/67D6)
etag: W/"514-182362e6379"
x-frame-options: SAMEORIGIN
x-varnish: 424913196 424889060
via: 1.1 varnish
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 27 Jul 2022 08:15:00 GMT

GET
H2 200 chunk-22.6eb004657f451b16dab4.1658519812594.js Show response
www.xxlmag.com/public/dist/chunks/ 658 B
769 B 37ms
37ms Script
application/javascript 192.229.233.172
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xxlmag.com/public/dist/chunks/chunk-22.6eb004657f451b16dab4.1658519812594.js

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.172 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67E2) / Express

Resource Hash

331d6c254831ba29998957f1caf9672307ad0ea4c8c804aed6928b598920a76d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 27 Jul 2022 08:15:01 GMT
via: 1.1 varnish
age: 56745
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 658
last-modified: Mon, 25 Jul 2022 16:26:43 GMT
server: ECS (frb/67E2)
etag: W/"292-182362ea799"
x-frame-options: SAMEORIGIN
x-varnish: 1721916072
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 27 Jul 2022 08:15:00 GMT

GET
H2 200 chunk-19.21d68f7127e8c2c2b6c3.1658519812594.js Show response
www.xxlmag.com/public/dist/chunks/ 806 B
895 B 41ms
41ms Script
application/javascript 192.229.233.172
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xxlmag.com/public/dist/chunks/chunk-19.21d68f7127e8c2c2b6c3.1658519812594.js

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.172 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67BE) / Express

Resource Hash

a0cdb4c842213259d49174c4c3c459db9fc6e1e63bf0f923c4479f96559e9acf

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 27 Jul 2022 08:15:01 GMT
via: 1.1 varnish
age: 56853
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 806
last-modified: Mon, 25 Jul 2022 16:26:25 GMT
server: ECS (frb/67BE)
etag: W/"326-182362e60b6"
x-frame-options: SAMEORIGIN
x-varnish: 1721883519
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 27 Jul 2022 08:15:00 GMT

GET
H2 200 chunk-43.c4b4a4de333d1924c358.1658519812594.js Show response
www.xxlmag.com/public/dist/chunks/ 2 KB
913 B 39ms
38ms Script
application/javascript 192.229.233.172
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xxlmag.com/public/dist/chunks/chunk-43.c4b4a4de333d1924c358.1658519812594.js

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.172 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67A7) / Express

Resource Hash

f164cab4e087e773f8ed0723294ee7bee19681cdb2edc46500d24e52339ca227

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 27 Jul 2022 08:15:01 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 56847
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 829
last-modified: Mon, 25 Jul 2022 16:26:26 GMT
server: ECS (frb/67A7)
etag: W/"728-182362e637d"
x-frame-options: SAMEORIGIN
x-varnish: 1721916065 1721884923
via: 1.1 varnish
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 27 Jul 2022 08:15:00 GMT

GET
H2 200 chunk-32.e009ce1ef346ffa2e35a.1658519812594.js Show response
www.xxlmag.com/public/dist/chunks/ 40 KB
12 KB 38ms
38ms Script
application/javascript 192.229.233.172
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xxlmag.com/public/dist/chunks/chunk-32.e009ce1ef346ffa2e35a.1658519812594.js

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.172 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6724) / Express

Resource Hash

c7bca65ec9bb39b8b07a36b2db5809ed8d2c226d92fa061f3304b61ac7599518

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 27 Jul 2022 08:15:01 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 56847
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 12000
last-modified: Mon, 25 Jul 2022 16:26:26 GMT
server: ECS (frb/6724)
etag: W/"a09a-182362e6379"
x-frame-options: SAMEORIGIN
x-varnish: 424913190 424881076
via: 1.1 varnish
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 27 Jul 2022 08:15:00 GMT

GET
H2 200 chunk-13.812512b0fb60ab6e5b79.1658519812594.js Show response
www.xxlmag.com/public/dist/chunks/ 27 KB
8 KB 39ms
39ms Script
application/javascript 192.229.233.172
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xxlmag.com/public/dist/chunks/chunk-13.812512b0fb60ab6e5b79.1658519812594.js

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.172 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6772) / Express

Resource Hash

6808b52575ee5670dc4baccd0a6f6f5e25f02352b7d985af0329b9db21bd536e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 27 Jul 2022 08:15:01 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 56745
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 7887
last-modified: Mon, 25 Jul 2022 16:26:25 GMT
server: ECS (frb/6772)
etag: W/"6ae3-182362e6273"
x-frame-options: SAMEORIGIN
x-varnish: 1721916089
via: 1.1 varnish
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 27 Jul 2022 08:15:00 GMT

GET
H2 200 chunk-49.0baf0a0385862dc75ddb.1658519812594.js Show response
www.xxlmag.com/public/dist/chunks/ 2 KB
905 B 39ms
39ms Script
application/javascript 192.229.233.172
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xxlmag.com/public/dist/chunks/chunk-49.0baf0a0385862dc75ddb.1658519812594.js

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.172 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6794) / Express

Resource Hash

b89064eda1428624b37cb985d66122350bec24e637e0f92b65d2941c3213e564

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 27 Jul 2022 08:15:01 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 56848
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 807
last-modified: Mon, 25 Jul 2022 16:26:26 GMT
server: ECS (frb/6794)
etag: W/"663-182362e637d"
x-frame-options: SAMEORIGIN
x-varnish: 1721916090 1721884933
via: 1.1 varnish
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 27 Jul 2022 08:15:00 GMT

GET
H2 200 chunk-18.f00f27e81f465d488be9.1658519812594.js Show response
www.xxlmag.com/public/dist/chunks/ 65 KB
16 KB 39ms
38ms Script
application/javascript 192.229.233.172
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xxlmag.com/public/dist/chunks/chunk-18.f00f27e81f465d488be9.1658519812594.js

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.172 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67C1) / Express

Resource Hash

43eb05e3593d9c1eb46e863b433b9a6e7c0168237468825f236abb3da988e5c5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 27 Jul 2022 08:15:01 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 56853
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 16769
last-modified: Mon, 25 Jul 2022 16:26:43 GMT
server: ECS (frb/67C1)
etag: W/"10557-182362ea799"
x-frame-options: SAMEORIGIN
x-varnish: 424879481
via: 1.1 varnish
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 27 Jul 2022 08:15:00 GMT

GET
H2 200 chunk-14.6f98e66888da252737e3.1658519812594.js Show response
www.xxlmag.com/public/dist/chunks/ 5 KB
2 KB 63ms
62ms Script
application/javascript 192.229.233.172
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xxlmag.com/public/dist/chunks/chunk-14.6f98e66888da252737e3.1658519812594.js

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.172 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67A7) / Express

Resource Hash

b5f98699f7656749c3d530f4dfe7089caeeb905005663bd4a8724f86ba8ef2b6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 27 Jul 2022 08:15:01 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 56853
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 2021
last-modified: Mon, 25 Jul 2022 16:26:25 GMT
server: ECS (frb/67A7)
etag: W/"13d9-182362e60b2"
x-frame-options: SAMEORIGIN
x-varnish: 1721883520
via: 1.1 varnish
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 27 Jul 2022 08:15:00 GMT

GET
H2 200 chunk-17.72e900b2f86a4c17da28.1658519812594.js Show response
www.xxlmag.com/public/dist/chunks/ 64 KB
14 KB 64ms
64ms Script
application/javascript 192.229.233.172
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xxlmag.com/public/dist/chunks/chunk-17.72e900b2f86a4c17da28.1658519812594.js

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.172 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6738) / Express

Resource Hash

6d07cd25dd670e4a471aae42095f46ed3e2f346e3ea6a05945f39c3fded8db9d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 27 Jul 2022 08:15:01 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 56853
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 14142
last-modified: Mon, 25 Jul 2022 16:26:40 GMT
server: ECS (frb/6738)
etag: W/"1014f-182362e9b24"
x-frame-options: SAMEORIGIN
x-varnish: 1721883518
via: 1.1 varnish
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 27 Jul 2022 08:15:00 GMT

GET
H2 200 chunk-10.fe2b905c9c397c3c5954.1658519812594.js Show response
www.xxlmag.com/public/dist/chunks/ 967 B
1 KB 55ms
55ms Script
application/javascript 192.229.233.172
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xxlmag.com/public/dist/chunks/chunk-10.fe2b905c9c397c3c5954.1658519812594.js

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.172 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6752) / Express

Resource Hash

ef68f1402e8b4c134ed2fd2b1e37ea0537244c929d5a679279eb81d5a6908ff6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 27 Jul 2022 08:15:01 GMT
via: 1.1 varnish
age: 56853
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 967
last-modified: Mon, 25 Jul 2022 16:26:43 GMT
server: ECS (frb/6752)
etag: W/"3c7-182362ea799"
x-frame-options: SAMEORIGIN
x-varnish: 424879477
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 27 Jul 2022 08:15:00 GMT

GET
H2 200 chunk-11.98db4ed55fb5d9fa5c98.1658519812594.js Show response
www.xxlmag.com/public/dist/chunks/ 4 KB
2 KB 56ms
56ms Script
application/javascript 192.229.233.172
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xxlmag.com/public/dist/chunks/chunk-11.98db4ed55fb5d9fa5c98.1658519812594.js

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.172 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67D3) / Express

Resource Hash

23f06c0643529bc819ea2e3551488291076ca18aefaf2e1e637e6d003b79aeb6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 27 Jul 2022 08:15:01 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 56745
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 1496
last-modified: Mon, 25 Jul 2022 16:26:26 GMT
server: ECS (frb/67D3)
etag: W/"e03-182362e6375"
x-frame-options: SAMEORIGIN
x-varnish: 1721916067
via: 1.1 varnish
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 27 Jul 2022 08:15:00 GMT

GET
H2 200 / Show response
www.xxlmag.com/internal-ad-api/ 11 KB
3 KB 55ms
55ms Fetch
application/json 192.229.233.172
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xxlmag.com/internal-ad-api/?kw[]=pagetype-home&kw[]=device-desktop

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.172 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67AA) /

Resource Hash

cf46617e4551f4e8bf6252103ac31052454548835a35081232201ca43ec2bccc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 27 Jul 2022 08:15:01 GMT
content-encoding: gzip
age: 278
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 3337
last-modified: Wed, 27 Jul 2022 08:10:24 GMT
server: ECS (frb/67AA)
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
x-varnish: 1734954344
via: 1.1 varnish
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: application/json; charset=utf-8
expires: Wed, 27 Jul 2022 08:15:00 GMT

GET
H/1.1 200
OK bid Show response
krk.kargo.com/api/v2/ 2 B
677 B 202ms
43ms XHR
application/json 18.193.53.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%2202e78d56-97a1-40d0-9140-0107e0fee2ba%22%2C%22requestCount%22%3A0%2C%22timeout%22%3A2000%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1658909701349%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%222b9721c30432e3%22%3A%22_wPlmCMrvTH%22%2C%223b528f6709a4ec%22%3A%22_wPlmCMrvTH%22%2C%224694392ca32fd1%22%3A%22_wPlmCMrvTH%22%2C%225e213847cf11dd%22%3A%22_aDJRj7ybNG%22%7D%2C%22bidSizes%22%3A%7B%222b9721c30432e3%22%3A%5B%5B728%2C90%5D%5D%2C%223b528f6709a4ec%22%3A%5B%5B728%2C90%5D%5D%2C%224694392ca32fd1%22%3A%5B%5B970%2C250%5D%5D%2C%225e213847cf11dd%22%3A%5B%5B300%2C250%5D%5D%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_wPlmCMrvTH%22%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B728%2C90%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22tsm-ad-728a%22%2C%22transactionId%22%3A%22645bc2b1-c9dd-4cd4-96bc-e13c45d264bd%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22bidId%22%3A%222b9721c30432e3%22%2C%22bidderRequestId%22%3A%22134178bb937ed1%22%2C%22auctionId%22%3A%22e2fca552-3ee9-4665-9d7a-4f079c8f4f33%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%2C%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_wPlmCMrvTH%22%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B728%2C90%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22tsm-ad-728b%22%2C%22transactionId%22%3A%2236cfdd03-2a1a-44d7-a900-c3f205f32b78%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22bidId%22%3A%223b528f6709a4ec%22%2C%22bidderRequestId%22%3A%22134178bb937ed1%22%2C%22auctionId%22%3A%22e2fca552-3ee9-4665-9d7a-4f079c8f4f33%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%2C%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_wPlmCMrvTH%22%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B970%2C250%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22tsm-ad-970a%22%2C%22transactionId%22%3A%22e3576d71-d03b-4bee-a190-ac40d5bd6450%22%2C%22sizes%22%3A%5B%5B970%2C250%5D%5D%2C%22bidId%22%3A%224694392ca32fd1%22%2C%22bidderRequestId%22%3A%22134178bb937ed1%22%2C%22auctionId%22%3A%22e2fca552-3ee9-4665-9d7a-4f079c8f4f33%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%2C%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_aDJRj7ybNG%22%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B300%2C250%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22tsm-ad-maintop-300a%22%2C%22transactionId%22%3A%22aeb90fb4-8538-44f9-9997-b031852cc525%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22bidId%22%3A%225e213847cf11dd%22%2C%22bidderRequestId%22%3A%22134178bb937ed1%22%2C%22auctionId%22%3A%22e2fca552-3ee9-4665-9d7a-4f079c8f4f33%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%5D%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%7D%2C%22krux%22%3A%7B%22userID%22%3Anull%2C%22segments%22%3A%5B%5D%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fwww.xxlmag.com%2F%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=www.xxlmag.com&v=eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163&mver=299&gver=3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.53.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-53-70.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.xxlmag.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 27 Jul 2022 08:15:01 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.xxlmag.com
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Krk-No-Bid-Reason: consent
Content-Length: 26
X-Accel-Expires: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
587 B 163ms
42ms XHR
application/json 35.157.192.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=6.9.0&referrer=https%3A%2F%2Fwww.xxlmag.com%2F&tmax=2000

Requested by

Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=www.xxlmag.com&v=eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163&mver=299&gver=3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.157.192.91 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-157-192-91.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.xxlmag.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 08:15:01 GMT
accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width
x-auction-status: 12, 12, 12, 12, 12
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.xxlmag.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 823 B
999 B 218ms
62ms XHR
application/json 34.252.153.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1658909701353&to=0&aun=tsm-ad-728a&maxw=728&maxh=90&si=9106&pi=3&bf=728x90&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.xxlmag.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.9.0%22%7D&ogu=https%3A%2F%2Fwww.xxlmag.com%2F&ns=10240
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=www.xxlmag.com&v=eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163&mver=299&gver=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.153.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-153-54.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: eae6a1f99b7e2ecf6ca48edb9e2082da16b0c607bbcb8729f6458ab6fd3642a9

Request headers

Referer: https://www.xxlmag.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 08:15:01 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.xxlmag.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 823 B
998 B 222ms
67ms XHR
application/json 34.252.153.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1658909701354&to=0&aun=tsm-ad-728b&maxw=728&maxh=90&si=9107&pi=3&bf=728x90&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.xxlmag.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.9.0%22%7D&ogu=https%3A%2F%2Fwww.xxlmag.com%2F&ns=10240
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=www.xxlmag.com&v=eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163&mver=299&gver=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.153.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-153-54.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 04e82241f6db2277d40c7b91f2b2afa8dbd26fe23a7df047618b3ca18505145d

Request headers

Referer: https://www.xxlmag.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 08:15:01 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.xxlmag.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 823 B
998 B 216ms
61ms XHR
application/json 34.252.153.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1658909701354&to=0&aun=tsm-ad-maintop-300a&maxw=300&maxh=250&si=9133&pi=3&bf=300x250&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.xxlmag.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.9.0%22%7D&ogu=https%3A%2F%2Fwww.xxlmag.com%2F&ns=10240
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=www.xxlmag.com&v=eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163&mver=299&gver=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.153.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-153-54.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: d3c7fd45ec13ce93bf115a8a55cd6a7c540c7b8606d948560b3d49b2d29fe307

Request headers

Referer: https://www.xxlmag.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 08:15:01 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.xxlmag.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
706 B 139ms
46ms XHR
application/json 185.89.210.181
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.181 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

939.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.xxlmag.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 27 Jul 2022 08:15:01 GMT
X-Proxy-Origin: 80.255.7.105; 80.255.7.105; 939.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 20b96367-e500-4010-9e53-12289978f8d2
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.xxlmag.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 158 B
869 B 226ms
66ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2223a5ee9bf954565%22%3A%22bd9353b0b56f14676b5d%7C728x90%7Cgpid%3D%2F8328825%2Fnational%2FXXL%2Fhome%22%2C%2224accb181b6cedc%22%3A%22c99a69f0d282bf033c3f%7C728x90%7Cgpid%3D%2F8328825%2Fnational%2FXXL%2Fhome%22%2C%2225bbd22f65ef507%22%3A%22f77cce5412c0bdd56dca%7C970x250%7Cgpid%3D%2F8328825%2Fnational%2FXXL%2Fhome%22%2C%222679baff3b4d7ee%22%3A%22ce9f5ea48c91fcdec1d5%7C300x250%7Cgpid%3D%2F8328825%2Fnational%2FXXL%2Fhome%22%7D&ref=https%3A%2F%2Fwww.xxlmag.com%2F&s=8cb12c9e-a733-4b60-b46b-724ee81eaf83&pv=c2638780-4692-4d58-86e7-dd0a157cfe7f&vp=desktop&lib_name=prebid&lib_v=6.9.0&us=5&ius=1&coppa=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

749ba24a5c1fa567551841499d66407ddcbee72017937757af98686cc8faf5c1

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.xxlmag.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 27 Jul 2022 08:15:01 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-ams-1-7-128
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.xxlmag.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 144
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
116 B 177ms
70ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=www.xxlmag.com&v=eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163&mver=299&gver=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.xxlmag.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.xxlmag.com
date: Wed, 27 Jul 2022 08:14:59 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 arj Show response
townsquaremedia-d.openx.net/w/1.0/ 73 B
378 B 186ms
51ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://townsquaremedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.xxlmag.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=645bc2b1-c9dd-4cd4-96bc-e13c45d264bd%2C36cfdd03-2a1a-44d7-a900-c3f205f32b78%2Ce3576d71-d03b-4bee-a190-ac40d5bd6450%2Caeb90fb4-8538-44f9-9997-b031852cc525&nocache=1658909701362&aus=728x90%7C728x90%7C970x250%7C300x250&divids=tsm-ad-728a%2Ctsm-ad-728b%2Ctsm-ad-970a%2Ctsm-ad-maintop-300a&aucs=%2C%2C%2C&auid=540963438%2C540963438%2C540963440%2C540963437&aumfs=250%2C250%2C250%2C250
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=www.xxlmag.com&v=eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163&mver=299&gver=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: fc8e14365d84d370302cbdaafd93afc37a2e9501900046f48b063d3ea13f0cec

Request headers

Referer: https://www.xxlmag.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 08:15:01 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.xxlmag.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 338 B
456 B 139ms
49ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUMP71D3
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=www.xxlmag.com&v=eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163&mver=299&gver=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 80ace8e215adf10167e229620b0ad7af6dcb900483f92dbea0dbc3f298d488a4

Request headers

Referer: https://www.xxlmag.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 08:15:01 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.xxlmag.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
361 B 145ms
39ms XHR
application/json 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.xxlmag.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://www.xxlmag.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 200 v2 Show response
e.serverbid.com/api/ 16 B
389 B 505ms
135ms XHR
application/json 159.89.246.130
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/api/v2
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=www.xxlmag.com&v=eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163&mver=299&gver=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer: https://www.xxlmag.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 27 Jul 2022 08:15:01 GMT
content-encoding: gzip
access-control-max-age: 10080
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.xxlmag.com
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept
content-length: 42

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 239 B
1 KB 275ms
115ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11266&site_id=173182&zone_id=836168&size_id=2&p_pos=atf&rf=https%3A%2F%2Fwww.xxlmag.com%2F&kw=tsm-ad-728a&tk_flint=pbjs_lite_v6.9.0&x_source.tid=645bc2b1-c9dd-4cd4-96bc-e13c45d264bd&p_screen_res=1600x1200&rp_floor=0.25&rp_secure=1&rp_maxbids=1&slots=1&rand=0.10521744589448057
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=www.xxlmag.com&v=eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163&mver=299&gver=3
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 95333ee4bb807ecfdd6ad9903f3c4671ebe4e0336cdcd2c5698f5c3014804820

Request headers

Referer: https://www.xxlmag.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 27 Jul 2022 08:15:01 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.xxlmag.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 239
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 239 B
1 KB 228ms
68ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11266&site_id=173182&zone_id=836168&size_id=2&rf=https%3A%2F%2Fwww.xxlmag.com%2F&kw=tsm-ad-728b&tk_flint=pbjs_lite_v6.9.0&x_source.tid=36cfdd03-2a1a-44d7-a900-c3f205f32b78&p_screen_res=1600x1200&rp_floor=0.25&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9930582718386249
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=www.xxlmag.com&v=eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163&mver=299&gver=3
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 16db736c8a954fea625d63384a7eec2a29ead80b9d123fc4325d4c13730c390e

Request headers

Referer: https://www.xxlmag.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 27 Jul 2022 08:15:01 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.xxlmag.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 239
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
1 KB 313ms
153ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11266&site_id=173182&zone_id=836168&size_id=57&p_pos=atf&rf=https%3A%2F%2Fwww.xxlmag.com%2F&kw=tsm-ad-970a&tk_flint=pbjs_lite_v6.9.0&x_source.tid=e3576d71-d03b-4bee-a190-ac40d5bd6450&p_screen_res=1600x1200&rp_floor=0.25&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7021004368620967
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=www.xxlmag.com&v=eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163&mver=299&gver=3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 9547ca9374c290e5c266296b487680da873f2d7aad675afb7f8e678284a695bd

Request headers

Referer: https://www.xxlmag.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 27 Jul 2022 08:15:01 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.xxlmag.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
1 KB 204ms
44ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11266&site_id=173182&zone_id=836168&size_id=15&p_pos=atf&rf=https%3A%2F%2Fwww.xxlmag.com%2F&kw=tsm-ad-maintop-300a&tk_flint=pbjs_lite_v6.9.0&x_source.tid=aeb90fb4-8538-44f9-9997-b031852cc525&p_screen_res=1600x1200&rp_floor=0.25&rp_secure=1&rp_maxbids=1&slots=1&rand=0.04129854174863046
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=www.xxlmag.com&v=eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163&mver=299&gver=3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 3a9173e7ac12861179d9879cbd7c71ed079f4a4312a39a7b4df6e349701f73b1

Request headers

Referer: https://www.xxlmag.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 27 Jul 2022 08:15:01 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.xxlmag.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
641 B 164ms
61ms XHR
application/json 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=257438&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2261a883c129c51b7%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.xxlmag.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A3%2C%22ren%22%3Afalse%2C%22version%22%3A%226.9.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%226298c8c7fab592f%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22257438%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22635fadb6dfcd501%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22257439%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2264537de52831ef5%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22257462%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%7D
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=www.xxlmag.com&v=eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163&mver=299&gver=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c3fd00c0c3abd16cef70910de15c4f434ffb5d42763f13f236e257525cdfed3

Request headers

Referer: https://www.xxlmag.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 27 Jul 2022 08:15:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pchLpY9ZvtEAS2AEM5fcUmV%2Fubz%2FmwVWoqYib1QyhcinIPhXW0C3y8bcK56Eh47HoYKt%2FI%2FchsuOwAuC0qFZwCI9ARRpyI%2FnKJoifNhgcjcXMaIG689P6B%2BdyyWbYeaK4H3MWClw"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.xxlmag.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7313ecc26be29be6-FRA
expires: 0

POST
H2 204 hb Show response
hb.undertone.com/ 0
449 B 338ms
203ms XHR
text/plain 13.32.110.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.undertone.com/hb?pid=2552&domain=xxlmag.com
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=www.xxlmag.com&v=eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163&mver=299&gver=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-60.vie50.r.cloudfront.net
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.xxlmag.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 08:15:01 GMT
via: 1.1 a64e3ccdb085056758f4ef32e887b5dc.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: VIE50-C2
x-cache: Miss from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin: https://www.xxlmag.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
x-amz-cf-id: 7U0Xwc9EUnANFil7zd-NpYOBvW7-wwwKb6v1mE9TEUR-XvSodu0EtA==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 64 B
533 B 79ms
79ms XHR
text/javascript 65.9.71.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=3227&u=https%3A%2F%2Fwww.xxlmag.com%2F&pid=DByeIi2cLmkoj&cb=0&ws=1600x1200&v=8.1.0&t=2000&slots=%5B%7B%22sd%22%3A%22tsm-ad-970a%22%2C%22s%22%3A%5B%22970x250%22%5D%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%2227a01fe3-8dfb-4197-965d-eed05be9f8e0%22%5D%7D%2C%22sn%22%3A%22%2F8328825%2Fnational%2FXXL%2Ftsm-ad-970a%22%7D%2C%7B%22sd%22%3A%22tsm-ad-maintop-300a%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%2227a01fe3-8dfb-4197-965d-eed05be9f8e0%22%5D%7D%2C%22sn%22%3A%22%2F8328825%2Fnational%2FXXL%2Ftsm-ad-maintop-300a%22%7D%2C%7B%22sd%22%3A%22tsm-ad-728a%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%2227a01fe3-8dfb-4197-965d-eed05be9f8e0%22%5D%7D%2C%22sn%22%3A%22%2F8328825%2Fnational%2FXXL%2Ftsm-ad-728a%22%7D%2C%7B%22sd%22%3A%22tsm-ad-728b%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%2227a01fe3-8dfb-4197-965d-eed05be9f8e0%22%5D%7D%2C%22sn%22%3A%22%2F8328825%2Fnational%2FXXL%2Ftsm-ad-728b%22%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%7D&gdpre=1&gdprc=CPcxQAAPcxQAAAXADAENCZCgAAAAAH_AAAAAAAAR2AJMNW4gC7MscGbQMIoUQIwrCQqgUAEFAMLRBYAODgp2VgEusIWACAVIRgRAgxBRgwCAAQSAJCIAJAiwQCIAiAQAAgARAIQAMTAILACwMAgABANCxACgAECQgyICI5TAgKgSCglsrEEoK9DTCAOs8AKBRGxUACJJARSAgJCwcAwRICXiyQNMUb5ACMEKAUSoAAAA.YAAAAAAAAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.71.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-71-118.fra56.r.cloudfront.net

Software

Server /

Resource Hash

d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 08:15:01 GMT
via: 1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C1
x-amz-rid: A72MC9K081VE5BNDVG1H
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.xxlmag.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 64
x-amz-cf-id: uBEcK0zfMmXog2i5DhTLZJD3pdkTy9UBGvk35m6QPvpeXXMVNs-v2g==

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 165 KB
56 KB 142ms
60ms Fetch
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4130bb6df64ed956c9cb37a542c7865164604d9c791da8fc35dcb39f5800834c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 08:15:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56779
x-xss-protection: 0
server: cafe
etag: 862033717767566419
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 27 Jul 2022 08:15:01 GMT

GET
H/1.1 200
OK button.fed83577e235944f1c02f314fdfd94dd.js Show response
platform.twitter.com/js/ 7 KB
3 KB 37ms
37ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.fed83577e235944f1c02f314fdfd94dd.js
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BA) /
Resource Hash: dd73aaa40aaa3f68485ce0099ab91f2db304523f542b95da68397340d58d5c4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 27 Jul 2022 08:15:01 GMT
Content-Encoding: gzip
Age: 648340
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length: 2359
x-tw-cdn: VZ
Last-Modified: Tue, 19 Jul 2022 20:04:46 GMT
Server: ECS (frb/67BA)
Etag: "c1233079fb145bc77c712143fa5dcd65+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H2 200 attachment-playboi-carti-xxl-magazine-spring-2022-cover-1.jpg
townsquare.media/site/812/files/2022/04/ 12 KB
12 KB 314ms
312ms Image
image/jpeg 192.229.144.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/812/files/2022/04/attachment-playboi-carti-xxl-magazine-spring-2022-cover-1.jpg?w=300&q=75

Requested by

Host: www.xxlmag.com
URL: https://www.xxlmag.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.144.129 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (hhp/9AD2) / Express

Resource Hash

cfb9a6f7d528364f67d16655f7636ea28896a6e78b42a3cdb8bcf30c15718f6c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 27 Jul 2022 08:15:01 GMT
via: 1.1 varnish
age: 9116425
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 12536
last-modified: Tue, 12 Apr 2022 19:54:34 GMT
server: ECS (hhp/9AD2)
x-frame-options: SAMEORIGIN
x-varnish: 321033852
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 27 Jul 2022 08:15:00 GMT

GET
H2 200 attachment-latto-photo.jpg
townsquare.media/site/812/files/2022/04/ 16 KB
16 KB 316ms
313ms Image
image/jpeg 192.229.144.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/812/files/2022/04/attachment-latto-photo.jpg?w=300&q=75

Requested by

Host: www.xxlmag.com
URL: https://www.xxlmag.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.144.129 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (hhp/9AA2) / Express

Resource Hash

76f79da5351f7839eeced6ee2dd87b7424a5ae0e1daffe15d7b05d3ad479dafa

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 27 Jul 2022 08:15:01 GMT
via: 1.1 varnish
age: 9555504
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 16162
last-modified: Thu, 07 Apr 2022 17:54:05 GMT
server: ECS (hhp/9AA2)
x-frame-options: SAMEORIGIN
x-varnish: 2147990584
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 27 Jul 2022 08:15:00 GMT

GET
H2 200 attachment-2-chainz-photo-41.jpg
townsquare.media/site/812/files/2022/03/ 14 KB
14 KB 327ms
324ms Image
image/jpeg 192.229.144.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/812/files/2022/03/attachment-2-chainz-photo-41.jpg?w=300&q=75

Requested by

Host: www.xxlmag.com
URL: https://www.xxlmag.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.144.129 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (hhp/9AB4) / Express

Resource Hash

f6876a4cdf4c39b84e9ed9c96396ad94474fc9dcfc98eb48a2cd10640ffd2ad4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 27 Jul 2022 08:15:01 GMT
via: 1.1 varnish
age: 11976131
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 14243
last-modified: Thu, 10 Mar 2022 17:30:34 GMT
server: ECS (hhp/9AB4)
x-frame-options: SAMEORIGIN
x-varnish: 1714159601
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 27 Jul 2022 08:15:00 GMT

GET
H2 200 attachment-Kendrick-Lamar-Fan-Crying.jpg
townsquare.media/site/812/files/2022/07/ 30 KB
30 KB 315ms
312ms Image
image/jpeg 192.229.144.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/812/files/2022/07/attachment-Kendrick-Lamar-Fan-Crying.jpg?w=980&q=75

Requested by

Host: www.xxlmag.com
URL: https://www.xxlmag.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.144.129 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (hhp/9ABC) / Express

Resource Hash

8bf5698aaafc2d6aabcf5de5ec836291a5ad74ae181b108c929686a608b53126

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 27 Jul 2022 08:15:01 GMT
via: 1.1 varnish
age: 33954
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 30226
last-modified: Tue, 26 Jul 2022 21:57:27 GMT
server: ECS (hhp/9ABC)
x-frame-options: SAMEORIGIN
x-varnish: 1727685012
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 27 Jul 2022 08:15:00 GMT

GET
H2 200 attachment-Soulja-Boy-Charleston-White.jpg
townsquare.media/site/812/files/2022/07/ 55 KB
55 KB 327ms
325ms Image
image/jpeg 192.229.144.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/812/files/2022/07/attachment-Soulja-Boy-Charleston-White.jpg?w=980&q=75

Requested by

Host: www.xxlmag.com
URL: https://www.xxlmag.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.144.129 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (hhp/9AB0) / Express

Resource Hash

f8ab8670be3507d3be02cd5ebfc442c74cdddff40df97a27b5177e4a7b5cf6fc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 27 Jul 2022 08:15:01 GMT
via: 1.1 varnish
age: 44547
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 56050
last-modified: Tue, 26 Jul 2022 19:48:27 GMT
server: ECS (hhp/9AB0)
x-frame-options: SAMEORIGIN
x-varnish: 428057656 428032271
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 27 Jul 2022 08:15:00 GMT

GET
H2 200 attachment-d-smoke-header.jpg
townsquare.media/site/812/files/2022/07/ 103 KB
104 KB 327ms
325ms Image
image/jpeg 192.229.144.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/812/files/2022/07/attachment-d-smoke-header.jpg?w=980&q=75

Requested by

Host: www.xxlmag.com
URL: https://www.xxlmag.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.144.129 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (hhp/9A9A) / Express

Resource Hash

b4768f41be06cd6cc604370f202e708754359a874c6435b1b203df975fdae015

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 27 Jul 2022 08:15:01 GMT
via: 1.1 varnish
age: 55119
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 105871
last-modified: Tue, 26 Jul 2022 16:54:49 GMT
server: ECS (hhp/9A9A)
x-frame-options: SAMEORIGIN
x-varnish: 1722364064
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 27 Jul 2022 08:15:00 GMT

GET
H2 200 attachment-Nick-Cannon-Bre-Tiesi.jpg
townsquare.media/site/812/files/2022/01/ 124 KB
124 KB 327ms
325ms Image
image/jpeg 192.229.144.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/812/files/2022/01/attachment-Nick-Cannon-Bre-Tiesi.jpg?w=980&q=75

Requested by

Host: www.xxlmag.com
URL: https://www.xxlmag.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.144.129 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (hhp/9A8F) / Express

Resource Hash

95e8487979c6d15c19c3d5c84a705e292d9c796d7587183aa49e830e6ec4adfc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 27 Jul 2022 08:15:01 GMT
via: 1.1 varnish
age: 15329659
x-powered-by: Express
x-cache: HIT
x-carbon-image: streamed-queue
x-ua-device: desktop
x-device: desktop
content-length: 126719
last-modified: Sun, 30 Jan 2022 22:01:16 GMT
server: ECS (hhp/9A8F)
x-frame-options: SAMEORIGIN
x-varnish: 2182668222 2182662468
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 27 Jul 2022 08:15:00 GMT

GET
H2 200 attachment-Fivio-Foreign-Mase.jpg
townsquare.media/site/812/files/2022/07/ 77 KB
77 KB 621ms
619ms Image
image/jpeg 192.229.144.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/812/files/2022/07/attachment-Fivio-Foreign-Mase.jpg?w=980&q=75

Requested by

Host: www.xxlmag.com
URL: https://www.xxlmag.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.144.129 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (hhp/9AAB) / Express

Resource Hash

a898b7bf4e6841707907c880a7cfc7568598555c7f44a1f99ac275fc12035a70

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 27 Jul 2022 08:15:01 GMT
via: 1.1 varnish
age: 116687
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 78360
last-modified: Mon, 25 Jul 2022 23:50:08 GMT
server: ECS (hhp/9AAB)
x-frame-options: SAMEORIGIN
x-varnish: 1709355299 1709346279
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 27 Jul 2022 08:15:00 GMT

GET
H2 200 attachment-Swae-Lee-Trapped-Elevator.jpg
townsquare.media/site/812/files/2022/07/ 49 KB
49 KB 622ms
620ms Image
image/jpeg 192.229.144.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/812/files/2022/07/attachment-Swae-Lee-Trapped-Elevator.jpg?w=980&q=75

Requested by

Host: www.xxlmag.com
URL: https://www.xxlmag.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.144.129 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (hhp/9AD8) / Express

Resource Hash

65803cb6d15f6b70d2d746abb94d575090586c289548268099a66d79cfd67c98

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 27 Jul 2022 08:15:01 GMT
via: 1.1 varnish
age: 123599
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 50531
last-modified: Mon, 25 Jul 2022 21:54:13 GMT
server: ECS (hhp/9AD8)
x-frame-options: SAMEORIGIN
x-varnish: 1707701578
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 27 Jul 2022 08:15:00 GMT

GET
H2 200 attachment-Chris-Rock-Kevin-Hart-Dave-Chappelle.jpg
townsquare.media/site/812/files/2022/07/ 53 KB
53 KB 621ms
620ms Image
image/jpeg 192.229.144.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/812/files/2022/07/attachment-Chris-Rock-Kevin-Hart-Dave-Chappelle.jpg?w=980&q=75

Requested by

Host: www.xxlmag.com
URL: https://www.xxlmag.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.144.129 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (hhp/9AAB) / Express

Resource Hash

ceebd478f7ee4d616961bdb620461332d3d010084a0e1ae84ace97f18e9029ba

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 27 Jul 2022 08:15:01 GMT
via: 1.1 varnish
age: 127264
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 54261
last-modified: Mon, 25 Jul 2022 20:53:33 GMT
server: ECS (hhp/9AAB)
x-frame-options: SAMEORIGIN
x-varnish: 409794832 409789139
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 27 Jul 2022 08:15:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
442 B 146ms
48ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-19109753-54&cid=349846120.1658909700&jid=1995325672&gjid=1073869044&_gid=1571800599.1658909700&_u=6GBAgAADAAAAAE~&z=2047493529

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.xxlmag.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 27 Jul 2022 08:15:01 GMT
content-type: text/plain
access-control-allow-origin: https://www.xxlmag.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 114ms
37ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1782530630&t=pageview&_s=1&dl=https%3A%2F%2Fwww.xxlmag.com%2F&ul=en-us&de=UTF-8&dt=Hip-Hop%20News%2C%20Rap%20Music%20-%20XXL&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6GBAgAAD~&jid=1995325672&gjid=1073869044&cid=349846120.1658909700&tid=UA-19109753-54&_gid=1571800599.1658909700&_av=2.4.1&_au=20&cd1=&cd2=&cd3=&cd4=home&cd5=Mon%20Oct%2009%202017&cd6=15%3A46&cd7=standard&cd8=&cd9=B&cd10=no&cd12=&cd13=&cd14=&cd15=&cd16=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F103.0.5060.134%20Safari%2F537.36&did=i5iSjo&z=573173783

Requested by

Host: www.xxlmag.com
URL: https://www.xxlmag.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 00:07:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 29226
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 chunk-48.cb96b60da7652134f6e0.1658519812594.js Show response
www.xxlmag.com/public/dist/chunks/ 767 B
848 B 38ms
37ms Script
application/javascript 192.229.233.172
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xxlmag.com/public/dist/chunks/chunk-48.cb96b60da7652134f6e0.1658519812594.js

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.172 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6738) / Express

Resource Hash

a1cc951bbf1cff8818110958a4bcad1f7c3e5d66062e34fd4df8a6d92c023e62

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 27 Jul 2022 08:15:01 GMT
via: 1.1 varnish
age: 56847
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 767
last-modified: Mon, 25 Jul 2022 16:26:25 GMT
server: ECS (frb/6738)
etag: W/"2ff-182362e60ba"
x-frame-options: SAMEORIGIN
x-varnish: 424913284 424881114
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 27 Jul 2022 08:15:00 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.gzNO53US1Eg.O/m=auth/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-O-5j3TYHoQz2hPZzUvoU_Frhy2A/ 245 KB
83 KB 119ms
40ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.gzNO53US1Eg.O/m=auth/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-O-5j3TYHoQz2hPZzUvoU_Frhy2A/cb=gapi.loaded_0?le=scs

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ab6fa0f0fd7d1536e9eef1c39443a759ed4d0858fdceabc5df2961c0c445268

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 23:48:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30384
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 85099
x-xss-protection: 0
last-modified: Tue, 07 Jun 2022 15:25:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 26 Jul 2023 23:48:37 GMT

GET
H2 200 subscribe_embed Show response
www.youtube.com/ Frame 28E1 2 KB
2 KB 162ms
78ms Document
text/html 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/subscribe_embed?usegapi=1&channel=XXLMagazine&count=hidden&layout=default&theme=default&origin=https%3A%2F%2Fwww.xxlmag.com&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.gzNO53US1Eg.O%2Fd%3D1%2Frs%3DAHpOoo-O-5j3TYHoQz2hPZzUvoU_Frhy2A%2Fm%3D__features__

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e082d1f672b3295188c53ca9590dc0519973411071ff95daeac6ca2472668670

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xxlmag.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Wed, 27 Jul 2022 08:15:01 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.gzNO53US1Eg.O/m=ytsubscribe/exm=auth/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-O-5j3TYHoQz2hPZzUvoU_Frhy2A/ 738 B
508 B 116ms
44ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.gzNO53US1Eg.O/m=ytsubscribe/exm=auth/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-O-5j3TYHoQz2hPZzUvoU_Frhy2A/cb=gapi.loaded_1?le=scs

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a5c8c21210503f0e4f2499e47691b64707000069dc48ce3a62bb4e51223bf98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 23:59:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29754
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 482
x-xss-protection: 0
last-modified: Tue, 07 Jun 2022 15:25:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 26 Jul 2023 23:59:07 GMT

GET
H2 200 teju-webclient.min.js Show response
static.solutionshindsight.net/teju-webclient/ 81 KB
25 KB 535ms
430ms Script
application/javascript 143.204.215.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.solutionshindsight.net/teju-webclient/teju-webclient.min.js
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-49.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c67bf4df9ba03a46ddb9c00560b633602cec438362154d4cb081adc94dc1e5c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 08:15:03 GMT
content-encoding: gzip
last-modified: Wed, 13 Jul 2022 17:24:54 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: "99bdc0a0548afe00452a2f2dd5bff02b"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
via: 1.1 6080b2713e502211e152f21f5c59c5a6.cloudfront.net (CloudFront)
cache-control: no-cache
accept-ranges: bytes
content-length: 25483
x-amz-cf-id: ShTMZ0znJ1VodHenZZzb1YqjqSHGCQPkJI9Sso87IZJ-KSBpnl0umw==

GET
H2 200 tag.js Show response
a.teads.tv/analytics/ 19 KB
5 KB 254ms
55ms Script
text/javascript 92.123.36.4
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/analytics/tag.js
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.36.4 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-36-4.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b13c284d8d15523bd7ebce4afd286397cf2e82cafe72c0398f2d1724d60102af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
x-amz-version-id: irOlEHoFUsDZEf3_amcRiMP6y8y2THaL
content-encoding: br
last-modified: Tue, 14 Jun 2022 12:22:21 GMT
x-amz-request-id: MPYD45708FXH0BZ4
etag: "f92f25ba5af332861dc8cea3da5eb278"
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: private, max-age=3600
date: Wed, 27 Jul 2022 08:15:01 GMT
accept-ranges: bytes
content-length: 4779
x-amz-id-2: 0kqKFaqCblwMouM3PrM7kapg6LYD+SBz8wxEHs0o62VTjxw0lqFciVtkmuSjkYK70NJzdU0AFIs=

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 104 KB
41 KB 132ms
49ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-5352434

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e74abe796d960404cf16c39564bfa71ab43eaa66e22f6418eb023f50c890ad7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 08:15:01 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41269
x-xss-protection: 0
last-modified: Wed, 27 Jul 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 27 Jul 2022 08:15:01 GMT

POST
H2 200 cogitoergosum Show response
www.xxlmag.com/rest/high/api/ 22 B
89 B 158ms
158ms Fetch
application/json 192.229.233.172
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xxlmag.com/rest/high/api/cogitoergosum

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.172 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

nginx / Express

Resource Hash

38e1e6c680ef39235e64726496ece6b39355e5fb5d2ff9f94881393427ef9d67

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.xxlmag.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 27 Jul 2022 08:15:01 GMT
etag: W/"16-hwbt/zjXQQMHygKQH7w48NgHuys"
server: nginx
x-powered-by: Express
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
x-ua-device: desktop
cache-control: no-cache
gdpr-source: DE
x-device: desktop
vary: Accept-Encoding
content-length: 22
expires: Wed, 27 Jul 2022 08:15:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 60ms
45ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1782530630&t=event&_s=1&dl=https%3A%2F%2Fwww.xxlmag.com%2F&ul=en-us&de=UTF-8&dt=Hip-Hop%20News%2C%20Rap%20Music%20-%20XXL&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=adblock&ea=detection&el=off&_u=6GDAAAADAAAAAG~&jid=1857874989&gjid=624203829&cid=349846120.1658909700&tid=UA-115003007-7&_gid=1571800599.1658909700&_r=1&_slc=1&did=i5iSjo&z=242424721

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.xxlmag.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 08:15:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.xxlmag.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
491 B 75ms
74ms XHR
text/javascript 65.9.71.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=3227&u=https%3A%2F%2Fwww.xxlmag.com%2F&pid=DByeIi2cLmkoj&cb=1&ws=1600x1200&v=8.1.0&t=2000&slots=%5B%7B%22sd%22%3A%22tsm-ad-300b%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%2227a01fe3-8dfb-4197-965d-eed05be9f8e0%22%5D%7D%2C%22sn%22%3A%22%2F8328825%2Fnational%2FXXL%2Ftsm-ad-300b%22%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%7D&cfgv=1&gdpre=1&gdprc=CPcxQAAPcxQAAAXADAENCZCgAAAAAH_AAAAAAAAR2AJMNW4gC7MscGbQMIoUQIwrCQqgUAEFAMLRBYAODgp2VgEusIWACAVIRgRAgxBRgwCAAQSAJCIAJAiwQCIAiAQAAgARAIQAMTAILACwMAgABANCxACgAECQgyICI5TAgKgSCglsrEEoK9DTCAOs8AKBRGxUACJJARSAgJCwcAwRICXiyQNMUb5ACMEKAUSoAAAA.YAAAAAAAAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.71.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-71-118.fra56.r.cloudfront.net

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 08:15:01 GMT
via: 1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C1
x-amz-rid: 956XFRXFXPQCDA53S7N2
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.xxlmag.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: gYfOl8Hibx7jTjDVaj3foyC6gaZcchKXgz-yFHtglHb21ENK0o1mow==

GET
H3 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
15 KB 122ms
43ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,500,500italic,700,300italic,300%7CRoboto+Condensed:300,400,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

747d5a0865fe76129cc17fe70097fd5b1db733ed3bbfa0210a8505d80c14ab5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.xxlmag.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 22:33:26 GMT
x-content-type-options: nosniff
age: 34895
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15528
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:53:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Jul 2023 22:33:26 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
490 B 74ms
74ms XHR
text/javascript 65.9.71.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=3227&u=https%3A%2F%2Fwww.xxlmag.com%2F&pid=DByeIi2cLmkoj&cb=2&ws=1600x1200&v=8.1.0&t=2000&slots=%5B%7B%22sd%22%3A%22tsm-ad-300c%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22kv%22%3A%7B%22pubcid.org%22%3A%5B%2227a01fe3-8dfb-4197-965d-eed05be9f8e0%22%5D%7D%2C%22sn%22%3A%22%2F8328825%2Fnational%2FXXL%2Ftsm-ad-300c%22%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%7D&cfgv=1&gdpre=1&gdprc=CPcxQAAPcxQAAAXADAENCZCgAAAAAH_AAAAAAAAR2AJMNW4gC7MscGbQMIoUQIwrCQqgUAEFAMLRBYAODgp2VgEusIWACAVIRgRAgxBRgwCAAQSAJCIAJAiwQCIAiAQAAgARAIQAMTAILACwMAgABANCxACgAECQgyICI5TAgKgSCglsrEEoK9DTCAOs8AKBRGxUACJJARSAgJCwcAwRICXiyQNMUb5ACMEKAUSoAAAA.YAAAAAAAAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.71.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-71-118.fra56.r.cloudfront.net

Software

Server /

Resource Hash

5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 08:15:01 GMT
via: 1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C1
x-amz-rid: 22SC0E8RBEA2JVFMR8H1
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.xxlmag.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: yxJw8bpGf9bhPV1w_0nbCSmekBRjtzpviHy23Jf5A4NH23L77b01hg==

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 95 B
643 B 60ms
60ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2271a35b44e122bec%22%3A%226b6633e60f015d2cf44c%7C300x250%2C300x600%7Cgpid%3D%2F8328825%2Fnational%2FXXL%2Fhome%22%7D&ref=https%3A%2F%2Fwww.xxlmag.com%2F&s=6c795265-d94d-47e0-a303-2e6eaefdef84&pv=c2638780-4692-4d58-86e7-dd0a157cfe7f&vp=desktop&lib_name=prebid&lib_v=6.9.0&us=5&ius=1&coppa=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

131a47b5ba169453149f71118f24fd4e8832aa8969662c693e933b923383fd54

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.xxlmag.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 27 Jul 2022 08:15:01 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-ams-1-7-128
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.xxlmag.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 120
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 hb Show response
hb.undertone.com/ 0
449 B 198ms
198ms XHR
text/plain 13.32.110.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.undertone.com/hb?pid=2552&domain=xxlmag.com
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=www.xxlmag.com&v=eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163&mver=299&gver=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-60.vie50.r.cloudfront.net
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.xxlmag.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 08:15:01 GMT
via: 1.1 a64e3ccdb085056758f4ef32e887b5dc.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: VIE50-C2
x-cache: Miss from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin: https://www.xxlmag.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
x-amz-cf-id: rk6Enw-_GohlfVfZP9RJuRtACcIyslQdQ9tNqIsRzDHJQpcA06jgAA==
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
60 B 65ms
64ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=www.xxlmag.com&v=eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163&mver=299&gver=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.xxlmag.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.xxlmag.com
date: Wed, 27 Jul 2022 08:15:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 v2 Show response
e.serverbid.com/api/ 16 B
202 B 231ms
142ms XHR
application/json 159.89.246.130
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/api/v2
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=www.xxlmag.com&v=eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163&mver=299&gver=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer: https://www.xxlmag.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 27 Jul 2022 08:15:01 GMT
content-encoding: gzip
access-control-max-age: 10080
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.xxlmag.com
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept
content-length: 42

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
522 B 49ms
37ms XHR
application/json 35.157.192.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=6.9.0&referrer=https%3A%2F%2Fwww.xxlmag.com%2F&tmax=2000

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.157.192.91 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-157-192-91.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.xxlmag.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 08:15:01 GMT
accept-ch: sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width
x-auction-status: 12
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.xxlmag.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 260 B
715 B 55ms
49ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11266&site_id=173182&zone_id=836168&size_id=15&alt_size_ids=10&rf=https%3A%2F%2Fwww.xxlmag.com%2F&kw=tsm-ad-300b&tk_flint=pbjs_lite_v6.9.0&x_source.tid=7e7da58c-2783-4f62-9eb9-e8646cd17c45&p_screen_res=1600x1200&rp_floor=0.25&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9722985987832204
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=www.xxlmag.com&v=eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163&mver=299&gver=3
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 2b96526c784bdcaa3f94d8978f0359aebee360839b28876d99764fcfd1b94100

Request headers

Referer: https://www.xxlmag.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 27 Jul 2022 08:15:01 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.xxlmag.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 260
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H3 200 arj Show response
townsquaremedia-d.openx.net/w/1.0/ 73 B
101 B 94ms
51ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://townsquaremedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.xxlmag.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=7e7da58c-2783-4f62-9eb9-e8646cd17c45&nocache=1658909701651&aus=300x250%2C300x600&divids=tsm-ad-300b&aucs=&auid=540963437&aumfs=250
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=www.xxlmag.com&v=eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163&mver=299&gver=3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 62120f9380044d4eda0cc37fd03839ad449bedd9cb95a651514e917a7617ce18

Request headers

Referer: https://www.xxlmag.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 08:15:01 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.xxlmag.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 cygnus Show response
htlb.casalemedia.com/ 37 B
608 B 101ms
56ms XHR
application/json 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=257436&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%228646b030cbac5da%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.xxlmag.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A1%2C%22msi%22%3A1%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.9.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%228793e54696c7523%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22257436%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22257436%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%7D
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=www.xxlmag.com&v=eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163&mver=299&gver=3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af444a92eedbe0c081a62c6623815251c60ee13fa123fca180450c6922bd5526

Request headers

Referer: https://www.xxlmag.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 27 Jul 2022 08:15:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pDyy1HMsXzbDx8PO%2BAENTKxnrrwt3gocR4kU%2BASA30Zw6URhUSyIIDDHLROLlq8YWJeTZalMUwSizU4WKNzE7qmtU33HLRtqqHGvPxW4vdf5gJO63VPFfsvsnzF%2BDgbDrUvSbDCM"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.xxlmag.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7313ecc3c94b9a33-FRA
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
706 B 49ms
46ms XHR
application/json 185.89.210.181
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.181 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

939.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.xxlmag.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 27 Jul 2022 08:15:01 GMT
X-Proxy-Origin: 80.255.7.105; 80.255.7.105; 939.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 2a5999f5-2139-4d24-bf2a-5dc66b43e19c
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.xxlmag.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 823 B
840 B 63ms
61ms XHR
application/json 34.252.153.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1658909701661&to=0&aun=tsm-ad-300b&pv=2a153d62-a61f-477f-8adb-eaeb9d8100f0&maxw=300&maxh=600&si=9104&pi=3&bf=300x250%2C300x600&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.xxlmag.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.9.0%22%7D&ogu=https%3A%2F%2Fwww.xxlmag.com%2F&ns=10240
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=www.xxlmag.com&v=eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163&mver=299&gver=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.153.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-153-54.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: eae6a1f99b7e2ecf6ca48edb9e2082da16b0c607bbcb8729f6458ab6fd3642a9

Request headers

Referer: https://www.xxlmag.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 08:15:01 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.xxlmag.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
361 B 42ms
41ms XHR
application/json 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.xxlmag.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://www.xxlmag.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

GET
H/1.1 200
OK bid Show response
krk.kargo.com/api/v2/ 2 B
677 B 51ms
51ms XHR
application/json 18.193.53.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%2202e78d56-97a1-40d0-9140-0107e0fee2ba%22%2C%22requestCount%22%3A1%2C%22timeout%22%3A2000%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1658909701662%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%229562a3f97edb546%22%3A%22_aDJRj7ybNG%22%7D%2C%22bidSizes%22%3A%7B%229562a3f97edb546%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_aDJRj7ybNG%22%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22tsm-ad-300b%22%2C%22transactionId%22%3A%227e7da58c-2783-4f62-9eb9-e8646cd17c45%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%2C%22bidId%22%3A%229562a3f97edb546%22%2C%22bidderRequestId%22%3A%2294edc8b5191f649%22%2C%22auctionId%22%3A%229e53a55d-6248-4d98-b0c4-a1c0dcf2f977%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%5D%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%7D%2C%22krux%22%3A%7B%22userID%22%3Anull%2C%22segments%22%3A%5B%5D%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fwww.xxlmag.com%2F%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=www.xxlmag.com&v=eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163&mver=299&gver=3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.53.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-53-70.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.xxlmag.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 27 Jul 2022 08:15:01 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.xxlmag.com
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Krk-No-Bid-Reason: consent
Content-Length: 26
X-Accel-Expires: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 338 B
318 B 49ms
49ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUMP71D3
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=www.xxlmag.com&v=eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163&mver=299&gver=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: abf09fc45f87bbae310488f992ff6e9c0ff27e98eed46fac5c827483baea1ced

Request headers

Referer: https://www.xxlmag.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 08:15:01 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.xxlmag.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
706 B 59ms
45ms XHR
application/json 185.89.210.181
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.181 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

939.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.xxlmag.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 27 Jul 2022 08:15:01 GMT
X-Proxy-Origin: 80.255.7.105; 80.255.7.105; 939.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 39986e2d-f83c-45ed-ab93-f8e8db1622db
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.xxlmag.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 hb Show response
hb.undertone.com/ 0
448 B 201ms
201ms XHR
text/plain 13.32.110.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.undertone.com/hb?pid=2552&domain=xxlmag.com
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=www.xxlmag.com&v=eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163&mver=299&gver=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-60.vie50.r.cloudfront.net
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.xxlmag.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 08:15:01 GMT
via: 1.1 a64e3ccdb085056758f4ef32e887b5dc.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: VIE50-C2
x-cache: Miss from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin: https://www.xxlmag.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
x-amz-cf-id: hN1dKPJUoKVA008g4rL6MK5P_shj8jwNdeM6Z8iFp3IMBa9t3wUYng==
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
522 B 44ms
44ms XHR
application/json 35.157.192.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=6.9.0&referrer=https%3A%2F%2Fwww.xxlmag.com%2F&tmax=2000

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.157.192.91 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-157-192-91.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.xxlmag.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 08:15:01 GMT
accept-ch: sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width
x-auction-status: 12
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.xxlmag.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H3 200 arj Show response
townsquaremedia-d.openx.net/w/1.0/ 73 B
101 B 51ms
51ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://townsquaremedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.xxlmag.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=6bca4f76-65ab-4d1d-9c94-e9213ede674e&nocache=1658909701707&aus=300x250%2C300x600&divids=tsm-ad-300c&aucs=&auid=540963437&aumfs=250
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=www.xxlmag.com&v=eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163&mver=299&gver=3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: cc3fab541bafcd197c9333744b0984d4914e2228e3478cd4528b4095f30fd948

Request headers

Referer: https://www.xxlmag.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 08:15:01 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.xxlmag.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 v2 Show response
e.serverbid.com/api/ 16 B
202 B 174ms
143ms XHR
application/json 159.89.246.130
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/api/v2
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=www.xxlmag.com&v=eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163&mver=299&gver=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer: https://www.xxlmag.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 27 Jul 2022 08:15:01 GMT
content-encoding: gzip
access-control-max-age: 10080
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.xxlmag.com
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept
content-length: 42

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 96 B
644 B 41ms
39ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2211160e39cc2cd51f%22%3A%2203c250f27ee89433635c%7C300x250%2C300x600%7Cgpid%3D%2F8328825%2Fnational%2FXXL%2Fhome%22%7D&ref=https%3A%2F%2Fwww.xxlmag.com%2F&s=1117b2ca-7eb2-4ea5-aa11-0f19ffe48f04&pv=c2638780-4692-4d58-86e7-dd0a157cfe7f&vp=desktop&lib_name=prebid&lib_v=6.9.0&us=5&ius=1&coppa=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

e0e2be51c5bee7e7fe241738d7ddb1ec7c7a151fd7967e164de9d212aa7293e8

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.xxlmag.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 27 Jul 2022 08:15:01 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-ams-1-7-128
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.xxlmag.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 121
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 260 B
715 B 244ms
243ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11266&site_id=173182&zone_id=836168&size_id=15&alt_size_ids=10&rf=https%3A%2F%2Fwww.xxlmag.com%2F&kw=tsm-ad-300c&tk_flint=pbjs_lite_v6.9.0&x_source.tid=6bca4f76-65ab-4d1d-9c94-e9213ede674e&p_screen_res=1600x1200&rp_floor=0.25&rp_secure=1&rp_maxbids=1&slots=1&rand=0.47408060445522904
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=www.xxlmag.com&v=eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163&mver=299&gver=3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: f1b1d6aa1745cf49cc01b2b7fe1ed760b42e65532bded54803833f12a89ca90e

Request headers

Referer: https://www.xxlmag.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 27 Jul 2022 08:15:01 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.xxlmag.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 260
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
361 B 40ms
39ms XHR
application/json 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.xxlmag.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://www.xxlmag.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

GET
H/1.1 200
OK bid Show response
krk.kargo.com/api/v2/ 2 B
677 B 55ms
49ms XHR
application/json 18.193.53.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%2202e78d56-97a1-40d0-9140-0107e0fee2ba%22%2C%22requestCount%22%3A2%2C%22timeout%22%3A2000%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1658909701711%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%22117e99e10b8d0fdf%22%3A%22_aDJRj7ybNG%22%7D%2C%22bidSizes%22%3A%7B%22117e99e10b8d0fdf%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_aDJRj7ybNG%22%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22tsm-ad-300c%22%2C%22transactionId%22%3A%226bca4f76-65ab-4d1d-9c94-e9213ede674e%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%2C%22bidId%22%3A%22117e99e10b8d0fdf%22%2C%22bidderRequestId%22%3A%221163b13156012ca8%22%2C%22auctionId%22%3A%2266109a49-b4d0-4ca5-b632-a9d1a43da89e%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%5D%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%7D%2C%22krux%22%3A%7B%22userID%22%3Anull%2C%22segments%22%3A%5B%5D%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fwww.xxlmag.com%2F%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=www.xxlmag.com&v=eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163&mver=299&gver=3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.53.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-53-70.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.xxlmag.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 27 Jul 2022 08:15:01 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.xxlmag.com
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Krk-No-Bid-Reason: consent
Content-Length: 26
X-Accel-Expires: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 823 B
839 B 64ms
60ms XHR
application/json 34.252.153.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1658909701712&to=0&aun=tsm-ad-300c&pv=b83e81e2-78f1-4434-9624-1c72eacd849f&maxw=300&maxh=600&si=9105&pi=3&bf=300x250%2C300x600&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.xxlmag.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.9.0%22%7D&ogu=https%3A%2F%2Fwww.xxlmag.com%2F&ns=10240
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=www.xxlmag.com&v=eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163&mver=299&gver=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.153.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-153-54.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 04e82241f6db2277d40c7b91f2b2afa8dbd26fe23a7df047618b3ca18505145d

Request headers

Referer: https://www.xxlmag.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 08:15:01 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.xxlmag.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H3 200 cygnus Show response
htlb.casalemedia.com/ 38 B
573 B 55ms
53ms XHR
application/json 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=257437&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22120e26cc0eadc731%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.xxlmag.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A1%2C%22msi%22%3A1%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.9.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221212dc25f1cf341d%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22257437%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22257437%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%7D
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=www.xxlmag.com&v=eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163&mver=299&gver=3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6895eb31a72ac8b1578d18189c4d08a79631ef443ce889e77c41a725c5e45df

Request headers

Referer: https://www.xxlmag.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 27 Jul 2022 08:15:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yFTN%2FkiBmD8cxPVd2SryLbo7A5gQ5NybalnhxA1CXBzETY7MCm17Cs8BnKcoMziL6GoJhcLSYCeUQc3EoPIppVni0KA72lZd%2B%2Fn%2FC9oTFmB%2Fry%2Fg75OCNauj6hcIZpqICxOrqg0c"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.xxlmag.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7313ecc3d9729a33-FRA
expires: 0

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 338 B
316 B 50ms
47ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUMP71D3
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=www.xxlmag.com&v=eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163&mver=299&gver=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 9204540ece2723839a16da62af2e02051e58eab9c694c92f8eec9db3c1ed3487

Request headers

Referer: https://www.xxlmag.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 08:15:01 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.xxlmag.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
60 B 50ms
48ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=www.xxlmag.com&v=eeaa0bc662ba34efcf7f0ea8a67ef4eff46c1163&mver=299&gver=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.xxlmag.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.xxlmag.com
date: Wed, 27 Jul 2022 08:15:01 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H/1.1 200
OK follow_button.dc05643fdb8d0e2b89e5cc3c1d26d1b5.en.html Show response
platform.twitter.com/widgets/ Frame 930D 40 KB
15 KB 37ms
37ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/follow_button.dc05643fdb8d0e2b89e5cc3c1d26d1b5.en.html
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BA) /
Resource Hash: d3a80a9b4f42d0a0d9bab3c816f48c2be0103e114ca3b15f6afea21367dbc987

Request headers

Referer: https://www.xxlmag.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 648334
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 15049
Content-Type: text/html; charset=utf-8
Date: Wed, 27 Jul 2022 08:15:01 GMT
Etag: "b920a29baf855db414b687e4804194fd+gzip"
Last-Modified: Tue, 19 Jul 2022 20:04:48 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67BA)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H2 200 jot
syndication.twitter.com/i/ 43 B
380 B 155ms
155ms Image
image/gif 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fwww.xxlmag.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22XXL%22%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Awithcount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1658909701734%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%226da0b7085cc99%3A1658260301864%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=3c1056a2806b27bc778226e9f1aa95ee1222ae09

Requested by

Host: www.xxlmag.com
URL: https://www.xxlmag.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 08:15:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 117
pragma: no-cache
last-modified: Wed, 27 Jul 2022 08:15:01 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: ad296a84144b84d10f9b7d8705d09b3e666df2c751da9a60575f7f72f7730404
x-transaction: 95ab3427e6fb454f
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 attachment-megan-thee-stallion-joey-badass-flo-milli.jpg
townsquare.media/site/812/files/2022/07/ 22 KB
22 KB 361ms
354ms Image
image/jpeg 192.229.144.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/812/files/2022/07/attachment-megan-thee-stallion-joey-badass-flo-milli.jpg?w=300&q=75

Requested by

Host: www.xxlmag.com
URL: https://www.xxlmag.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.144.129 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (hhp/9AA2) / Express

Resource Hash

d7014d659e468d94efd3a36b67a9cc3881e33b6e6b2881aa59b22453026e97c9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 27 Jul 2022 08:15:01 GMT
via: 1.1 varnish
age: 397127
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 22445
last-modified: Fri, 22 Jul 2022 17:55:44 GMT
server: ECS (hhp/9AA2)
x-frame-options: SAMEORIGIN
x-varnish: 1654375759
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 27 Jul 2022 08:15:00 GMT

GET
H2 200 attachment-nardo-wick-joey-badass-rico-nasty.jpg
townsquare.media/site/812/files/2022/07/ 16 KB
16 KB 362ms
355ms Image
image/jpeg 192.229.144.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/812/files/2022/07/attachment-nardo-wick-joey-badass-rico-nasty.jpg?w=300&q=75

Requested by

Host: www.xxlmag.com
URL: https://www.xxlmag.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.144.129 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (hhp/9AB5) / Express

Resource Hash

37e37dea130138312da1e1713f8ed541fb266098a082d896d540242c8370588b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 27 Jul 2022 08:15:01 GMT
via: 1.1 varnish
age: 445022
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 16363
last-modified: Fri, 22 Jul 2022 04:36:37 GMT
server: ECS (hhp/9AB5)
x-frame-options: SAMEORIGIN
x-varnish: 1351716061
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 27 Jul 2022 08:15:00 GMT

GET
H2 200 attachment-lloyd-banks-dj-premier-yo-gotti.jpg
townsquare.media/site/812/files/2022/07/ 21 KB
21 KB 362ms
356ms Image
image/jpeg 192.229.144.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/812/files/2022/07/attachment-lloyd-banks-dj-premier-yo-gotti.jpg?w=300&q=75

Requested by

Host: www.xxlmag.com
URL: https://www.xxlmag.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.144.129 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (hhp/9AD8) / Express

Resource Hash

7c97e2a82ef7f4e39ee0a2299251911bc6e57db5eb122b45316375e6eb291de0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 27 Jul 2022 08:15:01 GMT
via: 1.1 varnish
age: 1001255
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 21700
last-modified: Fri, 15 Jul 2022 18:06:48 GMT
server: ECS (hhp/9AD8)
x-frame-options: SAMEORIGIN
x-varnish: 2669697519 2669693693
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 27 Jul 2022 08:15:00 GMT

GET
H2 200 attachment-real-boston-richey1.jpg
townsquare.media/site/812/files/2022/07/ 14 KB
14 KB 370ms
363ms Image
image/jpeg 192.229.144.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/812/files/2022/07/attachment-real-boston-richey1.jpg?w=300&q=75

Requested by

Host: www.xxlmag.com
URL: https://www.xxlmag.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.144.129 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (hhp/9AD1) / Express

Resource Hash

e6abf0bec8334553a7df88b9c7f42bdb80b61dbc8dd0bfcf6af3d60f7dfb178a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 27 Jul 2022 08:15:01 GMT
via: 1.1 varnish
age: 70042
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 14015
last-modified: Tue, 26 Jul 2022 12:45:26 GMT
server: ECS (hhp/9AD1)
x-frame-options: SAMEORIGIN
x-varnish: 1718592172 1718588669
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 27 Jul 2022 08:15:00 GMT

GET
H2 200 attachment-seddy-hendrinx.jpg
townsquare.media/site/812/files/2022/07/ 14 KB
14 KB 369ms
363ms Image
image/jpeg 192.229.144.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/812/files/2022/07/attachment-seddy-hendrinx.jpg?w=300&q=75

Requested by

Host: www.xxlmag.com
URL: https://www.xxlmag.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.144.129 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (hhp/9AF0) / Express

Resource Hash

10901cad87fed2a95b0ea4e87323bcee883278c988e91c80fb703c4ecf7f008f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 27 Jul 2022 08:15:01 GMT
via: 1.1 varnish
age: 1347334
x-powered-by: Express
x-cache: HIT
x-carbon-image: streamed-queue
x-ua-device: desktop
x-device: desktop
content-length: 14493
last-modified: Mon, 11 Jul 2022 17:59:28 GMT
server: ECS (hhp/9AF0)
x-frame-options: SAMEORIGIN
x-varnish: 1241467470
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 27 Jul 2022 08:15:00 GMT

GET
H2 200 attachment-ceo-trayle.jpg
townsquare.media/site/812/files/2022/06/ 14 KB
15 KB 363ms
358ms Image
image/jpeg 192.229.144.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/812/files/2022/06/attachment-ceo-trayle.jpg?w=300&q=75

Requested by

Host: www.xxlmag.com
URL: https://www.xxlmag.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.144.129 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (hhp/9A9E) / Express

Resource Hash

3ff1a39d9672729c790142c268210ec06530756a34ada20e32ae0555a9baa443

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 27 Jul 2022 08:15:01 GMT
via: 1.1 varnish
age: 2293413
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 14786
last-modified: Thu, 30 Jun 2022 19:07:51 GMT
server: ECS (hhp/9A9E)
x-frame-options: SAMEORIGIN
x-varnish: 1056650616
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 27 Jul 2022 08:15:00 GMT

GET
H2 200 attachment-rick-ross-1-2.jpeg
townsquare.media/site/812/files/2022/07/ 19 KB
19 KB 365ms
359ms Image
image/jpeg 192.229.144.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/812/files/2022/07/attachment-rick-ross-1-2.jpeg?w=300&q=75

Requested by

Host: www.xxlmag.com
URL: https://www.xxlmag.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.144.129 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (hhp/9AA7) / Express

Resource Hash

c92f8c1646093c23e711bcb85833e2d7abf2ba43ede918321f8910409518999e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 27 Jul 2022 08:15:01 GMT
via: 1.1 varnish
age: 151636
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 19261
last-modified: Mon, 25 Jul 2022 14:01:55 GMT
server: ECS (hhp/9AA7)
x-frame-options: SAMEORIGIN
x-varnish: 1700842349
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 27 Jul 2022 08:15:00 GMT

GET
H2 200 attachment-lil-wayne-kanye-west-rick-ross.jpg
townsquare.media/site/812/files/2022/07/ 20 KB
20 KB 365ms
360ms Image
image/jpeg 192.229.144.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/812/files/2022/07/attachment-lil-wayne-kanye-west-rick-ross.jpg?w=300&q=75

Requested by

Host: www.xxlmag.com
URL: https://www.xxlmag.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.144.129 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (hhp/9AAE) / Express

Resource Hash

6cdc75f959fe03ce203208f30b1510eae9c24f97884ac7cb4e58dd69f85bdf34

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 27 Jul 2022 08:15:01 GMT
via: 1.1 varnish
age: 566797
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 20455
last-modified: Wed, 20 Jul 2022 18:45:52 GMT
server: ECS (hhp/9AAE)
x-frame-options: SAMEORIGIN
x-varnish: 2236514513
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 27 Jul 2022 08:15:00 GMT

GET
H2 200 attachment-rick-ross-lizzo-j-cole.jpg
townsquare.media/site/812/files/2022/07/ 21 KB
21 KB 369ms
364ms Image
image/jpeg 192.229.144.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/812/files/2022/07/attachment-rick-ross-lizzo-j-cole.jpg?w=300&q=75

Requested by

Host: www.xxlmag.com
URL: https://www.xxlmag.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.144.129 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (hhp/9AA8) / Express

Resource Hash

a35c161d6aaa46b83ded8b9d1caf64bf6fc2138c4466d4b501b50a12b030b1fd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 27 Jul 2022 08:15:01 GMT
via: 1.1 varnish
age: 745825
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 21708
last-modified: Mon, 18 Jul 2022 16:59:44 GMT
server: ECS (hhp/9AA8)
x-frame-options: SAMEORIGIN
x-varnish: 2717347749
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 27 Jul 2022 08:15:00 GMT

GET
H2 200 attachment-attachment-2022-xxl-freshman-class-cover-final.jpeg
townsquare.media/site/812/files/2022/07/ 41 KB
41 KB 365ms
360ms Image
image/jpeg 192.229.144.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/812/files/2022/07/attachment-attachment-2022-xxl-freshman-class-cover-final.jpeg?w=300&q=75

Requested by

Host: www.xxlmag.com
URL: https://www.xxlmag.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.144.129 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (hhp/9AAA) / Express

Resource Hash

ee412f644e533374cfebb32898d56ff88f446544873fe1df4559e1046e187691

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 27 Jul 2022 08:15:01 GMT
via: 1.1 varnish
age: 1163758
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 42273
last-modified: Wed, 13 Jul 2022 20:58:49 GMT
server: ECS (hhp/9AAA)
x-frame-options: SAMEORIGIN
x-varnish: 2114206883 2114156721
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 27 Jul 2022 08:15:00 GMT

GET
H2 200 XXLSTORE.jpg
townsquare.media/site/812/files/2016/06/ 14 KB
14 KB 366ms
361ms Image
image/jpeg 192.229.144.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/812/files/2016/06/XXLSTORE.jpg?w=300&q=75

Requested by

Host: www.xxlmag.com
URL: https://www.xxlmag.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.144.129 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (hhp/9A96) / Express

Resource Hash

388900687cb23375bb397d35b5368d2e1f82fe55e951af830a1bf54b6b8607a1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 27 Jul 2022 08:15:01 GMT
via: 1.1 varnish
age: 20615633
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 14475
last-modified: Sat, 14 Sep 2019 15:29:16 GMT
server: ECS (hhp/9A96)
x-frame-options: SAMEORIGIN
x-varnish: 932074319
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 27 Jul 2022 08:15:00 GMT

GET
H2 200 biggie2.jpg
townsquare.media/site/812/files/2017/03/ 26 KB
26 KB 366ms
362ms Image
image/jpeg 192.229.144.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://townsquare.media/site/812/files/2017/03/biggie2.jpg?w=300&q=75

Requested by

Host: www.xxlmag.com
URL: https://www.xxlmag.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.144.129 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (hhp/9AB9) / Express

Resource Hash

8f2d7c46c4b97eee180ce56426c088860826fe1c28744b908993969214cc97c5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 27 Jul 2022 08:15:01 GMT
via: 1.1 varnish
age: 3247163
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 26978
last-modified: Thu, 14 Apr 2022 14:21:43 GMT
server: ECS (hhp/9AB9)
x-frame-options: SAMEORIGIN
x-varnish: 864205278
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 27 Jul 2022 08:15:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 153ms
62ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-19109753-54&cid=349846120.1658909700&jid=1995325672&_u=6GBAgAADAAAAAE~&z=1907638167

Requested by

Host: www.xxlmag.com
URL: https://www.xxlmag.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 08:15:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 150ms
62ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-19109753-54&cid=349846120.1658909700&jid=1995325672&_u=6GBAgAADAAAAAE~&z=1907638167

Requested by

Host: www.xxlmag.com
URL: https://www.xxlmag.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 08:15:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 www-subscribe-embed_split_v0.css
www.youtube.com/s/subscriptions/subscribe_embed/css/ Frame 28E1 38 KB
6 KB 118ms
39ms Stylesheet
text/css 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?usegapi=1&channel=XXLMagazine&count=hidden&layout=default&theme=default&origin=https%3A%2F%2Fwww.xxlmag.com&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.gzNO53US1Eg.O%2Fd%3D1%2Frs%3DAHpOoo-O-5j3TYHoQz2hPZzUvoU_Frhy2A%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9325cb86c14e757a3266ab710efa8294b3cd00403310dfe09e6f561f7c94b438

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/subscribe_embed?usegapi=1&channel=XXLMagazine&count=hidden&layout=default&theme=default&origin=https%3A%2F%2Fwww.xxlmag.com&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.gzNO53US1Eg.O%2Fd%3D1%2Frs%3DAHpOoo-O-5j3TYHoQz2hPZzUvoU_Frhy2A%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 17:31:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 139408
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6066
x-xss-protection: 0
last-modified: Wed, 18 Nov 2020 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 25 Jul 2023 17:31:33 GMT

GET
H3 200 www-subscribe-embed_v0.js Show response
www.youtube.com/s/subscriptions/subscribe_embed/js/ Frame 28E1 252 KB
72 KB 122ms
44ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed_v0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35196923692f06f97491caf22422cce4b612d5ef07c51842ca94a088b15456e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/subscribe_embed?usegapi=1&channel=XXLMagazine&count=hidden&layout=default&theme=default&origin=https%3A%2F%2Fwww.xxlmag.com&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.gzNO53US1Eg.O%2Fd%3D1%2Frs%3DAHpOoo-O-5j3TYHoQz2hPZzUvoU_Frhy2A%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 23:27:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 550043
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73785
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 21:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 20 Jul 2023 23:27:38 GMT

GET
H2 200 postmessageRelay Show response
accounts.google.com/o/oauth2/ Frame 6AAF 566 B
902 B 146ms
52ms Document
text/html 2a00:1450:4001:810::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.xxlmag.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.gzNO53US1Eg.O%2Fd%3D1%2Frs%3DAHpOoo-O-5j3TYHoQz2hPZzUvoU_Frhy2A%2Fm%3D__features__

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2bab58ac1b53672d96548d920eb0f84c9e129c6dce70ae4e10edd4ebe1618c60

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /o/cspreport script-src 'report-sample' 'nonce-8YlZ7g01XnE5qXa0PkarjA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xxlmag.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /o/cspreport script-src 'report-sample' 'nonce-8YlZ7g01XnE5qXa0PkarjA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-type: text/html; charset=utf-8
date: Wed, 27 Jul 2022 08:15:01 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 930D 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

activityi;dc_pre=CJuSjJzQmPkCFUWx7QodTogMOA;src=5352434;type=xxlmag;cat=xxl_f0;ord=8255264770632;gtm=2od7p0;auiddc=1892149480.1658909702;~oref=https%3A%2F%2Fwww.xxlmag.com%2F Show response
5352434.fls.doubleclick.net/ Frame 11A5
Redirect Chain

https://5352434.fls.doubleclick.net/activityi;src=5352434;type=xxlmag;cat=xxl_f0;ord=8255264770632;gtm=2od7p0;auiddc=1892149480.1658909702;~oref=https%3A%2F%2Fwww.xxlmag.com%2F?
https://5352434.fls.doubleclick.net/activityi;dc_pre=CJuSjJzQmPkCFUWx7QodTogMOA;src=5352434;type=xxlmag;cat=xxl_f0;ord=8255264770632;gtm=2od7p0;auiddc=1892149480.1658909702;~oref=https%3A%2F%2Fwww....

479 B
405 B

139ms
61ms

Document
text/html

172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5352434.fls.doubleclick.net/activityi;dc_pre=CJuSjJzQmPkCFUWx7QodTogMOA;src=5352434;type=xxlmag;cat=xxl_f0;ord=8255264770632;gtm=2od7p0;auiddc=1892149480.1658909702;~oref=https%3A%2F%2Fwww.xxlmag.com%2F?

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f134.1e100.net

Software

cafe /

Resource Hash

ab79a89ceb3f76c027f65fadcfb7cdf283f0d91ec09c047f37910581bb3f7e4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 380
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 27 Jul 2022 08:15:02 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 27 Jul 2022 08:15:02 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5352434.fls.doubleclick.net/activityi;dc_pre=CJuSjJzQmPkCFUWx7QodTogMOA;src=5352434;type=xxlmag;cat=xxl_f0;ord=8255264770632;gtm=2od7p0;auiddc=1892149480.1658909702;~oref=https%3A%2F%2Fwww.xxlmag.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 subscribe_button_branded_lozenge.png
www.youtube.com/s/subscriptions/subscribe_embed/img/ Frame 28E1 156 B
179 B 38ms
37ms Image
image/png 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/img/subscribe_button_branded_lozenge.png

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdb5ca36664e6906c51c4336873d7b45f29cb48c3b3188c853980813da650712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 22:55:02 GMT
x-content-type-options: nosniff
last-modified: Fri, 18 Sep 2020 20:15:00 GMT
server: sffe
age: 120000
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 156
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 25 Jul 2023 22:55:02 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.gzNO53US1Eg.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-O-5j3TYHoQz2hPZzUvoU_Frhy2A/ Frame 28E1 128 KB
42 KB 39ms
37ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.gzNO53US1Eg.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-O-5j3TYHoQz2hPZzUvoU_Frhy2A/cb=gapi.loaded_0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed_v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83b7ac2274b3bde75dc2eadc6ee79b946bcb516d78f1b66e5c7f4240f7ba8c61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 07:55:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 173973
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42800
x-xss-protection: 0
last-modified: Tue, 07 Jun 2022 15:25:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Jul 2023 07:55:29 GMT

POST
H3 204 cspreport
accounts.google.com/o/ Frame 6AAF 0
20 B 128ms
47ms Other
text/html 2a00:1450:4001:810::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/cspreport

Requested by

Host: www.xxlmag.com
URL: https://www.xxlmag.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bD25M_glkvBcPaeLXizZtw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport, require-trusted-types-for 'script';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.xxlmag.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.gzNO53US1Eg.O%2Fd%3D1%2Frs%3DAHpOoo-O-5j3TYHoQz2hPZzUvoU_Frhy2A%2Fm%3D__features__
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 08:15:02 GMT
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-bD25M_glkvBcPaeLXizZtw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport, require-trusted-types-for 'script';report-uri /o/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1832714284-postmessagerelay.js Show response
ssl.gstatic.com/accounts/o/ Frame 6AAF 10 KB
5 KB 122ms
37ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/1832714284-postmessagerelay.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.xxlmag.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.gzNO53US1Eg.O%2Fd%3D1%2Frs%3DAHpOoo-O-5j3TYHoQz2hPZzUvoU_Frhy2A%2Fm%3D__features__

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d173137e6d7fab67e8e696fea473731e28fed08d552de686256d0d9dfa21275

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 16:09:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 576323
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4294
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 04:08:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="federated-signon-mpm-access"
vary: Accept-Encoding
report-to: {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Jul 2023 16:09:39 GMT

GET
H3 200 rpc:shindig_random.js Show response
apis.google.com/js/ Frame 6AAF 14 KB
5 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/rpc:shindig_random.js?onload=init

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce85c8a7437abf6f187133ca1d2c06047f5cfa01e96e6596fee4a78e3e5efd60

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5527
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
date: Wed, 27 Jul 2022 08:15:02 GMT
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "48c89a3e2a4f0a74"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 08:15:02 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 98 KB
38 KB 123ms
46ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K346HJZ

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

407fb857254fa50f0a268b444d33747646f85b33fbb536463c27d287fb7cf717

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 08:15:02 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38428
x-xss-protection: 0
last-modified: Wed, 27 Jul 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 27 Jul 2022 08:15:02 GMT

GET
H3 200 cb=gapi.loaded_2 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.gzNO53US1Eg.O/m=gapi_iframes_style_bubble/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-O-5j3TYHoQz2hPZzUvoU_Frhy2A/ 28 KB
9 KB 40ms
37ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.gzNO53US1Eg.O/m=gapi_iframes_style_bubble/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-O-5j3TYHoQz2hPZzUvoU_Frhy2A/cb=gapi.loaded_2?le=scs

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55cc03f44bf429f9b2eb738d2adbe3214a4fd1dcc40c4e11407d3488b78a2041

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 07:55:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 173976
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9440
x-xss-protection: 0
last-modified: Tue, 07 Jun 2022 15:25:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Jul 2023 07:55:26 GMT

GET
H2 200 d3d3Lnh4bG1hZy5jb20= Show response
static.solutionshindsight.net/assets/ 5 KB
2 KB 555ms
473ms Fetch
application/json 143.204.215.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.solutionshindsight.net/assets/d3d3Lnh4bG1hZy5jb20=
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-49.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6bd8bc25d9eb79e291bf1307e527e45cd9b91ae2d652ca9b6a7538a06d437f81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"33762fc2366834adba0850bea9fb1079"
x-amz-cf-pop: FRA53-C1
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Mon, 25 Jul 2022 13:29:11 GMT
server: AmazonS3
date: Wed, 27 Jul 2022 08:15:03 GMT
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
cache-control: no-cache
x-amz-cf-id: 508iG6I9UQAVm5XtuW1pEcWMVY5_y4nc3cG6S328tCo1SSL3rHMDxg==

GET
H3 200 subscribe_embed Show response
www.youtube.com/ Frame E254 604 B
296 B 76ms
75ms Document
text/html 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCbg_UMjlHJg_19SZckaKajg&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.gzNO53US1Eg.O%2Fd%3D1%2Frs%3DAHpOoo-O-5j3TYHoQz2hPZzUvoU_Frhy2A%2Fm%3D__features__

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e074b5405261d1dd603e54917c96e09bd55b8f7ca7a8639c6e2b2643e9dc4b02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xxlmag.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Wed, 27 Jul 2022 08:15:02 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 border_3.gif
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 43 B
65 B 115ms
39ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/border_3.gif

Requested by

Host: www.xxlmag.com
URL: https://www.xxlmag.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8de81a1acb5f3788959ecc04eaa6526d5bdb29991157cecbef71042268c0374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 18:59:49 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 47713
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/gif
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 26 Jul 2023 18:59:49 GMT

GET
H3 200 spacer.gif
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 43 B
65 B 117ms
40ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/spacer.gif

Requested by

Host: www.xxlmag.com
URL: https://www.xxlmag.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 18:59:49 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 47713
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/gif
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 26 Jul 2023 18:59:49 GMT

GET
H3 200 bubbleSprite_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 318 B
341 B 110ms
41ms Image
image/png 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleSprite_3.png

Requested by

Host: www.xxlmag.com
URL: https://www.xxlmag.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

232334d177f358c07f8271994e6fc0c018abfce7c8910deb604de1440d741c45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 05:32:38 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 9744
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 318
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 27 Jul 2023 05:32:38 GMT

GET
H3 200 bubbleDropR_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 116 B
139 B 108ms
40ms Image
image/png 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropR_3.png

Requested by

Host: www.xxlmag.com
URL: https://www.xxlmag.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c7884164b248cb8d87de9edf64dc810e5753bb8ec0cd015800d7f39e08371c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 20:12:54 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 43328
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 26 Jul 2023 20:12:54 GMT

GET
H3 200 bubbleDropB_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 117 B
140 B 107ms
39ms Image
image/png 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropB_3.png

Requested by

Host: www.xxlmag.com
URL: https://www.xxlmag.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

984601230d8cbfe18370425e8e897037cc1a7adf831a691a9ede573cf44479d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 16:04:39 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 576623
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 20 Jul 2023 16:04:39 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.gzNO53US1Eg.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-O-5j3TYHoQz2hPZzUvoU_Frhy2A/ Frame 6AAF 53 KB
19 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.gzNO53US1Eg.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-O-5j3TYHoQz2hPZzUvoU_Frhy2A/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81ae5b2c86c7e1c4eb9ad5bae6ddb9f82e4f602a00e8d2e71ed59d4d0154f337

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 20:02:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 216766
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19093
x-xss-protection: 0
last-modified: Tue, 07 Jun 2022 15:25:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 24 Jul 2023 20:02:16 GMT

GET
H3 200 www-subscribe-embed-card_v0.css
www.youtube.com/s/subscriptions/subscribe_embed/css/ Frame E254 9 KB
2 KB 39ms
38ms Stylesheet
text/css 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed-card_v0.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCbg_UMjlHJg_19SZckaKajg&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.gzNO53US1Eg.O%2Fd%3D1%2Frs%3DAHpOoo-O-5j3TYHoQz2hPZzUvoU_Frhy2A%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fff7b5b76321e4080e4cf8a5b312d74a943b7ebc2aec9081ac7e17458123fcb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCbg_UMjlHJg_19SZckaKajg&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.gzNO53US1Eg.O%2Fd%3D1%2Frs%3DAHpOoo-O-5j3TYHoQz2hPZzUvoU_Frhy2A%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 07:55:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 173976
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2447
x-xss-protection: 0
last-modified: Wed, 25 Nov 2020 01:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 25 Jul 2023 07:55:26 GMT

GET
H3 200 www-subscribe-embed-card_v0.js Show response
www.youtube.com/s/subscriptions/subscribe_embed/js/ Frame E254 149 KB
44 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed-card_v0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1485460341dd7acce60bbff4b235101869025328e39f205fea7c0ea0f4b23ac6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCbg_UMjlHJg_19SZckaKajg&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.gzNO53US1Eg.O%2Fd%3D1%2Frs%3DAHpOoo-O-5j3TYHoQz2hPZzUvoU_Frhy2A%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 07:55:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 173976
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44975
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 21:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 25 Jul 2023 07:55:26 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.gzNO53US1Eg.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-O-5j3TYHoQz2hPZzUvoU_Frhy2A/ Frame E254 128 KB
42 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.gzNO53US1Eg.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-O-5j3TYHoQz2hPZzUvoU_Frhy2A/cb=gapi.loaded_0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed-card_v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83b7ac2274b3bde75dc2eadc6ee79b946bcb516d78f1b66e5c7f4240f7ba8c61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 07:55:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 173973
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42800
x-xss-protection: 0
last-modified: Tue, 07 Jun 2022 15:25:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Jul 2023 07:55:29 GMT

GET
H2 200 tag Show response
btloader.com/ 49 KB
12 KB 139ms
48ms Script
application/javascript 2606:4700:20::ac43:4686
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5642230212591616&upapi=true
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4686 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ceefb7f24ad304b648086c357ddb865b5485fb6ea69b6a329a5947e2a92b590d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 08:15:02 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3292
content-length: 12012
last-modified: Wed, 27 Jul 2022 07:19:32 GMT
server: cloudflare
etag: "ee3e1bc673748b8dedbcb714f43d5db6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mlqj4fPws1wzCMrTJd941cbgOHhfNkSoUU7mbfWI02tHXsy210q%2F3DOubIu3TOb%2FzotV0eVd7mxFWE19pozoSFarOJP2gEJqeZzJDaKA%2F2%2FyBiiF07u0wMDYvTIl9pa2L9PKLNAQaD75Tw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
via: 1.1 google
cache-control: public, max-age=300, must-revalidate, stale-if-error=86400, no-transform
accept-ranges: bytes
cf-ray: 7313ecc82f1b9b86-FRA

GET
H2

200

nsjs Show response
action.media6degrees.com/orbserv/
Redirect Chain

https://action.dstillery.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=XXL&ncv=24
https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=XXL&ncv=24

5 B
153 B

680ms
150ms

Script
text/html

2606:4700::6812:a4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=XXL&ncv=24
Requested by: Host: www.xxlmag.com
URL: https://www.xxlmag.com/
Protocol: H2
Server: 2606:4700::6812:a4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c370d9536d7d0d6a0f7cd7f9826692acd93e4fb05ba46f7b630b879740343d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 08:15:03 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 7313ecce9f185bf1-FRA
content-language: de-DE
p3p: CP="COM NAV INT STA NID OUR IND NOI"
access-control-allow-origin: *
cache-control: no-cache
content-type: text/html;charset=ISO-8859-1

Redirect headers

date: Wed, 27 Jul 2022 08:15:02 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=XXL&ncv=24
content-type: text/html; charset=iso-8859-1
access-control-allow-origin: *
cf-ray: 7313ecc8ee725bf1-FRA

GET
H2

200

nsjs Show response
action.media6degrees.com/orbserv/
Redirect Chain

https://action.dstillery.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=all_tsm_sv&ncv=24
https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=all_tsm_sv&ncv=24

5 B
255 B

675ms
144ms

Script
text/html

2606:4700::6812:a4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=all_tsm_sv&ncv=24
Requested by: Host: www.xxlmag.com
URL: https://www.xxlmag.com/
Protocol: H2
Server: 2606:4700::6812:a4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c370d9536d7d0d6a0f7cd7f9826692acd93e4fb05ba46f7b630b879740343d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 08:15:03 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 7313ecce9f1b5bf1-FRA
content-language: de-DE
p3p: CP="COM NAV INT STA NID OUR IND NOI"
access-control-allow-origin: *
cache-control: no-cache
content-type: text/html;charset=ISO-8859-1

Redirect headers

date: Wed, 27 Jul 2022 08:15:02 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=all_tsm_sv&ncv=24
content-type: text/html; charset=iso-8859-1
access-control-allow-origin: *
cf-ray: 7313ecc8ee755bf1-FRA

GET
H2 200 dc_pre=CJuSjJzQmPkCFUWx7QodTogMOA;src=5352434;type=xxlmag;cat=xxl_f0;ord=8255264770632;gtm=2od7p0;auiddc=1892149480.1658909702;~oref=https%3A%2F%2Fwww.xxlmag.com%2F Show response
adservice.google.com/ddm/fls/i/ Frame 8BE6 478 B
851 B 163ms
74ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CJuSjJzQmPkCFUWx7QodTogMOA;src=5352434;type=xxlmag;cat=xxl_f0;ord=8255264770632;gtm=2od7p0;auiddc=1892149480.1658909702;~oref=https%3A%2F%2Fwww.xxlmag.com%2F

Requested by

Host: 5352434.fls.doubleclick.net
URL: https://5352434.fls.doubleclick.net/activityi;dc_pre=CJuSjJzQmPkCFUWx7QodTogMOA;src=5352434;type=xxlmag;cat=xxl_f0;ord=8255264770632;gtm=2od7p0;auiddc=1892149480.1658909702;~oref=https%3A%2F%2Fwww.xxlmag.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9fd5d1b7af6d944356606e5adef3abbf4399f9e37605fbe5e9852d41083b88fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5352434.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 382
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 27 Jul 2022 08:15:02 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pubcid.min.js Show response
townsquare.media/public/resources/js/ 57 KB
18 KB 313ms
313ms Script
application/javascript 192.229.144.129
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://townsquare.media/public/resources/js/pubcid.min.js

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.144.129 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (hhp/9AC4) / Express

Resource Hash

f557eace0ab7f5c416209ea3b01c21e6bb36e52bb87b8e1ddc762c9b4ad2f94f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-abgroup: A
date: Wed, 27 Jul 2022 08:15:02 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 65718
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 18369
last-modified: Tue, 30 Mar 2021 01:10:25 GMT
server: ECS (hhp/9AC4)
etag: W/"e26f-17880ae892d"
x-frame-options: SAMEORIGIN
x-varnish: 1723153046 1719626908
via: 1.1 varnish
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 27 Jul 2022 08:15:01 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 128ms
39ms Script
application/javascript 143.204.215.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-108.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 08:06:03 GMT
content-encoding: gzip
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
server: AmazonS3
age: 540
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: qfpLyPHz51WDtqYl2vxpm6qzJiPJil08Z5mckIj9flC2gLJ8osvXPA==

GET
H2 200 px.gif
ad-delivery.net/ 43 B
927 B 133ms
43ms Image
image/gif 2606:4700:20::ac43:4513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: www.xxlmag.com
URL: https://www.xxlmag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
date: Wed, 27 Jul 2022 08:15:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1243979
x-guploader-uploadid: ADPycds5ly-F9Uw8pRQ6dBkLcihk5YldMFc8UNP2o7iczo8gvy92gQZuwnMtar1CaYFA_ZhoE0zgdoFlEttyqguUt8U
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-type: image/gif
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OMxkSaHJRuuXkOFP%2BKLkjbQUoETaFCpArGf7tR25ghFRc4bVPMT74caSevt0VSTlg83l3UJf39uZOwGtHL3w1x3w60HAeFp1IU5P90c3bTfOqqPUVQwslC22sgkvrXwccQgyOSzzQF7xk2v3VA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1620242732037093
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=86400
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 7313ecc91e2e9a15-FRA
expires: Tue, 12 Jul 2022 23:38:38 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
456 B 41ms
40ms Image
image/x-icon 172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: www.xxlmag.com
URL: https://www.xxlmag.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f134.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 19:50:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44658
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 27 Jul 2022 19:50:44 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
337 B 134ms
45ms Image
image/gif 2606:4700:20::ac43:4513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.09572841519763098
Requested by: Host: www.xxlmag.com
URL: https://www.xxlmag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
date: Wed, 27 Jul 2022 08:15:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1243979
x-guploader-uploadid: ADPycds5ly-F9Uw8pRQ6dBkLcihk5YldMFc8UNP2o7iczo8gvy92gQZuwnMtar1CaYFA_ZhoE0zgdoFlEttyqguUt8U
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-type: image/gif
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vc2zOruM%2F6x6Qkv0OCcY0jI4bbiQ9zLB7swDxjqrlAZVKNr94VkYdDcFrMa9r1gN%2BXYNn2M6U33WUsfYF7gE0ucP1ev08nLDRzxWhc3rJxvlPN26Ww6f59WJvXg2tFFN5AtCXzwHEeTFy8iP5g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1620242732037093
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=86400
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 7313ecc91e309a15-FRA
expires: Tue, 12 Jul 2022 23:38:38 GMT

GET
H2 200 dc_pre=CJuSjJzQmPkCFUWx7QodTogMOA;src=5352434;type=xxlmag;cat=xxl_f0;ord=8255264770632;gtm=2od7p0;auiddc=1892149480.1658909702;~oref=https%3A%2F%2Fwww.xxlmag.com%2F Show response
adservice.google.de/ddm/fls/i/ Frame 8AAD 194 B
870 B 188ms
77ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CJuSjJzQmPkCFUWx7QodTogMOA;src=5352434;type=xxlmag;cat=xxl_f0;ord=8255264770632;gtm=2od7p0;auiddc=1892149480.1658909702;~oref=https%3A%2F%2Fwww.xxlmag.com%2F

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CJuSjJzQmPkCFUWx7QodTogMOA;src=5352434;type=xxlmag;cat=xxl_f0;ord=8255264770632;gtm=2od7p0;auiddc=1892149480.1658909702;~oref=https%3A%2F%2Fwww.xxlmag.com%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 177
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 27 Jul 2022 08:15:02 GMT
expires: Wed, 27 Jul 2022 08:15:02 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 pv Show response
api.btloader.com/ 0
128 B 239ms
149ms XHR
text/plain 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=lNEajDHYOj&w=5703638245703680&o=5642230212591616&cv=2.0.9-1-g2cac8e3&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.xxlmag.com%2F&upapi=true
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5642230212591616&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 27 Jul 2022 08:15:02 GMT
cache-control: no-cache, no-store, must-revalidate
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

GET
H2 200 wp-banners.js Show response
static.solutionshindsight.net/teju-webclient/ 264 B
570 B 441ms
441ms Script
application/javascript 143.204.215.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.solutionshindsight.net/teju-webclient/wp-banners.js
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-49.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 24015e87dffbcb2aff83c109e1bb04da370a79c6a2a54b008dcf4a501db4473a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 08:15:04 GMT
content-encoding: gzip
last-modified: Wed, 13 Jul 2022 17:24:54 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: "50285bc7578291365606251c3522be74"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
via: 1.1 6080b2713e502211e152f21f5c59c5a6.cloudfront.net (CloudFront)
cache-control: no-cache
accept-ranges: bytes
content-length: 190
x-amz-cf-id: lIQgaOat2EtZ6YnmulsYpmnoYnsUh2Oci0AXSjeeLaMEtCQQVntwXA==

GET
H3 200 like.php Show response
www.facebook.com/v2.8/plugins/ Frame FB4A 0
20 B 64ms
63ms Document
text/html 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.8/plugins/like.php?action=like&app_id=184854740153433&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2c4b953e456824%26domain%3Dwww.xxlmag.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.xxlmag.com%252Ff42c68dfd55598%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fxxlmag&layout=button&locale=en_US&sdk=joey&share=false&show_faces=false&width=47px

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xxlmag.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html;charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 27 Jul 2022 08:15:03 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=0
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options: nosniff
x-fb-debug: O2XfKiVie5kAB32ODd/RBdkKU3iWaZ5rYdxW7BKxywv+LsNBGBdfMmVbM8tehj7vX2sr0GI94iLfosqHag5RGA==
x-xss-protection: 0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 5076 15 KB
6 KB 140ms
38ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156725
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://www.xxlmag.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=75671
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Wed, 27 Jul 2022 08:15:05 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Thu, 28 Jul 2022 05:16:16 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 836A 3 KB
2 KB 37ms
37ms Document
text/html 23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.xxlmag.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1387
Content-Type: text/html; charset=UTF-8
Date: Wed, 27 Jul 2022 08:15:04 GMT
ETag: "e20015-b68-5e4a60c97afb7"
Last-Modified: Mon, 25 Jul 2022 19:18:30 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server: Apache
Vary: Accept-Encoding

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 6854 37 B
139 B 136ms
47ms Document
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.xxlmag.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Wed, 27 Jul 2022 08:15:05 GMT

GET
H2 200 usersync.html Show response
cdn.undertone.com/js/ Frame 4737 9 KB
3 KB 158ms
41ms Document
text/html 2600:9000:214f:b200:1f:2473:9080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.undertone.com/js/usersync.html
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:b200:1f:2473:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0b7ba09f2858349da926e9fdfad78d3b6ac5e56ddceb16e48416186a0c952b18

Request headers

Referer: https://www.xxlmag.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 9458
content-encoding: gzip
content-type: text/html
date: Wed, 27 Jul 2022 05:37:28 GMT
etag: W/"690b8831dd941a438fb4bc8230f5d150"
last-modified: Thu, 23 Jun 2022 12:50:46 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
x-amz-cf-id: XpdOLStlE9APcGEhin1i0XZXdXVGAs0B7SYZvDrkwlkG4PTKap7oiA==
x-amz-cf-pop: FRA53-C1
x-amz-replication-status: COMPLETED
x-amz-version-id: p2Mlr2XRRx_BAA4Q4UMvSF8IHgqXyHE8
x-cache: Hit from cloudfront

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame AFD5 15 KB
6 KB 125ms
41ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156725
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://www.xxlmag.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=75671
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Wed, 27 Jul 2022 08:15:05 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Thu, 28 Jul 2022 05:16:16 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame 08AC 0
91 B 54ms
47ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.xxlmag.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Wed, 27 Jul 2022 08:15:04 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame 76EF 0
80 B 52ms
48ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.xxlmag.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Wed, 27 Jul 2022 08:15:04 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 7463 281 B
554 B 149ms
38ms Document
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.xxlmag.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 27 Jul 2022 08:15:05 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 usersync.html Show response
cdn.undertone.com/js/ Frame E872 9 KB
3 KB 150ms
42ms Document
text/html 2600:9000:214f:b200:1f:2473:9080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.undertone.com/js/usersync.html
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:b200:1f:2473:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0b7ba09f2858349da926e9fdfad78d3b6ac5e56ddceb16e48416186a0c952b18

Request headers

Referer: https://www.xxlmag.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 9458
content-encoding: gzip
content-type: text/html
date: Wed, 27 Jul 2022 05:37:28 GMT
etag: W/"690b8831dd941a438fb4bc8230f5d150"
last-modified: Thu, 23 Jun 2022 12:50:46 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
x-amz-cf-id: zmoPZ2Eb4gbvXpHNqcyIrmHf2NVQ9LxjebaCHMu_YbqP5MqFwEHckA==
x-amz-cf-pop: FRA53-C1
x-amz-replication-status: COMPLETED
x-amz-version-id: p2Mlr2XRRx_BAA4Q4UMvSF8IHgqXyHE8
x-cache: Hit from cloudfront

GET
H2 200 2000775.html Show response
sync.serverbid.com/ss/ Frame 7585 3 KB
1 KB 136ms
37ms Document
text/html 13.32.27.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.serverbid.com/ss/2000775.html
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-88.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4d9703f5b2fc4a0503e690cdbc7cd298606bdbe68fc31e1badeeb6c270f4a564

Request headers

Referer: https://www.xxlmag.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 16067
content-encoding: gzip
content-type: text/html
date: Wed, 27 Jul 2022 03:56:20 GMT
etag: W/"ee5f878b46e083edadf752a866616088"
last-modified: Sun, 24 Jul 2022 20:58:30 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 8e83c42d247a31c5b365c08a0352d8f8.cloudfront.net (CloudFront)
x-amz-cf-id: w2VpB8bHb7Ng9KY1s12tOY5KtHyh5_7WDqJW7Kxi0yIozQYEbMUX4Q==
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront

GET
H2 200 2000775.html Show response
sync.serverbid.com/ss/ Frame 1CCA 3 KB
1 KB 137ms
41ms Document
text/html 13.32.27.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.serverbid.com/ss/2000775.html
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-88.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4d9703f5b2fc4a0503e690cdbc7cd298606bdbe68fc31e1badeeb6c270f4a564

Request headers

Referer: https://www.xxlmag.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 16067
content-encoding: gzip
content-type: text/html
date: Wed, 27 Jul 2022 03:56:20 GMT
etag: W/"ee5f878b46e083edadf752a866616088"
last-modified: Sun, 24 Jul 2022 20:58:30 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 8e83c42d247a31c5b365c08a0352d8f8.cloudfront.net (CloudFront)
x-amz-cf-id: 6SnLDqWpsZslDPvbIOfXMNKXRgJrhyzDh-eCH__fTw5PEYi8Yq-MRw==
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 243C 37 B
140 B 115ms
45ms Document
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.xxlmag.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Wed, 27 Jul 2022 08:15:05 GMT

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 4514 21 KB
8 KB 253ms
104ms Document
text/html 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUMP71D3&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

5f9a436123b70ee367976f4053ee005dc8c80556d0a43163ecfc62d3899d88c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.xxlmag.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 7834
content-type: text/html; charset=UTF-8
date: Wed, 27 Jul 2022 08:15:05 GMT
expires: Fri, 29 Jul 2022 08:15:05 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame CEB1 3 KB
2 KB 56ms
42ms Document
text/html 23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.xxlmag.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1387
Content-Type: text/html; charset=UTF-8
Date: Wed, 27 Jul 2022 08:15:04 GMT
ETag: "e20015-b68-5e4a60c97afb7"
Last-Modified: Mon, 25 Jul 2022 19:18:30 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server: Apache
Vary: Accept-Encoding

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame 006F 0
80 B 57ms
57ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.xxlmag.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Wed, 27 Jul 2022 08:15:04 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 204 /
onetag-sys.com/usync/ Frame 654B 0
0 41ms
40ms Document
text/plain 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1658909701796

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.xxlmag.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 204 /
onetag-sys.com/usync/ Frame C2F4 0
0 41ms
40ms Document
text/plain 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1658909701841

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.xxlmag.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 sync Show response
eb2.3lift.com/ Frame D0FE 37 B
139 B 108ms
47ms Document
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.xxlmag.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Wed, 27 Jul 2022 08:15:05 GMT

GET
H2 200 usersync.html Show response
cdn.undertone.com/js/ Frame DD41 9 KB
3 KB 134ms
44ms Document
text/html 2600:9000:214f:b200:1f:2473:9080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.undertone.com/js/usersync.html
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:b200:1f:2473:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0b7ba09f2858349da926e9fdfad78d3b6ac5e56ddceb16e48416186a0c952b18

Request headers

Referer: https://www.xxlmag.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 9458
content-encoding: gzip
content-type: text/html
date: Wed, 27 Jul 2022 05:37:28 GMT
etag: W/"690b8831dd941a438fb4bc8230f5d150"
last-modified: Thu, 23 Jun 2022 12:50:46 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
x-amz-cf-id: 3SX2QdWH11K6pDfdON2ipQ9FolxdPNF9yDeo6hydWclb681ybFiswg==
x-amz-cf-pop: FRA53-C1
x-amz-replication-status: COMPLETED
x-amz-version-id: p2Mlr2XRRx_BAA4Q4UMvSF8IHgqXyHE8
x-cache: Hit from cloudfront

GET
H2 204 /
onetag-sys.com/usync/ Frame AF6D 0
0 45ms
44ms Document
text/plain 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1658909701570

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.xxlmag.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 2000775.html Show response
sync.serverbid.com/ss/ Frame CCA6 3 KB
1 KB 123ms
41ms Document
text/html 13.32.27.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.serverbid.com/ss/2000775.html
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-88.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4d9703f5b2fc4a0503e690cdbc7cd298606bdbe68fc31e1badeeb6c270f4a564

Request headers

Referer: https://www.xxlmag.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 16067
content-encoding: gzip
content-type: text/html
date: Wed, 27 Jul 2022 03:56:20 GMT
etag: W/"ee5f878b46e083edadf752a866616088"
last-modified: Sun, 24 Jul 2022 20:58:30 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 8e83c42d247a31c5b365c08a0352d8f8.cloudfront.net (CloudFront)
x-amz-cf-id: IiY8W7kaoUzqQGmIRQwkmc3lRoZdI21mlAYQ5Frjos4koGMIAXAkXQ==
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 90F8 21 KB
8 KB 236ms
100ms Document
text/html 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUMP71D3&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

5f9a436123b70ee367976f4053ee005dc8c80556d0a43163ecfc62d3899d88c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.xxlmag.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 7834
content-type: text/html; charset=UTF-8
date: Wed, 27 Jul 2022 08:15:05 GMT
expires: Fri, 29 Jul 2022 08:15:05 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 0B6C 3 KB
2 KB 104ms
58ms Document
text/html 23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.xxlmag.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1387
Content-Type: text/html; charset=UTF-8
Date: Wed, 27 Jul 2022 08:15:05 GMT
ETag: "e20015-b68-5e4a60c97afb7"
Last-Modified: Mon, 25 Jul 2022 19:18:30 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server: Apache
Vary: Accept-Encoding

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 2EDA 21 KB
8 KB 240ms
109ms Document
text/html 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUMP71D3&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

5f9a436123b70ee367976f4053ee005dc8c80556d0a43163ecfc62d3899d88c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.xxlmag.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 7834
content-type: text/html; charset=UTF-8
date: Wed, 27 Jul 2022 08:15:05 GMT
expires: Fri, 29 Jul 2022 08:15:05 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 5A56 15 KB
6 KB 93ms
44ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156725
Requested by: Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://www.xxlmag.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=75671
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Wed, 27 Jul 2022 08:15:05 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Thu, 28 Jul 2022 05:16:16 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H/1.1 200 9.gif
id5-sync.com/s/441/ 43 B
1 KB 152ms
39ms Image
image/gif 141.95.98.70
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/441/9.gif?puid=&gdpr=1&gdpr_consent=

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.70 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216620.ip-141-95-98.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 08:15:04 GMT
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/gif;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

GET
H2 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame 31F9 54 B
622 B 168ms
54ms Document
text/html 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPcxQAAPcxQAAAXADAENCZCgAAAAAH_AAAAAAAAR2AJMNW4gC7MscGbQMIoUQIwrCQqgUAEFAMLRBYAODgp2VgEusIWACAVIRgRAgxBRgwCAAQSAJCIAJAiwQCIAiAQAAgARAIQAMTAILACwMAgABANCxACgAECQgyICI5TAgKgSCglsrEEoK9DTCAOs8AKBRGxUACJJARSAgJCwcAwRICXiyQNMUb5ACMEKAUSoAAAA.YAAAAAAAAAAA&d=https%3A%2F%2Fwww.xxlmag.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7313ecd90cc19001-FRA
content-encoding: br
content-type: text/html
date: Wed, 27 Jul 2022 08:15:05 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZE9oYbqG8Q5yLOxT7Jl58SPA%2BySbZ%2FgBaBWVSwIpHfegylaZ4m4WMoj%2B6hFjq%2Fl5urLCcaLJOnRcZbDGplWtHmq8qa4qlQVEesY5ZIWSFFnFLD99NZcizPjBQB5vlUmLliD91yGK1eDXSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Is-Traffic-Usersync, Accept-Encoding

GET
H2 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame E544 54 B
326 B 118ms
57ms Document
text/html 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPcxQAAPcxQAAAXADAENCZCgAAAAAH_AAAAAAAAR2AJMNW4gC7MscGbQMIoUQIwrCQqgUAEFAMLRBYAODgp2VgEusIWACAVIRgRAgxBRgwCAAQSAJCIAJAiwQCIAiAQAAgARAIQAMTAILACwMAgABANCxACgAECQgyICI5TAgKgSCglsrEEoK9DTCAOs8AKBRGxUACJJARSAgJCwcAwRICXiyQNMUb5ACMEKAUSoAAAA.YAAAAAAAAAAA&d=https%3A%2F%2Fwww.xxlmag.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7313ecd91cc29001-FRA
content-encoding: br
content-type: text/html
date: Wed, 27 Jul 2022 08:15:05 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7OssWCOR7fRugPYKphE1sCXAjaZj92zaa9xyDR2JqW3q%2FfE8%2BfgNF9H%2FIkhy7jBWsCcvG1E8WXPKYl9rvXk0R97nYC2fwYh1z%2BmRQBKXBM8y7ifhCgDMIgIJ1Q4DxYsO7NefmPtscP4bng%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Is-Traffic-Usersync, Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 7463 31 KB
10 KB 38ms
37ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c3d3e53145b2e47ef3c4a2a08c8a644b8acf51380859a40d48a39447646e9a02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 27 Jul 2022 08:15:05 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Jul 2022 20:44:25 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=85706
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9450
Expires: Thu, 28 Jul 2022 08:03:31 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame C8E1 15 KB
6 KB 42ms
39ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://sync.serverbid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=75671
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Wed, 27 Jul 2022 08:15:05 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Thu, 28 Jul 2022 05:16:16 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame 7585 63 B
391 B 200ms
65ms Fetch
application/json 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 491c32434c693b46f77af4f3b6b3ae7e10fbeb1ba74f703ed2982ae9207cb14d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 08:15:05 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://sync.serverbid.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Fri, 26 Aug 2022 08:15:05 GMT

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame 7585 0
277 B 179ms
54ms Image
text/plain 216.52.2.39
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D4%26spui%3D%26dpui%3D%24UID
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 27 Jul 2022 08:15:05 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H2 204 um
cs.emxdgt.com/ Frame 7585 0
55 B 254ms
64ms Image
text/html 18.184.174.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.emxdgt.com/um?ssp=pbs&redirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D9%26spui%3D%26dpui%3D%24UID
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.184.174.1 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-174-1.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 08:15:05 GMT
content-length: 0
content-type: text/html

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/ Frame 7585
Redirect Chain

https://p.rfihub.com/cm?pub=42786&in=1
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=5141210821205561252

35 B
99 B

114ms
113ms

Image
image/gif

159.89.246.130
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=5141210821205561252
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Server: 159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 08:15:05 GMT
content-encoding: gzip
access-control-max-age: 10080
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: https://sync.serverbid.com
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept
content-length: 58

Redirect headers

Location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=5141210821205561252
Date: Wed, 27 Jul 2022 08:15:05 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

usersync
x.serverbid.com/ Frame 7585
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D&s=185073&C=1
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=YuD0CYfqjmdhh0oqvKCpZgAA%265151

35 B
218 B

114ms
113ms

Image
image/gif

159.89.246.130
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=YuD0CYfqjmdhh0oqvKCpZgAA%265151
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Server: 159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 08:15:05 GMT
content-encoding: gzip
access-control-max-age: 10080
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: https://sync.serverbid.com
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept
content-length: 58

Redirect headers

pragma: no-cache
date: Wed, 27 Jul 2022 08:15:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F2YkxemKvH6atz6VJa%2Bl1Kc7R9M9hqzTm3yIO4GlKYErBre2NVFNVKni8HZKQE99LSWJ2nyc%2FcX1uo3i45DlECg%2FwPfuNMsiqYcXLKU9MJT1dVzhBi%2B5h9o5f%2BOw5qCT%2FTZAtwVv3kwRSA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=YuD0CYfqjmdhh0oqvKCpZgAA%265151
cache-control: no-cache
cf-ray: 7313ecda9f67913a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 prebid
rtb.openx.net/sync/ Frame 7585 43 B
351 B 186ms
53ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5531%26spui%3D%26dpui%3D%24%7BUID%7D
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 08:15:05 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: agdlbmnvvojm73rvce0an3roiv0o8rhc

GET
H2

200

usersync
x.serverbid.com/ Frame 7585
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fx.serverbid.com%252Fusersync%253Fttt%253D1%2526src%253D2%2526cspi%253D0%2526cn%253D5551%2526spui%253D%2526dpui%253D%2524UID
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=1171986940427637677

35 B
269 B

118ms
111ms

Image
image/gif

159.89.246.130
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=1171986940427637677
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Server: 159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 08:15:05 GMT
content-encoding: gzip
access-control-max-age: 10080
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: https://sync.serverbid.com
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept
content-length: 58

Redirect headers

Pragma: no-cache
Date: Wed, 27 Jul 2022 08:15:05 GMT
X-Proxy-Origin: 80.255.7.105; 80.255.7.105; 939.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 7b227504-8ae0-4243-82bb-c782d6d48e04
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=1171986940427637677
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usa
sync.go.sonobi.com/ Frame 7585 0
478 B 213ms
39ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5444%26spui%3D%26dpui%3D

Requested by

Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Jul 2022 08:15:05 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/ Frame 7585
Redirect Chain

https://pixel.advertising.com/ups/56621/occ
https://ups.analytics.yahoo.com/ups/56621/occ
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=

35 B
99 B

113ms
113ms

Image
image/gif

159.89.246.130
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Server: 159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 08:15:05 GMT
content-encoding: gzip
access-control-max-age: 10080
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: https://sync.serverbid.com
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept
content-length: 58

Redirect headers

location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=
date: Wed, 27 Jul 2022 08:15:05 GMT
server: ATS/9.1.0.46
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame 1CCA 0
277 B 174ms
52ms Image
text/plain 216.52.2.39
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D4%26spui%3D%26dpui%3D%24UID
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 27 Jul 2022 08:15:05 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H2 204 um
cs.emxdgt.com/ Frame 1CCA 0
22 B 251ms
64ms Image
text/html 18.184.174.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.emxdgt.com/um?ssp=pbs&redirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D9%26spui%3D%26dpui%3D%24UID
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.184.174.1 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-174-1.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 08:15:05 GMT
content-length: 0
content-type: text/html

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/ Frame 1CCA
Redirect Chain

https://p.rfihub.com/cm?pub=42786&in=1
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=5140084921364264866

35 B
99 B

129ms
129ms

Image
image/gif

159.89.246.130
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=5140084921364264866
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Server: 159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 08:15:05 GMT
content-encoding: gzip
access-control-max-age: 10080
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: https://sync.serverbid.com
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept
content-length: 58

Redirect headers

Location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=5140084921364264866
Date: Wed, 27 Jul 2022 08:15:05 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

usersync
x.serverbid.com/ Frame 1CCA
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D&s=185073&C=1
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=YuD0CYfqjmdhh0oqvKCpZgAA%265151

35 B
218 B

113ms
113ms

Image
image/gif

159.89.246.130
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=YuD0CYfqjmdhh0oqvKCpZgAA%265151
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Server: 159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 08:15:05 GMT
content-encoding: gzip
access-control-max-age: 10080
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: https://sync.serverbid.com
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept
content-length: 58

Redirect headers

pragma: no-cache
date: Wed, 27 Jul 2022 08:15:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FEIQTHFxuIo7jL6O3Vnn2aHF%2F6dOd2VPcEAiRxjZlXUjVutM4YM8Z%2F6eFDYc2WSK3yb2CzcAmHRH0FAhN%2BFzn2p3cLqKe%2FFDasc8P%2FOWByfUdePAjJlB%2FNw0GOctQFoC%2FswnPNoaT7jPkw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=YuD0CYfqjmdhh0oqvKCpZgAA%265151
cache-control: no-cache
cf-ray: 7313ecda9f66913a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 prebid
rtb.openx.net/sync/ Frame 1CCA 43 B
133 B 184ms
54ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5531%26spui%3D%26dpui%3D%24%7BUID%7D
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 08:15:04 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: pg0kqdteh3a5t37g2a110q2j8mbt46uf

GET
H2

200

usersync
x.serverbid.com/ Frame 1CCA
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fx.serverbid.com%252Fusersync%253Fttt%253D1%2526src%253D2%2526cspi%253D0%2526cn%253D5551%2526spui%253D%2526dpui%253D%2524UID
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=1171986940427637677

35 B
218 B

117ms
112ms

Image
image/gif

159.89.246.130
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=1171986940427637677
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Server: 159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 08:15:05 GMT
content-encoding: gzip
access-control-max-age: 10080
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: https://sync.serverbid.com
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept
content-length: 58

Redirect headers

Pragma: no-cache
Date: Wed, 27 Jul 2022 08:15:05 GMT
X-Proxy-Origin: 80.255.7.105; 80.255.7.105; 939.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: f5b7de0d-767c-4092-8ab5-5b6f74b3df83
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=1171986940427637677
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usa
sync.go.sonobi.com/ Frame 1CCA 0
478 B 209ms
39ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5444%26spui%3D%26dpui%3D

Requested by

Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Jul 2022 08:15:05 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/ Frame 1CCA
Redirect Chain

https://pixel.advertising.com/ups/56621/occ
https://ups.analytics.yahoo.com/ups/56621/occ
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=

35 B
99 B

114ms
114ms

Image
image/gif

159.89.246.130
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Server: 159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 08:15:05 GMT
content-encoding: gzip
access-control-max-age: 10080
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: https://sync.serverbid.com
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept
content-length: 58

Redirect headers

location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=
date: Wed, 27 Jul 2022 08:15:05 GMT
server: ATS/9.1.0.46
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 5114 15 KB
6 KB 40ms
38ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://sync.serverbid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=75671
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Wed, 27 Jul 2022 08:15:05 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Thu, 28 Jul 2022 05:16:16 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame 1CCA 63 B
392 B 192ms
64ms Fetch
application/json 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 491c32434c693b46f77af4f3b6b3ae7e10fbeb1ba74f703ed2982ae9207cb14d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 08:15:05 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://sync.serverbid.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Fri, 26 Aug 2022 08:15:05 GMT

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame CCA6 0
277 B 173ms
56ms Image
text/plain 216.52.2.39
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D4%26spui%3D%26dpui%3D%24UID
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 27 Jul 2022 08:15:05 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H2 204 um
cs.emxdgt.com/ Frame CCA6 0
22 B 247ms
65ms Image
text/html 18.184.174.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.emxdgt.com/um?ssp=pbs&redirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D9%26spui%3D%26dpui%3D%24UID
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.184.174.1 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-174-1.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 08:15:05 GMT
content-length: 0
content-type: text/html

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/ Frame CCA6
Redirect Chain

https://p.rfihub.com/cm?pub=42786&in=1
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=5131077722073015856

35 B
99 B

130ms
128ms

Image
image/gif

159.89.246.130
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=5131077722073015856
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Server: 159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 08:15:05 GMT
content-encoding: gzip
access-control-max-age: 10080
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: https://sync.serverbid.com
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept
content-length: 58

Redirect headers

Location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=5131077722073015856
Date: Wed, 27 Jul 2022 08:15:05 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

usersync
x.serverbid.com/ Frame CCA6
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D&s=185073&C=1
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=YuD0CYfqjmdhh0oqvKCpZgAA%265151

35 B
218 B

115ms
114ms

Image
image/gif

159.89.246.130
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=YuD0CYfqjmdhh0oqvKCpZgAA%265151
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Server: 159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 08:15:05 GMT
content-encoding: gzip
access-control-max-age: 10080
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: https://sync.serverbid.com
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept
content-length: 58

Redirect headers

pragma: no-cache
date: Wed, 27 Jul 2022 08:15:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IQ3OlaCvUggfUX7GrD9YroD7%2FuqK4YT%2Bg9x%2Bp6a%2BTXZCsZgbVOdnhDUjpSXuGCWPTLVEeycevkizJ9K2WnZfbMgsCz5JydpPVyzZgmYADtU5DxPczJo1KklmqfumtAjFxVpF4DR9O9dG%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=YuD0CYfqjmdhh0oqvKCpZgAA%265151
cache-control: no-cache
cf-ray: 7313ecdaaf79913a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 prebid
rtb.openx.net/sync/ Frame CCA6 43 B
135 B 179ms
54ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5531%26spui%3D%26dpui%3D%24%7BUID%7D
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 08:15:05 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: cl0sl9d4b2dnfv3783of754d7k6lsg05

GET
H2

200

usersync
x.serverbid.com/ Frame CCA6
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fx.serverbid.com%252Fusersync%253Fttt%253D1%2526src%253D2%2526cspi%253D0%2526cn%253D5551%2526spui%253D%2526dpui%253D%2524UID
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=8245237639611412181

35 B
218 B

113ms
112ms

Image
image/gif

159.89.246.130
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=8245237639611412181
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Server: 159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 08:15:05 GMT
content-encoding: gzip
access-control-max-age: 10080
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: https://sync.serverbid.com
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept
content-length: 58

Redirect headers

Pragma: no-cache
Date: Wed, 27 Jul 2022 08:15:05 GMT
X-Proxy-Origin: 80.255.7.105; 80.255.7.105; 939.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 18fb0664-5216-4fb6-b184-2a68886425a4
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=8245237639611412181
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usa
sync.go.sonobi.com/ Frame CCA6 0
474 B 204ms
38ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5444%26spui%3D%26dpui%3D

Requested by

Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Jul 2022 08:15:05 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/ Frame CCA6
Redirect Chain

https://pixel.advertising.com/ups/56621/occ
https://ups.analytics.yahoo.com/ups/56621/occ
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=

35 B
99 B

114ms
114ms

Image
image/gif

159.89.246.130
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Server: 159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 08:15:05 GMT
content-encoding: gzip
access-control-max-age: 10080
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: https://sync.serverbid.com
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept
content-length: 58

Redirect headers

location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=
date: Wed, 27 Jul 2022 08:15:05 GMT
server: ATS/9.1.0.46
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 38BC 15 KB
6 KB 40ms
36ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://sync.serverbid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=75671
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Wed, 27 Jul 2022 08:15:05 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Thu, 28 Jul 2022 05:16:16 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame CCA6 63 B
391 B 190ms
66ms Fetch
application/json 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Requested by: Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 491c32434c693b46f77af4f3b6b3ae7e10fbeb1ba74f703ed2982ae9207cb14d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.serverbid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 08:15:05 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://sync.serverbid.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Fri, 26 Aug 2022 08:15:05 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 5076 0
42 B 188ms
43ms Script
text/plain 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=73898236&p=156725&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156725
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 08:15:03 GMT
content-length: 0

GET
H2

200

usermatch Show response
r.casalemedia.com/ Frame 0AC4
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1

2 KB
2 KB

196ms
86ms

Document
text/html

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cad10c5c765ed47136a6cefff0769e76fe39fe21768680cb511c381ec9a377c7

Request headers

Referer: https://cdn.undertone.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7313ecdb190a9025-FRA
content-encoding: br
content-type: text/html
date: Wed, 27 Jul 2022 08:15:05 GMT
dropped-udsids: 39|45|241|230|191|196|41|156
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t4W57m60rev9KD8Oq7iyeFPpQ4K3qmb9oozbo7SDYExzUGgfZe88mV%2FHgM6a46v147WD%2FKWnDHQNsgLczm%2BGPmO4Gi%2FLFZONi0Su7L2VBN%2Fz2Yf7MeUDlgbI2ZAFrYrrPUCP"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Is-Traffic-Usersync, Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7313ecd9de61913a-FRA
content-type: text/html; charset=iso-8859-1
date: Wed, 27 Jul 2022 08:15:05 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
location: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ApLsZMoSfKBhstXdZGi1GZa%2BbPhLiJ%2F4Wl28GkRTGOqaWk3vb6j29EIpfIltt4EBGiEYkM5wDUYCOlnLLVW2sTnK1IiG95BH3IISUOxO4xdhfg7CBb4kbDmm1W%2Fe1ehRM4JPFc9qT%2B4jOA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 5AA3
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
https://eus.rubiconproject.com/usync.html?p=12776

281 B
554 B

51ms
37ms

Document
text/html

23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=12776
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://cdn.undertone.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 27 Jul 2022 08:15:05 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Wed, 27 Jul 2022 08:15:05 GMT
location: https://eus.rubiconproject.com/usync.html?p=12776
server: AkamaiGHost

GET
H/1.1 200
OK getuidnb
ib.adnxs.com/ Frame 4737 43 B
687 B 177ms
68ms Image
image/gif 185.89.210.181
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID

Requested by

Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.181 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

939.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Jul 2022 08:15:05 GMT
X-Proxy-Origin: 80.255.7.105; 80.255.7.105; 939.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 838c181e-7515-4419-ba02-cd865c24384b
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 4737 43 B
120 B 82ms
73ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 08:15:05 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

sync
usr.undertone.com/userPixel/ Frame 4737
Redirect Chain

https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-A2w9eXlE2uFGB4ifdJn1BLQAGv_FhfcW~A

0
154 B

567ms
133ms

Image
text/plain

54.225.165.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-A2w9eXlE2uFGB4ifdJn1BLQAGv_FhfcW~A
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: HTTP/1.1
Server: 54.225.165.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-225-165-83.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 08:15:05 GMT
x-envoy-upstream-service-time: 0
server: istio-envoy
Connection: keep-alive
Content-Length: 0

Redirect headers

location: https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-A2w9eXlE2uFGB4ifdJn1BLQAGv_FhfcW~A
date: Wed, 27 Jul 2022 08:15:05 GMT
server: ATS/9.1.0.46
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 4737 70 B
264 B 79ms
72ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 08:15:05 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 4737 0
239 B 206ms
41ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=12776
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Content-Type: image/gif

GET
H/1.1

200
OK

sync
usr.undertone.com/userPixel/ Frame 4737
Redirect Chain

https://cs.admanmedia.com/sync/undertone?url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpartner%3Dacuityads%26uid%3D%24UID
https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=ff5f72e112da1d3d23adb72ad352bdb88a003da9

0
154 B

635ms
150ms

Image
text/plain

54.225.165.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=ff5f72e112da1d3d23adb72ad352bdb88a003da9
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: HTTP/1.1
Server: 54.225.165.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-225-165-83.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 08:15:05 GMT
x-envoy-upstream-service-time: 0
server: istio-envoy
Connection: keep-alive
Content-Length: 0

Redirect headers

Location: https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=ff5f72e112da1d3d23adb72ad352bdb88a003da9
Date: Wed, 27 Jul 2022 08:15:05 GMT
Transfer-Encoding: chunked
Server: nginx
Connection: keep-alive
X-Frame-Options: DENY
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload

GET
H2 200 ImgSync
image8.pubmatic.com/AdServer/ Frame 4737 0
39 B 177ms
42ms Image
text/plain 198.47.127.18
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 08:15:05 GMT
content-length: 0

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 4737 0
191 B 185ms
50ms Image
text/plain 66.155.71.25
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D55%26uid%3D%24UID/%257BuserId%257D
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 08:15:05 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1

200
OK

sync
usr.undertone.com/userPixel/ Frame 4737
Redirect Chain

https://ups.analytics.yahoo.com/ups/58545/occ
https://ups.analytics.yahoo.com/ups/58545/occ?verify=true
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-W4dB78FE2uE5GbVVM57HcFVcqzJba1H5AfYianc-~A

0
316 B

591ms
132ms

Image
text/plain

54.225.165.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-W4dB78FE2uE5GbVVM57HcFVcqzJba1H5AfYianc-~A
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: HTTP/1.1
Server: 54.225.165.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-225-165-83.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 08:15:05 GMT
x-envoy-upstream-service-time: 0
server: istio-envoy
Connection: keep-alive
Content-Length: 0

Redirect headers

location: https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-W4dB78FE2uE5GbVVM57HcFVcqzJba1H5AfYianc-~A
date: Wed, 27 Jul 2022 08:15:05 GMT
server: ATS/9.1.0.46
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK getuidnb
ib.adnxs.com/ Frame E872 43 B
687 B 157ms
52ms Image
image/gif 185.89.210.181
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID

Requested by

Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.181 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

939.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Jul 2022 08:15:05 GMT
X-Proxy-Origin: 80.255.7.105; 80.255.7.105; 939.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: b7741aff-aeda-4258-863f-419460840e8a
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame E872 43 B
131 B 52ms
47ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 08:15:05 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

sync
usr.undertone.com/userPixel/ Frame E872
Redirect Chain

https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-A2w9eXlE2uFGB4ifdJn1BLQAGv_FhfcW~A

0
154 B

564ms
131ms

Image
text/plain

54.225.165.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-A2w9eXlE2uFGB4ifdJn1BLQAGv_FhfcW~A
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: HTTP/1.1
Server: 54.225.165.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-225-165-83.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 08:15:05 GMT
x-envoy-upstream-service-time: 0
server: istio-envoy
Connection: keep-alive
Content-Length: 0

Redirect headers

location: https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-A2w9eXlE2uFGB4ifdJn1BLQAGv_FhfcW~A
date: Wed, 27 Jul 2022 08:15:05 GMT
server: ATS/9.1.0.46
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame E872 70 B
264 B 76ms
73ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 08:15:05 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame E872 0
239 B 201ms
41ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=12776
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Content-Type: image/gif

GET
H/1.1

200
OK

sync
usr.undertone.com/userPixel/ Frame E872
Redirect Chain

https://cs.admanmedia.com/sync/undertone?url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpartner%3Dacuityads%26uid%3D%24UID
https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=ff5f72e112da1d3d23adb72ad352bdb88a003da9

0
154 B

631ms
151ms

Image
text/plain

54.225.165.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=ff5f72e112da1d3d23adb72ad352bdb88a003da9
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: HTTP/1.1
Server: 54.225.165.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-225-165-83.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 08:15:05 GMT
x-envoy-upstream-service-time: 0
server: istio-envoy
Connection: keep-alive
Content-Length: 0

Redirect headers

Location: https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=ff5f72e112da1d3d23adb72ad352bdb88a003da9
Date: Wed, 27 Jul 2022 08:15:05 GMT
Transfer-Encoding: chunked
Server: nginx
Connection: keep-alive
X-Frame-Options: DENY
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload

GET
H2 200 ImgSync
image8.pubmatic.com/AdServer/ Frame E872 0
39 B 173ms
42ms Image
text/plain 198.47.127.18
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 08:15:04 GMT
content-length: 0

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame E872 0
191 B 178ms
46ms Image
text/plain 66.155.71.25
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D55%26uid%3D%24UID/%257BuserId%257D
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 08:15:04 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1

200
OK

sync
usr.undertone.com/userPixel/ Frame E872
Redirect Chain

https://ups.analytics.yahoo.com/ups/58545/occ
https://ups.analytics.yahoo.com/ups/58545/occ?verify=true
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-W4dB78FE2uE5GbVVM57HcFVcqzJba1H5AfYianc-~A

0
316 B

591ms
133ms

Image
text/plain

54.225.165.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-W4dB78FE2uE5GbVVM57HcFVcqzJba1H5AfYianc-~A
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: HTTP/1.1
Server: 54.225.165.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-225-165-83.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 08:15:05 GMT
x-envoy-upstream-service-time: 0
server: istio-envoy
Connection: keep-alive
Content-Length: 0

Redirect headers

location: https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-W4dB78FE2uE5GbVVM57HcFVcqzJba1H5AfYianc-~A
date: Wed, 27 Jul 2022 08:15:05 GMT
server: ATS/9.1.0.46
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

usermatch Show response
r.casalemedia.com/ Frame 5250
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1

2 KB
1 KB

211ms
101ms

Document
text/html

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0b354f2784a6a54b00320cc9a92b5312e1dc7071d1a0df00f10bc4f4a68367f

Request headers

Referer: https://cdn.undertone.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7313ecdb190c9025-FRA
content-encoding: br
content-type: text/html
date: Wed, 27 Jul 2022 08:15:05 GMT
dropped-udsids: 45|39|241|230|188|18|4|81
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8WR4bKNZNLW9aKR88cr35uHnVTLJUVy4cwdvSe%2Fw8mHjCPL%2Bub8KLEduskB2LUCAZgi2CO3%2FSHTv2s1gR%2F14lC40mwlS1WGypmG%2Fu2qYYtpE88HqaxOk9Q4ka2ynhCStntpI"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Is-Traffic-Usersync, Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7313ecd9de5f913a-FRA
content-type: text/html; charset=iso-8859-1
date: Wed, 27 Jul 2022 08:15:05 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
location: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BTvDc%2BovmrSJGVvpktal6FBt0vg8pZHFyGBR3eRI10pyue0pF17ek28IPfPdZJX8GmVYZCojVQObNlaZDCsACY6EVao0vHZZ2hc7OZGMr7M24efKmiT1YsKgmO0YoFEbCTQwVGx5PCB8ZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame ABCD
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
https://eus.rubiconproject.com/usync.html?p=12776

281 B
554 B

93ms
38ms

Document
text/html

23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=12776
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://cdn.undertone.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 27 Jul 2022 08:15:05 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Wed, 27 Jul 2022 08:15:05 GMT
location: https://eus.rubiconproject.com/usync.html?p=12776
server: AkamaiGHost

GET
H/1.1 200
OK getuidnb
ib.adnxs.com/ Frame DD41 43 B
687 B 168ms
46ms Image
image/gif 185.89.210.181
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID

Requested by

Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.181 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

939.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Jul 2022 08:15:05 GMT
X-Proxy-Origin: 80.255.7.105; 80.255.7.105; 939.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: a87b450f-4a9d-4907-8bc0-d9a8fae66dce
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame DD41 43 B
120 B 53ms
51ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 08:15:05 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

sync
usr.undertone.com/userPixel/ Frame DD41
Redirect Chain

https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-A2w9eXlE2uFGB4ifdJn1BLQAGv_FhfcW~A

0
154 B

565ms
131ms

Image
text/plain

54.225.165.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-A2w9eXlE2uFGB4ifdJn1BLQAGv_FhfcW~A
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: HTTP/1.1
Server: 54.225.165.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-225-165-83.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 08:15:05 GMT
x-envoy-upstream-service-time: 0
server: istio-envoy
Connection: keep-alive
Content-Length: 0

Redirect headers

location: https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-A2w9eXlE2uFGB4ifdJn1BLQAGv_FhfcW~A
date: Wed, 27 Jul 2022 08:15:05 GMT
server: ATS/9.1.0.46
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame DD41 70 B
264 B 69ms
68ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 08:15:05 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame DD41 0
239 B 195ms
42ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=12776
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Content-Type: image/gif

GET
H/1.1

200
OK

sync
usr.undertone.com/userPixel/ Frame DD41
Redirect Chain

https://cs.admanmedia.com/sync/undertone?url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpartner%3Dacuityads%26uid%3D%24UID
https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=ff5f72e112da1d3d23adb72ad352bdb88a003da9

0
154 B

631ms
147ms

Image
text/plain

54.225.165.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=ff5f72e112da1d3d23adb72ad352bdb88a003da9
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: HTTP/1.1
Server: 54.225.165.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-225-165-83.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 08:15:05 GMT
x-envoy-upstream-service-time: 0
server: istio-envoy
Connection: keep-alive
Content-Length: 0

Redirect headers

Location: https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=ff5f72e112da1d3d23adb72ad352bdb88a003da9
Date: Wed, 27 Jul 2022 08:15:05 GMT
Transfer-Encoding: chunked
Server: nginx
Connection: keep-alive
X-Frame-Options: DENY
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload

GET
H2 200 ImgSync
image8.pubmatic.com/AdServer/ Frame DD41 0
42 B 166ms
41ms Image
text/plain 198.47.127.18
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 08:15:03 GMT
content-length: 0

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame DD41 0
191 B 171ms
47ms Image
text/plain 66.155.71.25
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D55%26uid%3D%24UID/%257BuserId%257D
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 08:15:04 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1

200
OK

sync
usr.undertone.com/userPixel/ Frame DD41
Redirect Chain

https://ups.analytics.yahoo.com/ups/58545/occ
https://ups.analytics.yahoo.com/ups/58545/occ?verify=true
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-W4dB78FE2uE5GbVVM57HcFVcqzJba1H5AfYianc-~A

0
316 B

591ms
133ms

Image
text/plain

54.225.165.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-W4dB78FE2uE5GbVVM57HcFVcqzJba1H5AfYianc-~A
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: HTTP/1.1
Server: 54.225.165.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-225-165-83.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 08:15:05 GMT
x-envoy-upstream-service-time: 0
server: istio-envoy
Connection: keep-alive
Content-Length: 0

Redirect headers

location: https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-W4dB78FE2uE5GbVVM57HcFVcqzJba1H5AfYianc-~A
date: Wed, 27 Jul 2022 08:15:05 GMT
server: ATS/9.1.0.46
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

usermatch Show response
r.casalemedia.com/ Frame 684C
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1

2 KB
1 KB

198ms
88ms

Document
text/html

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3920b5c92a1b33db03a6884e6cdb82fd05efe44f91492cd029f204ddd070633

Request headers

Referer: https://cdn.undertone.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7313ecdb09099025-FRA
content-encoding: br
content-type: text/html
date: Wed, 27 Jul 2022 08:15:05 GMT
dropped-udsids: 230|39|45|241|41|218|88|206
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oA6VZCOvJgLfyK7bq6u3UpGrOJSdNMUjJkUMrVRmiUwZE0EKxZA%2FUXrK3i5QZhFkRQdVlCM1Yxbx4HaFD2QGeOKDNLvMHLcJD4oSKPW1T5MnRtAjSfTt3kL1%2Fm0KwwkJE6u1"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Is-Traffic-Usersync, Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7313ecd9de65913a-FRA
content-type: text/html; charset=iso-8859-1
date: Wed, 27 Jul 2022 08:15:05 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
location: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IkmNN5dDxdKIdWvm1xJ05aw2Lc0Mbr7w4uf%2FLSpJFTk4VHwvk47nTfQZJUIbwdOhr3BPqcW3GmlAC4pmjjph4zRLF3v%2F7KIzCzRptrs%2FGlV1cpMlRZAiLcajPQteV%2B%2BozHGHNoRO78X8qQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame FC84
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
https://eus.rubiconproject.com/usync.html?p=12776

281 B
554 B

124ms
37ms

Document
text/html

23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=12776
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://cdn.undertone.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 27 Jul 2022 08:15:05 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Wed, 27 Jul 2022 08:15:05 GMT
location: https://eus.rubiconproject.com/usync.html?p=12776
server: AkamaiGHost

GET
H3 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame 89FE 54 B
592 B 110ms
86ms Document
text/html 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPcxQAAPcxQAAAXADAENCZCgAAAAAH_AAAAAAAAR2AJMNW4gC7MscGbQMIoUQIwrCQqgUAEFAMLRBYAODgp2VgEusIWACAVIRgRAgxBRgwCAAQSAJCIAJAiwQCIAiAQAAgARAIQAMTAILACwMAgABANCxACgAECQgyICI5TAgKgSCglsrEEoK9DTCAOs8AKBRGxUACJJARSAgJCwcAwRICXiyQNMUb5ACMEKAUSoAAAA.YAAAAAAAAAAA&d=https%3A%2F%2Fwww.xxlmag.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7313ecda7f2c913a-FRA
content-encoding: br
content-type: text/html
date: Wed, 27 Jul 2022 08:15:05 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T849ReeolrfLawGJk35zu08X%2FJHLa2Tpz%2Bsg%2FKyJkyuV2M5pEZ1IuHrcwmfidx%2FThZqM4GZgBU4%2BYrkprKVHZKfcd5N1p%2BBfRlQ%2B7YHS6NxckpC%2FF4xaLmABkycqWvD8MBGQPgCRbCZcrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Is-Traffic-Usersync, Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 5AA3 31 KB
10 KB 57ms
37ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c3d3e53145b2e47ef3c4a2a08c8a644b8acf51380859a40d48a39447646e9a02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=12776
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 27 Jul 2022 08:15:05 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Jul 2022 20:44:25 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=85706
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9450
Expires: Thu, 28 Jul 2022 08:03:31 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame ABCD 31 KB
10 KB 41ms
41ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c3d3e53145b2e47ef3c4a2a08c8a644b8acf51380859a40d48a39447646e9a02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=12776
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 27 Jul 2022 08:15:05 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Jul 2022 20:44:25 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=85706
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9450
Expires: Thu, 28 Jul 2022 08:03:31 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 0AC4 70 B
264 B 61ms
60ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 08:15:05 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 0AC4
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YuD0CYfqjmdhh0oqvKCpZgAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKFo6sMBgVD9_oJjVrcpNbo&google_cver=1&gdpr=1

43 B
912 B

68ms
66ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKFo6sMBgVD9_oJjVrcpNbo&google_cver=1&gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray: 7313ecddc8669a00-FRA
pragma: no-cache
date: Wed, 27 Jul 2022 08:15:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IXX7ggo0rz8Rg6NJF9nFID75YaNIoDxl5f%2BP2fBjKUhKqI%2FBZLHaN3aSCBtjQMH5dvta6EXLPV66f73lAWf20YSeNqZS3zkhazdnW%2BE6Qn52cSb8DkPUCQKPWBKme%2B3GvRu0%2BH9iNXA1FA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 27 Jul 2022 08:15:05 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKFo6sMBgVD9_oJjVrcpNbo&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 0AC4
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YuD0CYfqjmdhh0oqvKCpZgAAFB8AAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YuD0CYfqjmdhh0oqvKCpZgAAFB8AAAIB&dcc=t

43 B
645 B

147ms
146ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YuD0CYfqjmdhh0oqvKCpZgAAFB8AAAIB&dcc=t

Requested by

Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Jul 2022 08:15:06 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: A21ZVX3VCNKJ6YMVM89P
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 27 Jul 2022 08:15:06 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: SW14YAKWSE0W2S8WCE7F
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YuD0CYfqjmdhh0oqvKCpZgAAFB8AAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 0AC4 170 B
232 B 135ms
48ms Image
image/png 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YuD0CYfqjmdhh0oqvKCpZgAAFB8AAAIB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 08:15:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

crum
dsum.casalemedia.com/ Frame 0AC4
Redirect Chain

https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=dad221fa-e63d-540f-1c0efae4

43 B
947 B

181ms
69ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=dad221fa-e63d-540f-1c0efae4
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: H2
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray: 7313ecde3cff9944-FRA
pragma: no-cache
date: Wed, 27 Jul 2022 08:15:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=igbOyNbYcfIcv5gbMPIgAZKFXLwf0KpoRJcfFoz55ccrOVML2XOTZXEP7xjI4W5sMkm4PNGUrkDITpGhHhbple%2BOcOS6VCsUo523d%2F4cUlQes%2FFGi3orXf0NH%2FlyKErc9NL4lq%2BH"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

date: Wed, 27 Jul 2022 08:15:05 GMT
via: 1.1 google
server: nginx/1.22.0
access-control-allow-origin: *
p3p: CP='This is not a P3P policy!'
location: https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=dad221fa-e63d-540f-1c0efae4
cache-control: max-age=3600
content-type: text/html; charset=utf-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 0AC4
Redirect Chain

https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=

43 B
908 B

101ms
89ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray: 7313ecdd2f599a00-FRA
pragma: no-cache
date: Wed, 27 Jul 2022 08:15:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BgGpfEOdZf16DqEQ6J41uoSD7ZZqutQvI6eJPsOC%2B79ETuEQI6peDLsBqbGiHunzjMoE82HKle5x4kT2gwu3TJYveYAnaas%2F3o1XqaygCGks249ZcnJsQl5TeGEIh57vViDYX88xBtPKlA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

date: Wed, 27 Jul 2022 08:15:05 GMT
server: nginx
access-control-allow-origin: *
transfer-encoding: chunked
access-control-allow-methods: POST, GET, OPTIONS
p3p: CP="NOI DEV OUR BUS UNI"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
cache-control: no-cache
content-type: text/html; charset=UTF-8
access-control-allow-headers: Origin
keep-alive: timeout=10

GET
H/1.1 200
OK bridge
cm.adgrx.com/ Frame 0AC4 43 B
408 B 168ms
42ms Image
image/gif 63.251.232.165
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.251.232.165 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Jul 2022 08:15:05 GMT
server: Cowboy
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
X-RealServer-NX: ams-delivery-9
Content-Length: 43
Expires: Thu, 23 Sep 2004 17:42:04 GMT

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ Frame 0AC4 35 B
380 B 493ms
124ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

X-ServerName: Track002-iad
Pragma: no-cache
Date: Wed, 27 Jul 2022 08:14:52 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H/1.1 200
OK sync
usr.undertone.com/userPixel/ Frame 0AC4 0
304 B 637ms
138ms Image
text/plain 54.225.165.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partnerId=57&uid=YuD0CYfqjmdhh0oqvKCpZgAAFB8AAAIB
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.225.165.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-225-165-83.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 08:15:05 GMT
x-envoy-upstream-service-time: 0
server: istio-envoy
Connection: keep-alive
Content-Length: 0

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 684C 170 B
232 B 153ms
49ms Image
image/png 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YuD0CYfqjmdhh0oqvKCpZgAAFB8AAAIB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 08:15:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 684C 70 B
264 B 61ms
60ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 08:15:05 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 684C
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YuD0CYfqjmdhh0oqvKCpZgAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJRnzVDeyrrmnxJLWv6mX14&google_cver=1&gdpr=1

43 B
909 B

90ms
82ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJRnzVDeyrrmnxJLWv6mX14&google_cver=1&gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray: 7313ecddc8619a00-FRA
pragma: no-cache
date: Wed, 27 Jul 2022 08:15:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FmsHLZFOlydT6qKCQpBMRslC6Ej9ON1TOaRjQxziT7ilSoNVSFaoGmoA3Y8uNC6RDwwrX6kGSlLFfp7RDGT0HCdSJt2RPKzJbCMlUhyKhiFH%2BMzbWjxbieBL6jgJn0MOE24MQIATMkzChQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 27 Jul 2022 08:15:05 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJRnzVDeyrrmnxJLWv6mX14&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 684C
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YuD0CYfqjmdhh0oqvKCpZgAAFB8AAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YuD0CYfqjmdhh0oqvKCpZgAAFB8AAAIB&dcc=t

43 B
645 B

149ms
143ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YuD0CYfqjmdhh0oqvKCpZgAAFB8AAAIB&dcc=t

Requested by

Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Jul 2022 08:15:06 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: V37SKPEV3J2J9DX3ZPDT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 27 Jul 2022 08:15:06 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 938ARA9KAFAHKTSKVSN8
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YuD0CYfqjmdhh0oqvKCpZgAAFB8AAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK bridge
cm.adgrx.com/ Frame 684C 43 B
408 B 167ms
42ms Image
image/gif 63.251.232.165
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.251.232.165 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Jul 2022 08:15:05 GMT
server: Cowboy
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
X-RealServer-NX: ams-delivery-9
Content-Length: 43
Expires: Thu, 23 Sep 2004 17:42:04 GMT

GET
H/1.1 200
OK ibs:dpid=23728&dpuuid=YuD0CYfqjmdhh0oqvKCpZgAA%265151
dpm.demdex.net/ Frame 684C 0
0 240ms
60ms Image
application/json 52.213.169.152
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YuD0CYfqjmdhh0oqvKCpZgAA%265151?gdpr_consent=&us_privacy=&gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.169.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-169-152.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 684C
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YuD0CQAB8v09UwA0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YuD0CQAB8v09UwA0&gdpr=1&_test=YuD0CQAB8v09UwA0

43 B
906 B

79ms
62ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YuD0CQAB8v09UwA0&gdpr=1&_test=YuD0CQAB8v09UwA0
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray: 7313ecddb85d9a00-FRA
pragma: no-cache
date: Wed, 27 Jul 2022 08:15:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iJfVYoatvrG0KF1ZVr5NRGcNB2r21pJ%2BJUbkGvHb0NncbuETCoEExjT6KPjWh%2FHOCKE6uynVcUq3C1LOqLNe6XAnCLRvAfkD1mzFPh1F6aCpOl12bAaA3e8Pg2qQ8L9JbDa92L68Mpt1ow%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 27 Jul 2022 08:15:05 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1658909706.810938,VS0,VE0
x-served-by: cache-hhn4055-HHN
x-cache: HIT
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YuD0CQAB8v09UwA0&gdpr=1&_test=YuD0CQAB8v09UwA0
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 204 sync
ups.analytics.yahoo.com/ups/55940/ Frame 684C 0
15 B 44ms
41ms Image
text/plain 18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YuD0CYfqjmdhh0oqvKCpZgAAFB8AAAIB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.46 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 08:15:05 GMT
server: ATS/9.1.0.46
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK sync
usr.undertone.com/userPixel/ Frame 684C 0
304 B 647ms
149ms Image
text/plain 54.225.165.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partnerId=57&uid=YuD0CYfqjmdhh0oqvKCpZgAAFB8AAAIB
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.225.165.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-225-165-83.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 08:15:06 GMT
x-envoy-upstream-service-time: 0
server: istio-envoy
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame FC84 31 KB
10 KB 48ms
47ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c3d3e53145b2e47ef3c4a2a08c8a644b8acf51380859a40d48a39447646e9a02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=12776
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 27 Jul 2022 08:15:05 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Jul 2022 20:44:25 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=85706
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9450
Expires: Thu, 28 Jul 2022 08:03:31 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 5250
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YuD0CYfqjmdhh0oqvKCpZgAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECAlXUHSleAqmrRX7w9fZns&google_cver=1&gdpr=1

43 B
915 B

69ms
62ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECAlXUHSleAqmrRX7w9fZns&google_cver=1&gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray: 7313ecddc8659a00-FRA
pragma: no-cache
date: Wed, 27 Jul 2022 08:15:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UkGgIxKUdU90LBFWVoDQJIO0%2BNBPXGegtvKYHUpxRljw%2BlKBFe3CRoo7S5P1k6%2FI5V0M3nhcysBKy7sfs7UR%2FH6Bz8UBCCEa0Rc2jW%2FmUC2QhInItT5v%2B9dNeI2dsFi%2BxNClRal19XMRUw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 27 Jul 2022 08:15:05 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECAlXUHSleAqmrRX7w9fZns&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 5250 70 B
264 B 60ms
57ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 08:15:05 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 5250
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YuD0CYfqjmdhh0oqvKCpZgAAFB8AAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YuD0CYfqjmdhh0oqvKCpZgAAFB8AAAIB&dcc=t

43 B
645 B

200ms
131ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YuD0CYfqjmdhh0oqvKCpZgAAFB8AAAIB&dcc=t

Requested by

Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Jul 2022 08:15:06 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 91M6BCRNQ815FWX1KGDM
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 27 Jul 2022 08:15:06 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: CV2ZAF0YPPZRZ7B0WEN9
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YuD0CYfqjmdhh0oqvKCpZgAAFB8AAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 5250 170 B
502 B 122ms
46ms Image
image/png 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YuD0CYfqjmdhh0oqvKCpZgAAFB8AAAIB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 08:15:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 CookieIndex
rtb.adentifi.com/ Frame 5250 0
35 B 405ms
122ms Image
text/plain 23.21.82.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieIndex
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.21.82.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-82-230.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 08:15:05 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 5250
Redirect Chain

https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=1&gdpr_consent=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1674807305&external_user_id=05f9afd7-22d0-4996-9349-8c2eec390d40

43 B
919 B

95ms
80ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1674807305&external_user_id=05f9afd7-22d0-4996-9349-8c2eec390d40
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray: 7313ecdf1a549a00-FRA
pragma: no-cache
date: Wed, 27 Jul 2022 08:15:06 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T%2FJPdbXudE11oZ%2F6clVK85y8ZI3RKW%2FE%2BzO5dajLK78eyZc06KHVXq6w60BVwf73zoalNySKV8CuV%2FY8D%2FiAP9GLeqkm%2FDoQJWNUTuxTOJXd5lr9E1ze%2Fi21q%2BQt%2FCeYdFsM1rndDMmVUA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1674807305&external_user_id=05f9afd7-22d0-4996-9349-8c2eec390d40
date: Wed, 27 Jul 2022 08:15:05 GMT
access-control-allow-origin: *.casalemedia.com
content-length: 157
access-control-allow-methods: GET,OPTIONS
content-type: text/html; charset=utf-8

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 5250
Redirect Chain

https://ad.turn.com/r/cs?pid=21&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4587930079359360360

43 B
908 B

78ms
78ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4587930079359360360
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray: 7313ecdd5fc39a00-FRA
pragma: no-cache
date: Wed, 27 Jul 2022 08:15:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VwyERPMD2Bgi7bmtRS%2Fy99fU%2FUSM2Ldcm6M5nfZMdcxMnKwIyBRBfnYzAhraZlCq%2BYgqGnxP0ioshMGX0BSB1KPvTseEBzXjs3rTIqObGsljWZ3gdOP23stu8L9LTe34o6ZiccNGacIONQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4587930079359360360
pragma: no-cache
date: Wed, 27 Jul 2022 08:15:05 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 5250
Redirect Chain

https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=jMoNfdzMWHSXmQp43JpFLIybC32XylAojc9ImmeS

43 B
945 B

131ms
88ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=jMoNfdzMWHSXmQp43JpFLIybC32XylAojc9ImmeS
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray: 7313ecdd2f5a9a00-FRA
pragma: no-cache
date: Wed, 27 Jul 2022 08:15:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GQxD1sNvzOe81gpW4nBvQPSYV%2BT3CLkI6EG2bdlZquTmo%2B7Y1gs35fNoVSVbpUVyKU6c%2FUfBoFZqpDRCsAbFICAdtw4xbWmfpThWV7n%2FenEe0gEp901zhv8LNF7UXYGinsch9d5rv7z0Lw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 27 Jul 2022 08:15:05 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=jMoNfdzMWHSXmQp43JpFLIybC32XylAojc9ImmeS
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK sync
usr.undertone.com/userPixel/ Frame 5250 0
304 B 638ms
148ms Image
text/plain 54.225.165.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partnerId=57&uid=YuD0CYfqjmdhh0oqvKCpZgAAFB8AAAIB
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.225.165.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-225-165-83.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 08:15:05 GMT
x-envoy-upstream-service-time: 0
server: istio-envoy
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 7463
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L63C05V4-26-K9XE

0
710 B

322ms
217ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L63C05V4-26-K9XE
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 08:15:06 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: D14E56BEDF7F4C2FA3610A75DCF4A2D6 Ref B: FRAEDGE1420 Ref C: 2022-07-27T08:15:06Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXkxQPC/Q0eaUPKMWCjwg==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L63C05V4-26-K9XE
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

204

v1
ads.yahoo.com/cms/ Frame 7463
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L63C05V4-26-K9XE&sigv=1&esig=2~ce624573bf885108184b05a00f60dc7331946b62

0
194 B

152ms
47ms

Image
text/plain

2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L63C05V4-26-K9XE&sigv=1&esig=2~ce624573bf885108184b05a00f60dc7331946b62

Protocol

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 08:15:06 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L63C05V4-26-K9XE&sigv=1&esig=2~ce624573bf885108184b05a00f60dc7331946b62
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 7463
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEK7xbk74pbgryG-ZYiHTwks&google_cver=1

0
239 B

41ms
40ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEK7xbk74pbgryG-ZYiHTwks&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 27 Jul 2022 08:15:05 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEK7xbk74pbgryG-ZYiHTwks&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7463
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDYzQzA1VjQtMjYtSzlYRQ==

170 B
188 B

55ms
50ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDYzQzA1VjQtMjYtSzlYRQ==

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 08:15:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDYzQzA1VjQtMjYtSzlYRQ==
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 7463
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/KjkVlus374Jt9qzAm53g2cn5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3327010579581842242

0
239 B

39ms
39ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3327010579581842242
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Content-Type: image/gif

Redirect headers

date: Wed, 27 Jul 2022 08:15:06 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3327010579581842242
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 7463
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=MVUTLM9qSqmEsWBGlCjUIA&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=MVUTLM9qSqmEsWBGlCjUIA

43 B
556 B

132ms
130ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=MVUTLM9qSqmEsWBGlCjUIA

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Jul 2022 08:15:06 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: YXR2YBAP6HVGD692FFT4
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=MVUTLM9qSqmEsWBGlCjUIA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 7463
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=LlWn9Ss-RjGShQjJbSomBA&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=LlWn9Ss-RjGShQjJbSomBA

43 B
556 B

129ms
129ms

Image
image/gif

52.95.125.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=LlWn9Ss-RjGShQjJbSomBA

Protocol

HTTP/1.1

Server

52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Jul 2022 08:15:06 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: PCSQT2VK70EVEKGY207N
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=LlWn9Ss-RjGShQjJbSomBA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 7463 70 B
264 B 67ms
60ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 08:15:05 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 5AA3 0
239 B 78ms
75ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=12776&khaos=L63C05V4-26-K9XE
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Content-Type: image/gif

GET
H2 200 chunk-8.aa30ea23474098c92d4e.1658519812594.js Show response
www.xxlmag.com/public/dist/chunks/ 3 KB
1 KB 38ms
37ms Script
application/javascript 192.229.233.172
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xxlmag.com/public/dist/chunks/chunk-8.aa30ea23474098c92d4e.1658519812594.js

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.172 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67D3) / Express

Resource Hash

ebce7a586680316fa9d8b927bdf5ce540bb4216d1738d4c1e29826a90a6737bc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 27 Jul 2022 08:15:06 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 56847
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 1191
last-modified: Mon, 25 Jul 2022 16:26:28 GMT
server: ECS (frb/67D3)
etag: W/"cdd-182362e6e60"
x-frame-options: SAMEORIGIN
x-varnish: 1721927135 1721886644
via: 1.1 varnish
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 27 Jul 2022 08:15:05 GMT

GET
H2 200 chunk-12.5cbcb0e7e2dc86471b44.1658519812594.js Show response
www.xxlmag.com/public/dist/chunks/ 28 KB
7 KB 39ms
38ms Script
application/javascript 192.229.233.172
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xxlmag.com/public/dist/chunks/chunk-12.5cbcb0e7e2dc86471b44.1658519812594.js

Requested by

Host: doi3unldljdx6.cloudfront.net.
URL: https://doi3unldljdx6.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.172 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67C0) / Express

Resource Hash

5d815661b93d14e07db0b6de7b3c1dfce725b291f818d8eebbf7676199d8281e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xxlmag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-abgroup: B
date: Wed, 27 Jul 2022 08:15:06 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 56854
x-powered-by: Express
x-cache: HIT
x-ua-device: desktop
x-device: desktop
content-length: 7335
last-modified: Mon, 25 Jul 2022 16:26:25 GMT
server: ECS (frb/67C0)
etag: W/"70c2-182362e6273"
x-frame-options: SAMEORIGIN
x-varnish: 424880642
via: 1.1 varnish
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 27 Jul 2022 08:15:05 GMT

Verdicts & Comments Add Verdict or Comment

150 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

60 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.xxlmag.com/	1969-12-31 23:59:59	Name: gdpr-source Value: DE
www.xxlmag.com/	1970-01-20 06:58:05	Name: abgroup Value: B
www.xxlmag.com/	1970-01-20 05:31:41	Name: connect.sid Value: s%3Agy6g8UgRJjetCAHPINqKH38_-WNMOc5L.vGj1Lr1dM2o6bmM5%2F8PyiZ8Iq41dheMDaeVZvI7VtZ8
.xxlmag.com/	1970-01-20 22:19:41	Name: _ga Value: GA1.2.349846120.1658909700
.xxlmag.com/	1970-01-20 04:49:56	Name: _gid Value: GA1.2.1571800599.1658909700
cdn.production.townsquareblogs.com/	1970-01-20 13:34:05	Name: aleph Value: ca85563b-550c-507a-85ee-50aedd1aa2d6
www.xxlmag.com/	1970-01-20 22:19:41	Name: aleph Value: ca85563b-550c-507a-85ee-50aedd1aa2d6
.xxlmag.com/	1970-01-20 06:58:05	Name: _fbp Value: fb.1.1658909699954.555572911
.xxlmag.com/	1970-01-20 14:10:05	Name: cmp-data Value: . . 07569fe0-0bd2-4147-b791-5cca5d271db9
.xxlmag.com/	1970-01-20 04:48:29	Name: _gat_primary Value: 1
www.xxlmag.com/	1970-01-20 04:48:31	Name: cogitoergosum Value: eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJXZWQsIDI3IEp1bCAyMDIyIDA4OjE1OjAxIEdNVCJ9
.kargo.com/	1970-01-20 13:34:05	Name: ktcid Value: f5781089-1c71-03d8-1c18-39c13a70d103
.gumgum.com/	1970-01-20 13:34:05	Name: cs Value: true
.gumgum.com/	1970-01-20 05:31:41	Name: loc Value: SfolTs1ZIlPt4unIug7NGHTHprMos3ZuqTBxlXamrm8hq5y7FIAFJqALzTMF75FKPWrPvLHvI6Vn8Of3jTfySlxFcBUU5_13
www.xxlmag.com/	1969-12-31 23:59:59	Name: blingblocksession Value: 1
.go.sonobi.com/	1970-01-20 04:48:30	Name: __uih Value: 1
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB5A Value: s57128\|YuD0C
.xxlmag.com/	1970-01-20 04:48:29	Name: _gat_UA1150030077 Value: 1
.rubiconproject.com/	1970-01-20 13:34:05	Name: khaos Value: L63C05V4-26-K9XE
.rubiconproject.com/	1970-01-20 13:34:05	Name: audit Value: 1\|naVuGyos1qqvHGpX59ERkANb0fGVcfL/XWaA1sYWTLG0RTcz8e+19fbidAOtUZpK0hw/kAS7yMjU8PuKh0hZR8xuhZpbWKLtJ5mi2MgB9yU=
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: h4C-pNKYK8Q
.serverbid.com/	1970-01-20 05:10:05	Name: CONSUMABLEID Value: bc3047e645584cb8b047e645584cb827
.xxlmag.com/	1970-01-20 06:58:05	Name: _gcl_au Value: 1.1.1892149480.1658909702
.id5-sync.com/	1970-01-20 04:48:30	Name: cf Value:
.id5-sync.com/	1970-01-20 04:48:30	Name: cip Value:
.id5-sync.com/	1970-01-20 04:48:30	Name: cnac Value:
.id5-sync.com/	1970-01-20 04:48:30	Name: car Value:
.id5-sync.com/	1970-01-20 04:48:30	Name: gdpr Value:
.id5-sync.com/	1970-01-20 04:48:30	Name: callback Value:
.ads.pubmatic.com/	1970-01-20 04:49:56	Name: KCCH Value: YES
.casalemedia.com/	1970-01-20 13:34:05	Name: CMID Value: YuD0CYfqjmdhh0oqvKCpZgAA
.casalemedia.com/	1970-01-20 06:58:05	Name: CMPS Value: 5151
.casalemedia.com/	1970-01-20 06:58:05	Name: CMPRO Value: 5151
.yahoo.com/	1970-01-20 13:34:27	Name: A3 Value: d=AQABBAn04GICEDGUaVX4sEbQbSVXVK0bHQ0FEgEBAQFF4mLqYgAAAAAA_eMAAA&S=AQAAAtS4CA9qb4mCw4Veh5uYPw0
.adnxs.com/	1970-01-20 06:58:05	Name: uuid2 Value: 8245237639611412181
.analytics.yahoo.com/	1970-01-20 13:34:05	Name: IDSYNC Value: 18z9~268w
.casalemedia.com/	1970-01-20 04:49:56	Name: CMST Value: YuD0CWLg9AkA
.rfihub.com/	1970-01-20 14:10:05	Name: eud Value: H4sIAAAAAAAA_-sS5zU0M7WwNLA0NzA1sTQFAP841BEQAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0MjQ2MzEyM7EwMxPiM9Q1K031TE4qcMv39AkFACsPrLclAAAA
.rfihub.com/	1970-01-20 14:10:05	Name: rud Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0MjQ2MzEyM7EwMxPiM9Q1K031TE4qcMv39AkFACsPrLclAAAA
.casalemedia.com/	1970-01-20 13:34:05	Name: CMRUM3 Value: bc62e0f40905a00&0462e0f40905a0&f162e0f40905a0&2d62e0f40905a0&e662e0f4092760&5162e0f40905a0&2762e0f4090b40&1262e0f40905a0
.admanmedia.com/	1970-01-20 13:34:05	Name: admtr Value: ff5f72e112da1d3d23adb72ad352bdb88a003da9
.quantserve.com/	1970-01-20 06:58:05	Name: d Value: EAYBDQHbJrjvsQA
.quantserve.com/	1970-01-20 14:18:44	Name: mc Value: 62e0f409-ab5fb-a6cc0-28e77
.turn.com/	1970-01-20 09:07:41	Name: uid Value: 4587930079359360360
.everesttech.net/	1970-01-20 13:34:05	Name: everest_g_v2 Value: g_surferid~YuD0CQAB8v09UwA0
.brand-display.com/	1970-01-20 22:19:41	Name: _knxq_ Value: dad221fa-e63d-540f-1c0efae4.1658909705.0.1658909705.1658909705
.doubleclick.net/	1970-01-20 14:10:05	Name: IDE Value: AHWqTUkQj48ghTOSvYxFGwZ_oBiq_-_r56UsbVbs_pKPRmncyPseyUwKmaRvplb9EDk
.company-target.com/	1970-01-20 22:19:41	Name: tuuid Value: 05f9afd7-22d0-4996-9349-8c2eec390d40
.company-target.com/	1970-01-20 22:19:41	Name: tuuid_lu Value: 1658909705
.undertone.com/	1970-01-20 13:34:26	Name: UID_EXT_56 Value: y-W4dB78FE2uE5GbVVM57HcFVcqzJba1H5AfYianc-~A
.casalemedia.com/	1970-01-20 06:58:05	Name: CMTS Value: 5175
.undertone.com/	1970-01-20 13:34:26	Name: UID_EXT_57 Value: YuD0CYfqjmdhh0oqvKCpZgAAFB8AAAIB
www.xxlmag.com/	1970-01-20 04:49:56	Name: usprivacy Value: 1---
.amazon-adsystem.com/	1970-01-22 02:12:58	Name: ad-privacy Value: 0
.amazon-adsystem.com/	1970-01-20 10:45:36	Name: ad-id Value: A8l1LuJyRUqIpnE_dPTsvYc
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 22:20:23	Name: bcookie Value: "v=2&5fe41028-18bb-4c41-8f6b-b35c48fb5e4a"
.linkedin.com/	1970-01-20 22:05:30	Name: li_gc Value: MTswOzE2NTg5MDk3MDY7MjswMjFns+wihA1rfYtp+zYykR0ylZnZonN/XtMCBEh9nC5Jrg==
.linkedin.com/	1970-01-20 04:49:56	Name: lidc Value: "b=OGST08:s=O:r=O:a=O:p=O:g=2357:u=1:x=1:i=1658909706:t=1658996106:v=2:sig=AQEBRGMNjG6DuKwQBpDWCSqNAVqpQuRS"

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope Message: Failed to load resource: the server responded with a status of 451 ()
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5352434.fls.doubleclick.net
a.teads.tv
aax-eu.amazon-adsystem.com
accounts.google.com
action.dstillery.com
action.media6degrees.com
ad-delivery.net
ad.doubleclick.net
ad.turn.com
ads.pubmatic.com
ads.yahoo.com
adservice.google.com
adservice.google.de
ap.lijit.com
apex.go.sonobi.com
api.btloader.com
api.conversant.mgr.consensu.org
api.rlcdn.com
apis.google.com
as-sec.casalemedia.com
btloader.com
bttrack.com
c.amazon-adsystem.com
cdn.conversant.mgr.consensu.org
cdn.production.townsquareblogs.com
cdn.taboola.com
cdn.undertone.com
cm.adgrx.com
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
cs.admanmedia.com
cs.emxdgt.com
dmp.brand-display.com
doi3unldljdx6.cloudfront.net.
dpm.demdex.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
e.serverbid.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
gu.dyntrk.com
hb.undertone.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.clean.gg
ib.adnxs.com
id5-sync.com
image6.pubmatic.com
image8.pubmatic.com
js-sec.indexww.com
krk.kargo.com
match.adsrvr.org
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.quantserve.com
pixel.rubiconproject.com
platform.instagram.com
platform.twitter.com
pr-bh.ybp.yahoo.com
prebid.media.net
proc.ad.cpe.dotomi.com
px.ads.linkedin.com
r.casalemedia.com
rtb.adentifi.com
rtb.openx.net
s.amazon-adsystem.com
s.company-target.com
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
ssl.gstatic.com
ssum-sec.casalemedia.com
static.solutionshindsight.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.go.sonobi.com
sync.serverbid.com
syndication.twitter.com
tlx.3lift.com
token.rubiconproject.com
townsquare.media
townsquaremedia-d.openx.net
u.openx.net
ups.analytics.yahoo.com
us-u.openx.net
usr.undertone.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.instagram.com
www.xxlmag.com
www.youtube.com
x.serverbid.com
104.18.18.126
104.18.19.126
104.244.42.72
104.96.149.237
13.248.245.213
13.32.110.60
13.32.27.88
130.211.23.194
135.125.160.77
141.95.98.70
142.250.185.226
143.204.215.108
143.204.215.49
151.101.193.44
151.101.66.49
159.89.246.130
172.217.16.134
172.217.16.194
178.162.133.149
178.162.133.150
18.156.0.31
18.184.174.1
18.193.53.70
185.64.189.112
185.89.210.181
192.132.33.46
192.229.144.129
192.229.233.172
192.229.233.218
193.0.160.129
198.47.127.18
198.47.127.19
2.18.235.93
2001:678:cb4:bbbb::11
216.52.2.39
23.205.235.133
23.206.210.112
23.21.82.230
23.35.236.201
23.35.236.247
23.75.240.210
2600:9000:214f:8600:7:7419:8e80:21
2600:9000:214f:b200:1f:2473:9080:93a1
2602:803:c003:200::51
2606:2800:234:59:254c:406:2366:268c
2606:4700:20::ac43:4513
2606:4700:20::ac43:4686
2606:4700::6812:a4f
2620:116:800d:21:ef75:8280:f209:5ba1
2620:1ec:21::14
2a00:1288:f03d:1fa::2000
2a00:1450:4001:800::200e
2a00:1450:4001:802::200e
2a00:1450:4001:803::2008
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:810::200d
2a00:1450:4001:811::2003
2a00:1450:4001:812::2003
2a00:1450:4001:829::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2004
2a00:1450:400c:c00::9d
2a02:fa8:8806:12::1370
2a02:fa8:8806:13::1460
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a03:2880:f207:e5:face:b00c:0:4420
2a03:2880:f21c:80c4:face:b00c:0:43fe
2a05:d018:d29:3602:b7de:b03a:b6d2:ca61
34.107.148.139
34.111.151.213
34.120.133.55
34.205.21.143
34.252.153.54
34.95.69.49
35.157.192.91
35.227.252.103
35.244.159.8
51.89.9.251
52.213.169.152
52.223.40.198
52.46.128.147
52.57.39.168
52.95.125.22
54.225.165.83
63.251.232.165
65.9.71.118
66.155.71.25
69.173.144.138
69.173.144.139
88.214.206.247
92.123.36.4
01981572acf2d1818efaba772a3a2541df935a8a6d3435a41aa4ff0f38b576c0
02bbd4863408b30a84607a06424f745dd36099dc8ab5222a93cf39bfe1602bf0
046c5b28b1e8cfdc073965535cacad0d2ae72fa5e29de1f5e7f513d186e2f7dd
04e82241f6db2277d40c7b91f2b2afa8dbd26fe23a7df047618b3ca18505145d
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0b7ba09f2858349da926e9fdfad78d3b6ac5e56ddceb16e48416186a0c952b18
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0d05aa7fda69e5a6629806fe1b77d18eb6ce5a777eed211f77b51b728f62b4a6
0d173137e6d7fab67e8e696fea473731e28fed08d552de686256d0d9dfa21275
0e07e8acc84a94cb2f0053c948e714497b063353afe91c38c44609dabfddac8c
0f94bbb298804c0c06b2df98ea803a97a2da669991b82fba55e0b0d3b78adfe8
10901cad87fed2a95b0ea4e87323bcee883278c988e91c80fb703c4ecf7f008f
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
131a47b5ba169453149f71118f24fd4e8832aa8969662c693e933b923383fd54
1485460341dd7acce60bbff4b235101869025328e39f205fea7c0ea0f4b23ac6
16db736c8a954fea625d63384a7eec2a29ead80b9d123fc4325d4c13730c390e
17c048bfb0138677a5774ee0301b7858b6d3fa8620fcaf62b6b81a0b5a37996a
18df4e6f73e2578a6e9efc6dd6b37f9d6b366e1a1bb677288764d4b72552618f
232334d177f358c07f8271994e6fc0c018abfce7c8910deb604de1440d741c45
23f06c0643529bc819ea2e3551488291076ca18aefaf2e1e637e6d003b79aeb6
24015e87dffbcb2aff83c109e1bb04da370a79c6a2a54b008dcf4a501db4473a
2a04fa46b4ebc4bb2c93126695f45b0acf711870e1f169bb95247592c28c24a8
2b96526c784bdcaa3f94d8978f0359aebee360839b28876d99764fcfd1b94100
2bab58ac1b53672d96548d920eb0f84c9e129c6dce70ae4e10edd4ebe1618c60
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e771a626b910fcbd97ad2a1958e4298c913c60b6ee7ab26de765987dae7535c
331d6c254831ba29998957f1caf9672307ad0ea4c8c804aed6928b598920a76d
33e35e9cfc120a2f7a56d46bd1abb9e882362d11f5c89fc521b5f204ac423d71
3400c27c9329fc2805aa324d61c60db41f90c338450da456b31cde72fd83122c
35196923692f06f97491caf22422cce4b612d5ef07c51842ca94a088b15456e2
37e37dea130138312da1e1713f8ed541fb266098a082d896d540242c8370588b
388900687cb23375bb397d35b5368d2e1f82fe55e951af830a1bf54b6b8607a1
38e1e6c680ef39235e64726496ece6b39355e5fb5d2ff9f94881393427ef9d67
3a9173e7ac12861179d9879cbd7c71ed079f4a4312a39a7b4df6e349701f73b1
3ab6fa0f0fd7d1536e9eef1c39443a759ed4d0858fdceabc5df2961c0c445268
3b3e68476513278679da7b0f0c4605f8a39af661f1fba3878d6bbd3530286ebf
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
3ff1a39d9672729c790142c268210ec06530756a34ada20e32ae0555a9baa443
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
407fb857254fa50f0a268b444d33747646f85b33fbb536463c27d287fb7cf717
4130bb6df64ed956c9cb37a542c7865164604d9c791da8fc35dcb39f5800834c
43e22721ce191cab06c0f7269431a9eac8a32579d764c2e005852d3502c459fc
43eb05e3593d9c1eb46e863b433b9a6e7c0168237468825f236abb3da988e5c5
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
491c32434c693b46f77af4f3b6b3ae7e10fbeb1ba74f703ed2982ae9207cb14d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d9703f5b2fc4a0503e690cdbc7cd298606bdbe68fc31e1badeeb6c270f4a564
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
55cc03f44bf429f9b2eb738d2adbe3214a4fd1dcc40c4e11407d3488b78a2041
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5d815661b93d14e07db0b6de7b3c1dfce725b291f818d8eebbf7676199d8281e
5f9a436123b70ee367976f4053ee005dc8c80556d0a43163ecfc62d3899d88c0
62120f9380044d4eda0cc37fd03839ad449bedd9cb95a651514e917a7617ce18
6261eaa84211fd6d5789603c39885b06a06d96a0fe3d24f4fb42116e9f4dcc22
65803cb6d15f6b70d2d746abb94d575090586c289548268099a66d79cfd67c98
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6716d90fdd2991bf68fa2431ac68ad23adf43f2b74d9e2687b330f1a05bd6056
6808b52575ee5670dc4baccd0a6f6f5e25f02352b7d985af0329b9db21bd536e
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
6bd8bc25d9eb79e291bf1307e527e45cd9b91ae2d652ca9b6a7538a06d437f81
6c7884164b248cb8d87de9edf64dc810e5753bb8ec0cd015800d7f39e08371c1
6cdc75f959fe03ce203208f30b1510eae9c24f97884ac7cb4e58dd69f85bdf34
6d07cd25dd670e4a471aae42095f46ed3e2f346e3ea6a05945f39c3fded8db9d
747d5a0865fe76129cc17fe70097fd5b1db733ed3bbfa0210a8505d80c14ab5a
749ba24a5c1fa567551841499d66407ddcbee72017937757af98686cc8faf5c1
76f79da5351f7839eeced6ee2dd87b7424a5ae0e1daffe15d7b05d3ad479dafa
7a5c8c21210503f0e4f2499e47691b64707000069dc48ce3a62bb4e51223bf98
7b5511237fcf94bad2aca9c53a0da15e1795be9377fac8dc44f06afd51113322
7beb96ef759b267b4159270a64ca009646a2e9a725882896b3dd431198b92058
7c370d9536d7d0d6a0f7cd7f9826692acd93e4fb05ba46f7b630b879740343d3
7c97e2a82ef7f4e39ee0a2299251911bc6e57db5eb122b45316375e6eb291de0
7f500782cb117cf91e9efdb60a0f9dcc445cdcf735f4399690d7d8079f346d68
80ace8e215adf10167e229620b0ad7af6dcb900483f92dbea0dbc3f298d488a4
81ae5b2c86c7e1c4eb9ad5bae6ddb9f82e4f602a00e8d2e71ed59d4d0154f337
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
83114e06ee7ee9d83fd65c45ecd9f992affae8ec13c66441fe6e9a4be02a8852
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83b7ac2274b3bde75dc2eadc6ee79b946bcb516d78f1b66e5c7f4240f7ba8c61
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8bf5698aaafc2d6aabcf5de5ec836291a5ad74ae181b108c929686a608b53126
8c3fd00c0c3abd16cef70910de15c4f434ffb5d42763f13f236e257525cdfed3
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f2d7c46c4b97eee180ce56426c088860826fe1c28744b908993969214cc97c5
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c
9204540ece2723839a16da62af2e02051e58eab9c694c92f8eec9db3c1ed3487
9325cb86c14e757a3266ab710efa8294b3cd00403310dfe09e6f561f7c94b438
95333ee4bb807ecfdd6ad9903f3c4671ebe4e0336cdcd2c5698f5c3014804820
9547ca9374c290e5c266296b487680da873f2d7aad675afb7f8e678284a695bd
95e8487979c6d15c19c3d5c84a705e292d9c796d7587183aa49e830e6ec4adfc
984601230d8cbfe18370425e8e897037cc1a7adf831a691a9ede573cf44479d4
9fd5d1b7af6d944356606e5adef3abbf4399f9e37605fbe5e9852d41083b88fc
9fe8e056e719eda00a080764b82240552e04ca6b449c5cb5ef36d5554e3bce9f
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0b81c9b9e3f5889faa9ae2bb61877b0ccaf5f5246a28d2d8576f29acb3dd485
a0cdb4c842213259d49174c4c3c459db9fc6e1e63bf0f923c4479f96559e9acf
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1cc951bbf1cff8818110958a4bcad1f7c3e5d66062e34fd4df8a6d92c023e62
a35c161d6aaa46b83ded8b9d1caf64bf6fc2138c4466d4b501b50a12b030b1fd
a383ecd625c00c3b5051fd8eb6ad8ab4aa40503f4ebc2267338b11931d17875b
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952
a502f79cb5fa985d8b516eeb3b2ce66e500731cd1999e64b3bb1cb035e784f66
a50854f1ed7f5374ba37a85d251f1577120afbdb4e5c48a196a1fe031b0fd9e5
a5d52cbd84443644376ce6d6b707823e7d78cfbc190074f7a4489d836d40848b
a898b7bf4e6841707907c880a7cfc7568598555c7f44a1f99ac275fc12035a70
ab79a89ceb3f76c027f65fadcfb7cdf283f0d91ec09c047f37910581bb3f7e4e
abf09fc45f87bbae310488f992ff6e9c0ff27e98eed46fac5c827483baea1ced
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
af444a92eedbe0c081a62c6623815251c60ee13fa123fca180450c6922bd5526
b13c284d8d15523bd7ebce4afd286397cf2e82cafe72c0398f2d1724d60102af
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1732408342ec85a59f7a9b344a7e9775aacbdb1d54f41f6508b50260b7b7d17
b4768f41be06cd6cc604370f202e708754359a874c6435b1b203df975fdae015
b4cd3b055ba32e94b5f05141b4bf92c0da37a117f3c7458e5446c1fdfccda098
b5f98699f7656749c3d530f4dfe7089caeeb905005663bd4a8724f86ba8ef2b6
b6895eb31a72ac8b1578d18189c4d08a79631ef443ce889e77c41a725c5e45df
b89064eda1428624b37cb985d66122350bec24e637e0f92b65d2941c3213e564
b95939599754deb2250672a0ecba1494e7af2352a3598695df9684d77f953d73
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
be7fd4a76d16eaf0869c22ccbe53a3baa540ae5cabcc08dd9dc40f68268b883d
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
bf2df4df90f6a936b856b7a4638401ac532498c2803f48ee757780383074d47a
c0e83ed4dab659502d6df1046247df45dafe221cb2912af01b1364b209c848b0
c1f87b6ebedfe2a978cb946c520baf745f8e3a4b47c690f9c7b353a84f7b53ca
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3920b5c92a1b33db03a6884e6cdb82fd05efe44f91492cd029f204ddd070633
c3d3e53145b2e47ef3c4a2a08c8a644b8acf51380859a40d48a39447646e9a02
c5ce585015433e8c2e3488acd77585474b2b452580f49529a8633be8fa053773
c67bf4df9ba03a46ddb9c00560b633602cec438362154d4cb081adc94dc1e5c8
c7bca65ec9bb39b8b07a36b2db5809ed8d2c226d92fa061f3304b61ac7599518
c8de81a1acb5f3788959ecc04eaa6526d5bdb29991157cecbef71042268c0374
c92f8c1646093c23e711bcb85833e2d7abf2ba43ede918321f8910409518999e
cad10c5c765ed47136a6cefff0769e76fe39fe21768680cb511c381ec9a377c7
cc3fab541bafcd197c9333744b0984d4914e2228e3478cd4528b4095f30fd948
ccaf59e06eb4f607fdedb30b166d8ab31ae2f92eaf4a2f998504204f1a2bf526
cdb5ca36664e6906c51c4336873d7b45f29cb48c3b3188c853980813da650712
ce85c8a7437abf6f187133ca1d2c06047f5cfa01e96e6596fee4a78e3e5efd60
ceebd478f7ee4d616961bdb620461332d3d010084a0e1ae84ace97f18e9029ba
ceefb7f24ad304b648086c357ddb865b5485fb6ea69b6a329a5947e2a92b590d
cf46617e4551f4e8bf6252103ac31052454548835a35081232201ca43ec2bccc
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfb9a6f7d528364f67d16655f7636ea28896a6e78b42a3cdb8bcf30c15718f6c
d01a432795fc449091f3e7f9e028fd0ec4932b67421b61ac9c91ee1578067048
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d3112ae98e17f0ef1646d3c2a0dc0d89260387d4575be3f7a73d16dc1b6af5b0
d3a80a9b4f42d0a0d9bab3c816f48c2be0103e114ca3b15f6afea21367dbc987
d3c7fd45ec13ce93bf115a8a55cd6a7c540c7b8606d948560b3d49b2d29fe307
d7014d659e468d94efd3a36b67a9cc3881e33b6e6b2881aa59b22453026e97c9
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
dd73aaa40aaa3f68485ce0099ab91f2db304523f542b95da68397340d58d5c4f
df44e521752c1498e37dfd144919c09af0f4c71f5f8628b8de4809ef270731a8
e074b5405261d1dd603e54917c96e09bd55b8f7ca7a8639c6e2b2643e9dc4b02
e082d1f672b3295188c53ca9590dc0519973411071ff95daeac6ca2472668670
e0b354f2784a6a54b00320cc9a92b5312e1dc7071d1a0df00f10bc4f4a68367f
e0e2be51c5bee7e7fe241738d7ddb1ec7c7a151fd7967e164de9d212aa7293e8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e455c9481ab43afb3fe882d539f47ad82eb560651f6c68a99f4dfb8ff4249d88
e6abf0bec8334553a7df88b9c7f42bdb80b61dbc8dd0bfcf6af3d60f7dfb178a
e74abe796d960404cf16c39564bfa71ab43eaa66e22f6418eb023f50c890ad7b
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
eae6a1f99b7e2ecf6ca48edb9e2082da16b0c607bbcb8729f6458ab6fd3642a9
ebce7a586680316fa9d8b927bdf5ce540bb4216d1738d4c1e29826a90a6737bc
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b
ee412f644e533374cfebb32898d56ff88f446544873fe1df4559e1046e187691
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef68f1402e8b4c134ed2fd2b1e37ea0537244c929d5a679279eb81d5a6908ff6
ef89c3ec1fc75a5bae4c42b0ff553520cf4f2918935eeebc6c98c5962f7ac28f
f164cab4e087e773f8ed0723294ee7bee19681cdb2edc46500d24e52339ca227
f1b1d6aa1745cf49cc01b2b7fe1ed760b42e65532bded54803833f12a89ca90e
f287cc4748880ac3f8eb861217640350ac9e4002e80081f11a456a2fc7ff74d3
f480764f12c8a3e311bfe93091348c19699a2e0f57e03e451d9d7763fcda94e7
f557eace0ab7f5c416209ea3b01c21e6bb36e52bb87b8e1ddc762c9b4ad2f94f
f55fdfabe595363032c7909158714a72825276b03affb5781386d4f7d1c73d0a
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6071a51bf54257a9d0a3e1b26922e4f9d696c91184d0b60b5c69e49e216dfd2
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6876a4cdf4c39b84e9ed9c96396ad94474fc9dcfc98eb48a2cd10640ffd2ad4
f8ab8670be3507d3be02cd5ebfc442c74cdddff40df97a27b5177e4a7b5cf6fc
fb2c182ad912ec66dcb8138774df154a43586e9e3326da371bcd296a7e4ca1b9
fba1bd6312e410489a59cb22593f0afb5c6499610611ebdd844b987d898b256d
fc8e14365d84d370302cbdaafd93afc37a2e9501900046f48b063d3ea13f0cec
ffc2aa2e3e28393c0bb334c2edc77186295b60d64d6eba3de05072cdd6bc47ea
fff7b5b76321e4080e4cf8a5b312d74a943b7ebc2aec9081ac7e17458123fcb2

www.xxlmag.com Open in urlscan Pro 192.229.233.172 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

334 Requests

87 %HTTPS

34 %IPv6

66 Domains

105 Subdomains

84 IPs

10 Countries

4113 kBTransfer

10205 kBSize

60 Cookies

10 Outgoing links

Page URL History

Redirected requests

334 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.xxlmag.com Open in urlscan Pro
192.229.233.172 Public Scan

Screenshot
Live screenshot

Full Image

334
Requests

87 %
HTTPS

34 %
IPv6

66
Domains

105
Subdomains

84
IPs

10
Countries

4113 kB
Transfer

10205 kB
Size

60
Cookies

334 HTTP transactions
2 data transactions