urlscan.io logo urlscan.io
SecurityTrails logo

www.justjared.com Open in urlscan Pro
69.16.175.42  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://justjared.com/
Effective URL: http://www.justjared.com/
Submission: On June 10 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 149 IPs in 13 countries across 141 domains to perform 757 HTTP transactions. The main IP is 69.16.175.42, located in United States and belongs to HIGHWINDS3, US. The main domain is www.justjared.com.
This is the only time www.justjared.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 34.234.30.113 14618 (AMAZON-AES)
45 69.16.175.42 20446 (HIGHWINDS3)
4 2600:9000:218... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 52.222.174.106 16509 (AMAZON-02)
1 143.204.98.56 16509 (AMAZON-02)
2 178.79.242.181 22822 (LLNW)
4 43 2.18.234.21 16625 (AKAMAI-AS)
9 52.222.200.121 16509 (AMAZON-02)
26 142.250.185.66 15169 (GOOGLE)
2 6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
17 69.16.175.10 33438 (HIGHWINDS2)
1 151.139.128.11 20446 (HIGHWINDS3)
1 52.222.174.42 16509 (AMAZON-02)
2 2620:116:800d... 16509 (AMAZON-02)
2 18.196.163.197 16509 (AMAZON-02)
1 143.204.98.69 16509 (AMAZON-02)
2 2606:2800:234... 15133 (EDGECAST)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 2 52.84.174.32 16509 (AMAZON-02)
1 2.19.35.65 16625 (AKAMAI-AS)
1 2 35.190.59.101 15169 (GOOGLE)
2 35.201.67.47 15169 (GOOGLE)
2 35.190.91.160 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 34.238.106.121 14618 (AMAZON-AES)
2 4 2600:9000:218... 16509 (AMAZON-02)
4 35.186.249.84 15169 (GOOGLE)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.244.42.136 13414 (TWITTER)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 18.200.182.178 16509 (AMAZON-02)
2 5 142.250.185.134 15169 (GOOGLE)
32 2a00:1450:400... 15169 (GOOGLE)
1 3 52.222.174.113 16509 (AMAZON-02)
6 52.18.52.16 16509 (AMAZON-02)
1 13 52.95.123.167 16509 (AMAZON-02)
7 18.197.54.206 16509 (AMAZON-02)
3 2.21.111.28 16625 (AKAMAI-AS)
2 13 185.33.220.243 29990 (ASN-APPNEX)
4 213.19.162.31 26667 (RUBICONPR...)
3 52.29.29.202 16509 (AMAZON-02)
4 185.64.189.112 62713 (AS-PUBMATIC)
3 2.18.232.7 16625 (AKAMAI-AS)
1 108.128.8.132 16509 (AMAZON-02)
1 185.86.137.113 201081 (SMARTADSE...)
6 11 69.173.144.165 26667 (RUBICONPR...)
4 4 185.184.8.65 204995 (RTB-HOUSE...)
1 25 52.208.41.69 16509 (AMAZON-02)
5 5 37.252.173.22 29990 (ASN-APPNEX)
10 10 35.157.13.31 16509 (AMAZON-02)
2 2 52.17.151.21 16509 (AMAZON-02)
8 9 70.42.32.127 13789 (INTERNAP-...)
10 17 13.248.242.197 16509 (AMAZON-02)
3 5 35.244.159.8 15169 (GOOGLE)
2 2 34.204.22.100 14618 (AMAZON-AES)
6 13 2a00:1288:110... 34010 (YAHOO-IRD)
2 2 54.175.176.13 14618 (AMAZON-AES)
2 193.122.174.27 31898 (ORACLE-BM...)
4 4 35.157.116.120 16509 (AMAZON-02)
9 9 213.19.147.45 26120 (RHYTHMONE)
4 4 198.148.27.139 19189 (PULSEPOINT)
10 10 185.29.133.208 30419 (MEDIAMATH...)
2 2 151.101.114.49 54113 (FASTLY)
33 51 142.250.186.66 15169 (GOOGLE)
24 2.18.233.180 16625 (AKAMAI-AS)
3 208.100.17.172 32748 (STEADFAST)
2 4 18.195.155.181 16509 (AMAZON-02)
2 2 202.241.208.100 4694 (IDCF IDC ...)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
3 52.84.186.116 16509 (AMAZON-02)
10 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
4 52.222.174.116 16509 (AMAZON-02)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
3 52.44.237.179 14618 (AMAZON-AES)
3 52.222.174.75 16509 (AMAZON-02)
3 54.85.196.20 14618 (AMAZON-AES)
9 46 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 52.222.174.121 16509 (AMAZON-02)
6 104.109.78.125 16625 (AKAMAI-AS)
1 1 88.214.206.247 ()
2 3 2a02:fa8:8806... 41041 (VCLK-EU-SE)
4 4 2001:678:cb4:... ()
2 3 72.251.249.14 29791 (VOXEL-DOT...)
6 21 18.197.137.147 16509 (AMAZON-02)
4 8 54.239.17.112 16509 (AMAZON-02)
4 4 2620:116:800d... ()
8 8 151.101.14.49 ()
3 2606:4700::68... 13335 (CLOUDFLAR...)
3 54.228.36.200 16509 (AMAZON-02)
1 3 3.120.68.251 16509 (AMAZON-02)
2 213.254.244.24 36062 (DOUBLE-VE...)
5 2a00:1450:400... 15169 (GOOGLE)
12 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 35.178.117.251 ()
2 2 35.156.153.71 ()
6 6 3.126.56.137 ()
1 34.120.25.144 15169 (GOOGLE)
4 18.157.108.214 16509 (AMAZON-02)
3 2600:9000:218... 16509 (AMAZON-02)
1 1 23.45.99.241 ()
12 3.216.185.149 14618 (AMAZON-AES)
4 151.101.113.194 54113 (FASTLY)
3 8 185.64.190.78 62713 (AS-PUBMATIC)
1 20 185.64.190.80 62713 (AS-PUBMATIC)
2 2 185.94.180.126 ()
2 2a00:1288:80:... 203220 (YAHOO-DEB)
4 4 3.127.92.82 ()
4 216.52.2.39 29791 (VOXEL-DOT...)
1 1 154.59.122.79 ()
4 2a00:1450:400... 15169 (GOOGLE)
5 2600:9000:218... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 23.111.9.35 33438 (HIGHWINDS2)
1 2a00:1450:400... 15169 (GOOGLE)
1 150.136.25.38 31898 (ORACLE-BM...)
1 178.162.133.150 60781 (LEASEWEB-...)
2 2600:9000:215... 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
9 11 37.157.3.29 198622 (ADFORM)
4 4 213.155.156.166 ()
14 185.64.189.110 62713 (AS-PUBMATIC)
2 178.250.2.151 44788 (ASN-CRITE...)
8 185.64.189.114 62713 (AS-PUBMATIC)
3 3 51.210.112.63 ()
2 6 2606:4700:10:... 13335 (CLOUDFLAR...)
2 159.253.128.188 36351 (SOFTLAYER)
1 199.232.82.2 54113 (FASTLY)
1 35.244.174.68 15169 (GOOGLE)
1 2 2a02:2638:1::13 44788 (ASN-CRITE...)
2 178.250.0.157 44788 (ASN-CRITE...)
1 1 52.73.31.234 ()
1 3.226.4.134 14618 (AMAZON-AES)
3 5 51.89.21.8 16276 (OVH)
1 34.120.133.55 15169 (GOOGLE)
4 2.18.232.130 16625 (AKAMAI-AS)
8 37.157.2.237 198622 (ADFORM)
4 37.157.2.248 198622 (ADFORM)
1 34.253.109.165 16509 (AMAZON-02)
1 52.44.64.106 14618 (AMAZON-AES)
1 1 54.78.251.22 ()
14 14 52.49.238.187 ()
3 3 35.210.178.101 ()
1 1 35.186.193.173 ()
1 2 52.212.101.97 16509 (AMAZON-02)
3 3 85.114.159.93 ()
2 2 185.86.137.110 ()
4 4 35.201.96.126 ()
2 185.64.190.87 62713 (AS-PUBMATIC)
2 4 77.243.60.138 42697 (NETIC-AS)
2 4 18.198.126.47 16509 (AMAZON-02)
2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
4 94.130.16.67 24940 (HETZNER-AS)
8 8 34.96.87.151 ()
6 52.222.174.58 16509 (AMAZON-02)
4 4 84.200.5.215 ()
2 2 5.148.168.135 ()
4 6 2a00:17c8:0:1... 12511 (CH-POSTNE...)
4 2a01:ab20:0:2... 47302 (CYON)
2 52.222.174.102 16509 (AMAZON-02)
1 1 35.190.0.66 ()
1 1 139.162.84.221 ()
1 4 178.162.133.149 60781 (LEASEWEB-...)
1 1 37.9.245.57 ()
1 1 35.205.207.25 ()
2 2 18.193.144.52 ()
8 9 35.156.245.144 16509 (AMAZON-02)
1 174.137.133.49 27257 (WEBAIR-IN...)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
7 13 185.33.221.53 29990 (ASN-APPNEX)
1 52.94.232.32 16509 (AMAZON-02)
2 2 162.55.6.212 ()
2 2 87.98.228.78 ()
3 2606:4700:20:... 13335 (CLOUDFLAR...)
2 173.231.180.197 29791 (VOXEL-DOT...)
1 2 52.204.206.9 14618 (AMAZON-AES)
2 2 34.98.107.212 ()
4 4 37.252.172.36 ()
1 75.2.13.80 16509 (AMAZON-02)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 104.16.68.69 13335 (CLOUDFLAR...)
1 152.199.22.191 15133 (EDGECAST)
1 104.17.119.107 13335 (CLOUDFLAR...)
5 34.98.64.218 15169 (GOOGLE)
2 2 52.17.54.18 ()
4 4 51.83.106.180 ()
2 2 3.123.96.39 ()
2 2 162.210.196.208 ()
1 192.132.33.46 18568 (BIDTELLECT)
1 34.98.67.61 15169 (GOOGLE)
757 149
1    34.234.30.113 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
justjared.com
45    69.16.175.42 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: tlb.hwcdn.net
www.justjared.com
cdn01.cdn.justjared.com
cdn03.cdn.justjared.com
cdn04.cdn.justjared.com
4    2600:9000:218d:1e00:0:bed9:b980:21 (United States)

ASN16509 (AMAZON-02, US)
d188m5xxcpvuue.cloudfront.net
1    2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    52.222.174.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-174-106.cdg50.r.cloudfront.net
cdn.privacy-mgmt.com
1    143.204.98.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-56.fra50.r.cloudfront.net
ccpa.sp-prod.net
2    178.79.242.181 (United States)

ASN22822 (LLNW, US)
PTR: https-178-79-242-181.fra.llnw.net
tradecraft.s.llnwi.net
43    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
js-sec.indexww.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
as-sec.casalemedia.com
dsum.casalemedia.com
9    52.222.200.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-200-121.cdg50.r.cloudfront.net
c.amazon-adsystem.com
26    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
6    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2606:4700:3039::6815:c076 (United States)

ASN13335 (CLOUDFLARENET, US)
mediatradecraft-com.videoplayerhub.com
1    2606:4700:20::681a:78b (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
17    69.16.175.10 (United States)

ASN33438 (HIGHWINDS2, US)
PTR: hwcdn.net
cdn02.cdn.justjared.com
cdn01.cdn.justjaredjr.com
cdn02.cdn.justjaredjr.com
cdn03.cdn.justjaredjr.com
1    151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)
s.skimresources.com
1    52.222.174.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-174-42.cdg50.r.cloudfront.net
b.scorecardresearch.com
2    2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)
edge.quantserve.com
2    18.196.163.197 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-163-197.eu-central-1.compute.amazonaws.com
message.sp-prod.net
1    143.204.98.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-69.fra50.r.cloudfront.net
js.gumgum.com
2    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
1    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    52.84.174.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-174-32.cdg50.r.cloudfront.net
get.s-onetag.com
1    2.19.35.65 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com
ads.rubiconproject.com
2    35.190.59.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.59.190.35.bc.googleusercontent.com
r.skimresources.com
2    35.201.67.47 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 47.67.201.35.bc.googleusercontent.com
t.skimresources.com
2    35.190.91.160 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 160.91.190.35.bc.googleusercontent.com
p.skimresources.com
3    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    34.238.106.121 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-238-106-121.compute-1.amazonaws.com
ccpa-service.sp-prod.net
4    2600:9000:218d:600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
4    35.186.249.84 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 84.249.186.35.bc.googleusercontent.com
sulkycook.com
2    2606:4700:10::6814:a25 (United States)

ASN13335 (CLOUDFLARENET, US)
sac.ayads.co
geoworker.ayads.co
1    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    104.244.42.136 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
1    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
6    18.200.182.178 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-200-182-178.eu-west-1.compute.amazonaws.com
antenna.ayads.co
5    142.250.185.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f6.1e100.net
ad.doubleclick.net
32    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    52.222.174.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-174-113.cdg50.r.cloudfront.net
sb.scorecardresearch.com
6    52.18.52.16 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
g2.gumgum.com
ie-lb.gumgum.com
13    52.95.123.167 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
7    18.197.54.206 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-54-206.eu-central-1.compute.amazonaws.com
prebid-server.rubiconproject.com
3    2.21.111.28 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-111-28.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
13    185.33.220.243 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
4    213.19.162.31 (United Kingdom)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
3    52.29.29.202 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-29-202.eu-central-1.compute.amazonaws.com
tlx.3lift.com
4    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
3    2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com
a.teads.tv
1    108.128.8.132 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
optchk.ayads.co
1    185.86.137.113 (France)

ASN201081 (SMARTADSERVER, FR)
www8.smartadserver.com
11    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
pixel-eu.rubiconproject.com
token.rubiconproject.com
4    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
creativecdn.com
25    52.208.41.69 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
rtb.gumgum.com
5    37.252.173.22 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
10    35.157.13.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-13-31.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    52.17.151.21 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-151-21.eu-west-1.compute.amazonaws.com
ads.avct.cloud
9    70.42.32.127 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
sync.outbrain.com
b1sync.zemanta.com
17    13.248.242.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
5    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
us-u.openx.net
insticator-d.openx.net
2    34.204.22.100 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.srv.stackadapt.com
13    2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
2    54.175.176.13 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.ipredictive.com
2    193.122.174.27 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
4    35.157.116.120 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ad.360yield.com
9    213.19.147.45 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
4    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
10    185.29.133.208 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
51    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
cm.g.doubleclick.net
24    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
3    208.100.17.172 (United States)

ASN32748 (STEADFAST, US)
ssc-cms.33across.com
4    18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
cs.emxdgt.com
2    202.241.208.100 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
1    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.ch
4    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
5    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com
aa5208257b043a118cd885646456b3fa.safeframe.googlesyndication.com
3    52.84.186.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-186-116.cdg50.r.cloudfront.net
d2na2p72vtqyok.cloudfront.net
10    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    2606:4700::6812:417 (United States)

ASN13335 (CLOUDFLARENET, US)
tags.expo9.exponential.com
4    52.222.174.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-174-116.cdg50.r.cloudfront.net
dfp-gateway.s-onetag.com
2    2a02:26f0:6c00:28a::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
player.aniview.com
3    52.44.237.179 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-237-179.compute-1.amazonaws.com
track1.aniview.com
3    52.222.174.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-174-75.cdg50.r.cloudfront.net
check.analytics.rlcdn.com
3    54.85.196.20 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
1x1.a-mo.net
46    2606:4700::6812:c05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    52.222.174.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-174-121.cdg50.r.cloudfront.net
s.ad.smaato.net
6    104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    88.214.206.247 (United Kingdom)

ASN- ()
cs.admanmedia.com
3    2a02:fa8:8806:16::1400 (United States)

ASN41041 (VCLK-EU-SE, US)
amazon-tam-match.dotomi.com
casale-match.dotomi.com
4    2001:678:cb4:bbbb::11 (United Kingdom)

ASN- ()
ad.turn.com
3    72.251.249.14 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
21    18.197.137.147 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
eb2.3lift.com
8    54.239.17.112 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
4    2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN- ()
pixel.quantserve.com
8    151.101.14.49 (Frankfurt am Main, Germany)

ASN- ()
sync-tm.everesttech.net
3    2606:4700::6812:d05 (United States)

ASN13335 (CLOUDFLARENET, US)
cdnx.tribalfusion.com
3    54.228.36.200 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-36-200.eu-west-1.compute.amazonaws.com
beacon.krxd.net
3    3.120.68.251 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
t.myvisualiq.net
2    213.254.244.24 (United States)

ASN36062 (DOUBLE-VERIFY, US)
tps.doubleverify.com
5    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.ch
googleads.g.doubleclick.net
12    2606:4700::6810:5f41 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
1    35.178.117.251 (London, United Kingdom)

ASN- ()
PTR: ec2-35-178-117-251.eu-west-2.compute.amazonaws.com
aa.agkn.com
2    35.156.153.71 (Frankfurt am Main, Germany)

ASN- ()
pixel.advertising.com
6    3.126.56.137 (Frankfurt am Main, Germany)

ASN- ()
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    34.120.25.144 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 144.25.120.34.bc.googleusercontent.com
public-prod-dspcookiematching.dmxleo.com
4    18.157.108.214 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
prebid-a.rubiconproject.com
3    2600:9000:218c:d200:1c:386f:ec80:21 (United States)

ASN16509 (AMAZON-02, US)
d3lcz8vpax4lo2.cloudfront.net
1    23.45.99.241 (Frankfurt am Main, Germany)

ASN- ()
PTR: a23-45-99-241.deploy.static.akamaitechnologies.com
tags.bluekai.com
12    3.216.185.149 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
geoip.insticator.com
b2c.insticator.com
event.insticator.com
cms.insticator.com
4    151.101.113.194 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
confiant-integrations.global.ssl.fastly.net
8    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
20    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
2    185.94.180.126 (United States)

ASN- ()
sync.search.spotxchange.com
2    2a00:1288:80:800::7001 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
4    3.127.92.82 (Frankfurt am Main, Germany)

ASN- ()
pm.w55c.net
4    216.52.2.39 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ce.lijit.com
1    154.59.122.79 (United States)

ASN- ()
ums.acuityplatform.com
4    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
5    2600:9000:218c:be00:10:3422:3f00:21 (United States)

ASN16509 (AMAZON-02, US)
df80k0z3fi8zg.cloudfront.net
2    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    23.111.9.35 (United States)

ASN33438 (HIGHWINDS2, US)
use.fontawesome.com
1    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    150.136.25.38 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
prebid.technoratimedia.com
1    178.162.133.150 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com
apex.go.sonobi.com
2    2600:9000:2156:6c00:1a:5302:20c0:21 (United States)

ASN16509 (AMAZON-02, US)
dh014lg6uwepv.cloudfront.net
6    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
11    37.157.3.29 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
4    213.155.156.166 (Sweden)

ASN- ()
d5p.de17a.com
14    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
8    185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
3    51.210.112.63 (France)

ASN- ()
PTR: ns3174889.ip-51-210-112.eu
pixel.onaudience.com
6    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
2    159.253.128.188 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: bc.80.fd9f.ip4.static.sl-reverse.com
um.simpli.fi
1    199.232.82.2 (Marseille, France)

ASN54113 (FASTLY, US)
media1.giphy.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
id.rlcdn.com
2    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    52.73.31.234 (Ashburn, United States)

ASN- ()
px.britepool.com
1    3.226.4.134 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
thrtle.com
5    51.89.21.8 (London, United Kingdom)

ASN16276 (OVH, FR)
id5-sync.com
1    34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
4    2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com
acdn.adnxs.com
8    37.157.2.237 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
4    37.157.2.248 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
1    34.253.109.165 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
id.crwdcntrl.net
1    52.44.64.106 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rtb.adentifi.com
1    54.78.251.22 (Dublin, Ireland)

ASN- ()
d.adroll.com
14    52.49.238.187 (Dublin, Ireland)

ASN- ()
PTR: ec2-52-49-238-187.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
3    35.210.178.101 (Brussels, Belgium)

ASN- ()
a.volvelle.tech
1    35.186.193.173 (Kansas City, United States)

ASN- ()
cm.ctnsnet.com
2    52.212.101.97 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-101-97.eu-west-1.compute.amazonaws.com
dpm.demdex.net
3    85.114.159.93 (Germany)

ASN- ()
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    185.86.137.110 (France)

ASN- ()
rtb-csync.smartadserver.com
4    35.201.96.126 (Kansas City, United States)

ASN- ()
PTR: 126.96.201.35.bc.googleusercontent.com
visitor.fiftyt.com
2    185.64.190.87 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
4    77.243.60.138 (Hjørring, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
4    18.198.126.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-126-47.eu-central-1.compute.amazonaws.com
loadm.exelator.com
2    2a02:fa8:8806:20::2010 (United States)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
4    94.130.16.67 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: veramedia1.timmeserver.de
assets.bly.ch
8    34.96.87.151 (Kansas City, United States)

ASN- ()
impch.tradedoubler.com
impfr.tradedoubler.com
6    52.222.174.58 (United States)

ASN16509 (AMAZON-02, US)
img.tradedoubler.com
4    84.200.5.215 (Germany)

ASN- ()
cct.connects.ch
cct.shop.post.ch
2    5.148.168.135 (Zurich, Switzerland)

ASN- ()
PTR: adresult08.nine.ch
tracking.adtracker.ch
6    2a00:17c8:0:103::20a (Bern, Switzerland)

ASN12511 (CH-POSTNETZ Post CH AG, CH)
www.post.ch
4    2a01:ab20:0:203::1:245 (Switzerland)

ASN47302 (CYON, CH)
campaigns.cembra.ch
2    52.222.174.102 (United States)

ASN16509 (AMAZON-02, US)
vht.tradedoubler.com
1    35.190.0.66 (Kansas City, United States)

ASN- ()
ads.travelaudience.com
1    139.162.84.221 (Tokyo, Japan)

ASN- ()
PTR: li1564-221.members.linode.com
a.c.appier.net
4    178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
1    37.9.245.57 (Russian Federation)

ASN- ()
google.ops.beeline.ru
1    35.205.207.25 (Brussels, Belgium)

ASN- ()
ads.avads.net
2    18.193.144.52 (Frankfurt am Main, Germany)

ASN- ()
a.sportradarserving.com
9    35.156.245.144 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
x.bidswitch.net
1    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
dsp.adkernel.com
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
13    185.33.221.53 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    52.94.232.32 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    162.55.6.212 (Germany)

ASN- ()
PTR: static.212.6.55.162.clients.your-server.de
csync.loopme.me
2    87.98.228.78 (Spain)

ASN- ()
PTR: ip78.ip-87-98-228.eu
green.erne.co
3    2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
2    173.231.180.197 (United States)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
2    52.204.206.9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
a.audrte.com
2    34.98.107.212 (Kansas City, United States)

ASN- ()
ads.playground.xyz
4    37.252.172.36 (Frankfurt am Main, Germany)

ASN- ()
PTR: 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
1    75.2.13.80 (United States)

ASN16509 (AMAZON-02, US)
connect-metrics-collector.s-onetag.com
2    2606:4700:20::681a:567 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
1    104.16.68.69 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.districtm.io
1    152.199.22.191 (United States)

ASN15133 (EDGECAST, US)
ad-cdn.technoratimedia.com
1    104.17.119.107 (United States)

ASN13335 (CLOUDFLARENET, US)
biddr.brealtime.com
5    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
eu-u.openx.net
us-u.openx.net
2    52.17.54.18 (Dublin, Ireland)

ASN- ()
dpm.demdex.net
4    51.83.106.180 (Peyrestortes, France)

ASN- ()
cookie-matching.mediarithmics.com
2    3.123.96.39 (Frankfurt am Main, Germany)

ASN- ()
ads.creative-serving.com
2    162.210.196.208 (Falls Church, United States)

ASN- ()
sync.aralego.com
1    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
1    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
odr.mookie1.com
Apex Domain
Subdomains		 Transfer
81 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
ad.doubleclick.net
cm.g.doubleclick.net
googleads.g.doubleclick.net
319 KB
80 pubmatic.com
hbopenbid.pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
simage2.pubmatic.com
image2.pubmatic.com
image4.pubmatic.com
simage4.pubmatic.com
aud.pubmatic.com
361 KB
60 justjared.com
justjared.com
www.justjared.com
cdn01.cdn.justjared.com
cdn02.cdn.justjared.com
cdn03.cdn.justjared.com
cdn04.cdn.justjared.com
1 MB
49 tribalfusion.com
a.tribalfusion.com
cdnx.tribalfusion.com
s.tribalfusion.com
93 KB
46 googlesyndication.com
tpc.googlesyndication.com
2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com
pagead2.googlesyndication.com
aa5208257b043a118cd885646456b3fa.safeframe.googlesyndication.com
334 KB
39 adnxs.com
ib.adnxs.com
secure.adnxs.com
acdn.adnxs.com
94 KB
37 casalemedia.com
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
as-sec.casalemedia.com
dsum.casalemedia.com
45 KB
33 rubiconproject.com
ads.rubiconproject.com
prebid-server.rubiconproject.com
fastlane.rubiconproject.com
pixel.rubiconproject.com
eus.rubiconproject.com
prebid-a.rubiconproject.com Failed
pixel-eu.rubiconproject.com
token.rubiconproject.com
165 KB
32 gumgum.com
js.gumgum.com
g2.gumgum.com
rtb.gumgum.com
ie-lb.gumgum.com
48 KB
31 amazon-adsystem.com
c.amazon-adsystem.com
aax-eu.amazon-adsystem.com
s.amazon-adsystem.com
49 KB
24 3lift.com
tlx.3lift.com
eb2.3lift.com
10 KB
23 adform.net
c1.adform.net
track.adform.net
s1.adform.net
81 KB
21 yahoo.com
pr-bh.ybp.yahoo.com
ups.analytics.yahoo.com
ads.yahoo.com
10 KB
19 bidswitch.net
x.bidswitch.net
6 KB
17 adsrvr.org
match.adsrvr.org Failed
7 KB
17 cloudfront.net
d188m5xxcpvuue.cloudfront.net
d2na2p72vtqyok.cloudfront.net
d3lcz8vpax4lo2.cloudfront.net
df80k0z3fi8zg.cloudfront.net
dh014lg6uwepv.cloudfront.net
309 KB
16 tradedoubler.com
impch.tradedoubler.com
img.tradedoubler.com
impfr.tradedoubler.com
vht.tradedoubler.com
60 KB
14 bidr.io
match.prod.bidr.io
6 KB
12 insticator.com
geoip.insticator.com
b2c.insticator.com
event.insticator.com
cms.insticator.com
26 KB
12 cloudflareinsights.com
static.cloudflareinsights.com
60 KB
11 google.com
www.google.com
adservice.google.com
2 KB
10 googletagservices.com
www.googletagservices.com
336 KB
10 everesttech.net
sync-tm.everesttech.net
2 KB
10 mathtag.com
sync.mathtag.com
5 KB
10 openx.net
us-u.openx.net
insticator-d.openx.net
eu-u.openx.net
3 KB
9 ayads.co
sac.ayads.co
antenna.ayads.co
geoworker.ayads.co
optchk.ayads.co
96 KB
9 indexww.com
js-sec.indexww.com
21 KB
8 post.ch
cct.shop.post.ch
www.post.ch
3 KB
7 lijit.com
ap.lijit.com
ce.lijit.com
7 KB
7 s-onetag.com
get.s-onetag.com
onetag-geo.s-onetag.com Failed
signal-beacon.s-onetag.com Failed
dfp-gateway.s-onetag.com
connect-metrics-collector.s-onetag.com
14 KB
7 skimresources.com
s.skimresources.com
r.skimresources.com
t.skimresources.com
p.skimresources.com
22 KB
7 gstatic.com
www.gstatic.com
fonts.gstatic.com
275 KB
6 zeotap.com
spl.zeotap.com
mwzeom.zeotap.com
2 KB
6 criteo.com
dis.criteo.com
gum.criteo.com
mug.criteo.com
2 KB
6 1rx.io
sync.1rx.io
tag.1rx.io Failed
3 KB
6 quantserve.com
edge.quantserve.com
pixel.quantserve.com
20 KB
5 id5-sync.com
id5-sync.com
7 KB
5 sonobi.com
apex.go.sonobi.com
sync.go.sonobi.com
5 KB
5 dotomi.com
amazon-tam-match.dotomi.com
casale-match.dotomi.com
pubmatic-match.dotomi.com
569 B
5 aniview.com
player.aniview.com
track1.aniview.com
go1.aniview.com Failed
106 KB
5 zemanta.com
b1sync.zemanta.com
1 KB
5 rlcdn.com
api.rlcdn.com Failed
check.analytics.rlcdn.com
id.rlcdn.com
1 KB
4 mediarithmics.com
cookie-matching.mediarithmics.com
2 KB
4 cembra.ch
campaigns.cembra.ch
3 KB
4 bly.ch
assets.bly.ch
1 KB
4 exelator.com
loadm.exelator.com
6 KB
4 semasio.net
uipglob.semasio.net
2 KB
4 fiftyt.com
visitor.fiftyt.com
2 KB
4 de17a.com
d5p.de17a.com
1 KB
4 demdex.net
dpm.demdex.net Failed
3 KB
4 w55c.net
pm.w55c.net
3 KB
4 fastly.net
confiant-integrations.global.ssl.fastly.net
121 KB
4 turn.com
ad.turn.com
2 KB
4 google.ch
adservice.google.ch
1 KB
4 emxdgt.com
cs.emxdgt.com
hb.emxdgt.com Failed
475 B
4 contextweb.com
bh.contextweb.com
3 KB
4 360yield.com
ad.360yield.com
1 KB
4 technoratimedia.com
sync.technoratimedia.com
prebid.technoratimedia.com
ad-cdn.technoratimedia.com
6 KB
4 outbrain.com
sync.outbrain.com
1 KB
4 creativecdn.com
creativecdn.com
1 KB
4 sulkycook.com
sulkycook.com
31 KB
4 quantcount.com
rules.quantcount.com
2 KB
4 scorecardresearch.com
b.scorecardresearch.com
sb.scorecardresearch.com
3 KB
4 sp-prod.net
ccpa.sp-prod.net
message.sp-prod.net
ccpa-service.sp-prod.net Failed
19 KB
3 ad4m.at
ad4m.at
1 KB
3 bing.com
c.bing.com
959 B
3 adition.com
dsp.adfarm1.adition.com
2 KB
3 volvelle.tech
a.volvelle.tech
2 KB
3 onaudience.com
pixel.onaudience.com
1 KB
3 myvisualiq.net
t.myvisualiq.net
2 KB
3 krxd.net
beacon.krxd.net
1012 B
3 exponential.com
tags.expo9.exponential.com
43 KB
3 33across.com
ssc-cms.33across.com
ssc.33across.com Failed
3 unrulymedia.com
sync.targeting.unrulymedia.com
2 KB
3 smartadserver.com
www8.smartadserver.com
rtb-csync.smartadserver.com
2 KB
3 teads.tv
a.teads.tv
1 KB
3 a-mo.net
prebid.a-mo.net Failed
1x1.a-mo.net
265 B
3 google-analytics.com
www.google-analytics.com
19 KB
3 googleapis.com
ajax.googleapis.com
fonts.googleapis.com
26 KB
3 twitter.com
platform.twitter.com
syndication.twitter.com
132 KB
3 justjaredjr.com
cdn01.cdn.justjaredjr.com
cdn02.cdn.justjaredjr.com
cdn03.cdn.justjaredjr.com
166 KB
3 privacy-mgmt.com
cdn.privacy-mgmt.com
68 KB
2 creative-serving.com
ads.creative-serving.com
1 KB
2 aralego.net
cdn.aralego.net
2 KB
2 playground.xyz
ads.playground.xyz
728 B
2 audrte.com
a.audrte.com
2 KB
2 adgrx.com
cm.adgrx.com
816 B
2 erne.co
green.erne.co
651 B
2 loopme.me
csync.loopme.me
392 B
2 sportradarserving.com
a.sportradarserving.com
1 KB
2 adtracker.ch
tracking.adtracker.ch
344 B
2 connects.ch
cct.connects.ch
333 B
2 simpli.fi
um.simpli.fi
1 KB
2 aralego.com
hb.aralego.com Failed
sync.aralego.com
781 B
2 fontawesome.com
use.fontawesome.com
85 KB
2 spotxchange.com
sync.search.spotxchange.com
1 KB
2 advertising.com
pixel.advertising.com
693 B
2 doubleverify.com
tps.doubleverify.com
790 B
2 socdm.com
tg.socdm.com
2 KB
2 ipredictive.com
sync.ipredictive.com
856 B
2 stackadapt.com
sync.srv.stackadapt.com
1 KB
2 avct.cloud
ads.avct.cloud
892 B
2 google.de
www.google.de
170 B
2 facebook.net
connect.facebook.net
67 KB
2 llnwi.net
tradecraft.s.llnwi.net
5 KB
1 mookie1.com
odr.mookie1.com
608 B
1 bttrack.com
bttrack.com
380 B
1 brealtime.com
biddr.brealtime.com
1 KB
1 adkernel.com
dsp.adkernel.com
233 B
1 avads.net
ads.avads.net
428 B
1 beeline.ru
google.ops.beeline.ru
762 B
1 appier.net
a.c.appier.net
559 B
1 travelaudience.com
ads.travelaudience.com
609 B
1 ctnsnet.com
cm.ctnsnet.com
gcm.ctnsnet.com Failed
411 B
1 adroll.com
d.adroll.com
112 B
1 adentifi.com
rtb.adentifi.com
88 B
1 thrtle.com
thrtle.com
1 britepool.com
px.britepool.com
api.britepool.com Failed
650 B
1 giphy.com
media1.giphy.com
664 KB
1 districtm.io
dmx.districtm.io Failed
cdn.districtm.io
1 acuityplatform.com
ums.acuityplatform.com
609 B
1 bluekai.com
tags.bluekai.com
818 B
1 dmxleo.com
public-prod-dspcookiematching.dmxleo.com
176 B
1 agkn.com
aa.agkn.com
328 B
1 crwdcntrl.net
bcp.crwdcntrl.net Failed
id.crwdcntrl.net
429 B
1 admanmedia.com
cs.admanmedia.com
416 B
1 smaato.net
s.ad.smaato.net
549 B
1 btloader.com
btloader.com
5 KB
1 videoplayerhub.com
mediatradecraft-com.videoplayerhub.com
733 B
1 googletagmanager.com
www.googletagmanager.com
35 KB
0 adhigh.net Failed
px.adhigh.net Failed
0 dyntrk.com Failed
c.eu1.dyntrk.com Failed
0 netmng.com Failed
google2waycm.netmng.com Failed
0 sitescout.com Failed
pixel-sync.sitescout.com Failed
0 bidtheatre.com Failed
match.adsby.bidtheatre.com Failed
0 webtradehub.com Failed
ssp-nj.webtradehub.com Failed
0 brand-display.com Failed
dmp.brand-display.com Failed
0 splicky.com Failed
bidswitch-eu.splicky.com Failed
0 rfihub.com Failed
p.rfihub.com Failed
0 deepintent.com Failed
match.deepintent.com Failed
0 liadm.com Failed
idx.liadm.com Failed
757 141
Domain Requested by
51 cm.g.doubleclick.net 33 redirects rtb.gumgum.com
ap.lijit.com
aax-eu.amazon-adsystem.com
www.justjared.com
2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com
eb2.3lift.com
eu-u.openx.net
41 a.tribalfusion.com 6 redirects tags.expo9.exponential.com
a.tribalfusion.com
static.cloudflareinsights.com
32 tpc.googlesyndication.com sulkycook.com
securepubads.g.doubleclick.net
www.justjared.com
aa5208257b043a118cd885646456b3fa.safeframe.googlesyndication.com
tpc.googlesyndication.com
2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com
26 ib.adnxs.com 9 redirects ads.rubiconproject.com
sac.ayads.co
df80k0z3fi8zg.cloudfront.net
acdn.adnxs.com
eb2.3lift.com
www.justjared.com
25 rtb.gumgum.com 1 redirects ads.rubiconproject.com
rtb.gumgum.com
aax-eu.amazon-adsystem.com
ads.pubmatic.com
24 ads.pubmatic.com rtb.gumgum.com
aax-eu.amazon-adsystem.com
d3lcz8vpax4lo2.cloudfront.net
ads.pubmatic.com
ads.rubiconproject.com
df80k0z3fi8zg.cloudfront.net
23 dsum-sec.casalemedia.com 4 redirects ssum-sec.casalemedia.com
21 eb2.3lift.com 6 redirects ads.rubiconproject.com
eb2.3lift.com
21 securepubads.g.doubleclick.net www.justjared.com
securepubads.g.doubleclick.net
www.googletagservices.com
a.tribalfusion.com
20 simage2.pubmatic.com 1 redirects ads.pubmatic.com
19 x.bidswitch.net 18 redirects www.justjared.com
17 match.adsrvr.org js-sec.indexww.com
ssum-sec.casalemedia.com
ads.rubiconproject.com
ads.pubmatic.com
eb2.3lift.com
eu-u.openx.net
14 match.prod.bidr.io 14 redirects
14 image2.pubmatic.com ads.pubmatic.com
14 cdn02.cdn.justjared.com www.justjared.com
13 pr-bh.ybp.yahoo.com 6 redirects ads.pubmatic.com
ssum-sec.casalemedia.com
13 aax-eu.amazon-adsystem.com 1 redirects c.amazon-adsystem.com
aax-eu.amazon-adsystem.com
rtb.gumgum.com
ssum-sec.casalemedia.com
ap.lijit.com
ads.pubmatic.com
13 cdn03.cdn.justjared.com www.justjared.com
13 cdn01.cdn.justjared.com www.justjared.com
12 static.cloudflareinsights.com a.tribalfusion.com
11 c1.adform.net 9 redirects ads.pubmatic.com
11 cdn04.cdn.justjared.com www.justjared.com
10 www.googletagservices.com securepubads.g.doubleclick.net
aa5208257b043a118cd885646456b3fa.safeframe.googlesyndication.com
d3lcz8vpax4lo2.cloudfront.net
2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com
10 sync-tm.everesttech.net 10 redirects
10 sync.mathtag.com 10 redirects
9 pagead2.googlesyndication.com www.googletagservices.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.justjared.com
2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com
9 s.amazon-adsystem.com 4 redirects ssum-sec.casalemedia.com
eb2.3lift.com
9 secure.adnxs.com 9 redirects
9 c.amazon-adsystem.com www.justjared.com
c.amazon-adsystem.com
9 js-sec.indexww.com www.justjared.com
ads.rubiconproject.com
ssum-sec.casalemedia.com
df80k0z3fi8zg.cloudfront.net
8 track.adform.net 2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com
s1.adform.net
8 image6.pubmatic.com 3 redirects ads.pubmatic.com
8 www.justjared.com www.justjared.com
7 ssum-sec.casalemedia.com aax-eu.amazon-adsystem.com
ssum-sec.casalemedia.com
js-sec.indexww.com
7 prebid-server.rubiconproject.com ads.rubiconproject.com
www.justjared.com
rtb.gumgum.com
7 www.google.com 2 redirects www.justjared.com
tpc.googlesyndication.com
2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com
6 www.post.ch 4 redirects assets.bly.ch
6 img.tradedoubler.com 2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com
assets.bly.ch
6 impch.tradedoubler.com 6 redirects
6 fonts.gstatic.com fonts.googleapis.com
6 event.insticator.com d3lcz8vpax4lo2.cloudfront.net
6 ups.analytics.yahoo.com 6 redirects
6 eus.rubiconproject.com aax-eu.amazon-adsystem.com
eus.rubiconproject.com
ads.rubiconproject.com
df80k0z3fi8zg.cloudfront.net
6 sync.1rx.io 6 redirects
6 us-u.openx.net 3 redirects a.tribalfusion.com
eu-u.openx.net
6 pixel.rubiconproject.com 1 redirects a.tribalfusion.com
aax-eu.amazon-adsystem.com
6 antenna.ayads.co www.justjared.com
5 id5-sync.com 3 redirects ads.rubiconproject.com
www.justjared.com
5 df80k0z3fi8zg.cloudfront.net d3lcz8vpax4lo2.cloudfront.net
www.justjared.com
5 s.tribalfusion.com 3 redirects a.tribalfusion.com
5 b1sync.zemanta.com 5 redirects
5 g2.gumgum.com js.gumgum.com
df80k0z3fi8zg.cloudfront.net
5 ad.doubleclick.net 2 redirects sulkycook.com
www.justjared.com
4 cookie-matching.mediarithmics.com 4 redirects
4 sync.go.sonobi.com 1 redirects www.justjared.com
4 campaigns.cembra.ch assets.bly.ch
4 assets.bly.ch s1.adform.net
2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com
4 loadm.exelator.com 2 redirects ads.pubmatic.com
4 uipglob.semasio.net 2 redirects ads.pubmatic.com
4 visitor.fiftyt.com 4 redirects
4 s1.adform.net track.adform.net
s1.adform.net
4 simage4.pubmatic.com ads.pubmatic.com
4 acdn.adnxs.com ads.rubiconproject.com
df80k0z3fi8zg.cloudfront.net
4 token.rubiconproject.com 4 redirects
4 mwzeom.zeotap.com ads.pubmatic.com
4 image4.pubmatic.com ads.pubmatic.com
4 d5p.de17a.com 4 redirects
4 dpm.demdex.net www.justjared.com
ssum-sec.casalemedia.com
4 ce.lijit.com ap.lijit.com
4 pm.w55c.net 4 redirects
4 confiant-integrations.global.ssl.fastly.net d3lcz8vpax4lo2.cloudfront.net
www.justjared.com
confiant-integrations.global.ssl.fastly.net
4 prebid-a.rubiconproject.com ads.rubiconproject.com
4 pixel.quantserve.com 4 redirects
4 ad.turn.com 4 redirects
4 dfp-gateway.s-onetag.com get.s-onetag.com
4 adservice.google.com securepubads.g.doubleclick.net
4 adservice.google.ch securepubads.g.doubleclick.net
4 cs.emxdgt.com 2 redirects rtb.gumgum.com
4 bh.contextweb.com 4 redirects
4 ad.360yield.com 4 redirects
4 sync.outbrain.com 3 redirects rtb.gumgum.com
4 creativecdn.com 4 redirects
4 hbopenbid.pubmatic.com ads.rubiconproject.com
df80k0z3fi8zg.cloudfront.net
4 fastlane.rubiconproject.com ads.rubiconproject.com
df80k0z3fi8zg.cloudfront.net
4 sulkycook.com d188m5xxcpvuue.cloudfront.net
sulkycook.com
4 rules.quantcount.com 2 redirects www.justjared.com
4 d188m5xxcpvuue.cloudfront.net www.justjared.com
tradecraft.s.llnwi.net
d188m5xxcpvuue.cloudfront.net
3 eu-u.openx.net df80k0z3fi8zg.cloudfront.net
eu-u.openx.net
3 ad4m.at ads.pubmatic.com
ssum-sec.casalemedia.com
3 c.bing.com eb2.3lift.com
3 dsp.adfarm1.adition.com 3 redirects
3 dsum.casalemedia.com ssum-sec.casalemedia.com
3 a.volvelle.tech 3 redirects
3 pixel.onaudience.com 3 redirects
3 b2c.insticator.com d3lcz8vpax4lo2.cloudfront.net
3 d3lcz8vpax4lo2.cloudfront.net www.justjared.com
d3lcz8vpax4lo2.cloudfront.net
3 t.myvisualiq.net 1 redirects www.justjared.com
3 beacon.krxd.net www.justjared.com
a.tribalfusion.com
3 cdnx.tribalfusion.com www.justjared.com
a.tribalfusion.com
3 ap.lijit.com 2 redirects aax-eu.amazon-adsystem.com
2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com
3 1x1.a-mo.net www.justjared.com
3 check.analytics.rlcdn.com ads.rubiconproject.com
3 track1.aniview.com www.justjared.com
player.aniview.com
3 tags.expo9.exponential.com securepubads.g.doubleclick.net
3 d2na2p72vtqyok.cloudfront.net securepubads.g.doubleclick.net
www.justjared.com
3 2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 ssc-cms.33across.com rtb.gumgum.com
df80k0z3fi8zg.cloudfront.net
3 sync.targeting.unrulymedia.com 3 redirects
3 a.teads.tv ads.rubiconproject.com
3 tlx.3lift.com ads.rubiconproject.com
3 htlb.casalemedia.com ads.rubiconproject.com
df80k0z3fi8zg.cloudfront.net
3 sb.scorecardresearch.com 1 redirects www.justjared.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 cdn.privacy-mgmt.com www.justjared.com
cdn.privacy-mgmt.com
2 sync.aralego.com 2 redirects
2 ads.creative-serving.com 2 redirects
2 cdn.aralego.net df80k0z3fi8zg.cloudfront.net
cdn.aralego.net
2 ads.playground.xyz 2 redirects
2 a.audrte.com 1 redirects ads.pubmatic.com
2 cm.adgrx.com ads.pubmatic.com
2 green.erne.co 2 redirects
2 csync.loopme.me 2 redirects
2 a.sportradarserving.com 2 redirects
2 vht.tradedoubler.com 2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com
2 impfr.tradedoubler.com 2 redirects
2 tracking.adtracker.ch 2 redirects
2 cct.shop.post.ch 2 redirects
2 cct.connects.ch 2 redirects
2 pubmatic-match.dotomi.com ads.pubmatic.com
2 aud.pubmatic.com ads.pubmatic.com
2 rtb-csync.smartadserver.com 2 redirects
2 casale-match.dotomi.com 2 redirects
2 mug.criteo.com www.justjared.com
2 gum.criteo.com 1 redirects
2 um.simpli.fi ads.pubmatic.com
2 spl.zeotap.com 2 redirects
2 dis.criteo.com ads.pubmatic.com
2 googleads.g.doubleclick.net aa5208257b043a118cd885646456b3fa.safeframe.googlesyndication.com
2 aa5208257b043a118cd885646456b3fa.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 dh014lg6uwepv.cloudfront.net www.justjared.com
2 use.fontawesome.com www.justjared.com
use.fontawesome.com
2 fonts.googleapis.com www.justjared.com
tpc.googlesyndication.com
2 ads.yahoo.com a.tribalfusion.com
aax-eu.amazon-adsystem.com
2 sync.search.spotxchange.com 2 redirects
2 geoip.insticator.com d3lcz8vpax4lo2.cloudfront.net
2 pixel.advertising.com 2 redirects
2 tps.doubleverify.com www.justjared.com
2 player.aniview.com d2na2p72vtqyok.cloudfront.net
player.aniview.com
2 tg.socdm.com 2 redirects
2 sync.technoratimedia.com rtb.gumgum.com
2 sync.ipredictive.com 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 ads.avct.cloud 2 redirects
2 www.google.de www.justjared.com
2 stats.g.doubleclick.net www.google-analytics.com
2 p.skimresources.com www.justjared.com
2 t.skimresources.com www.justjared.com
s.skimresources.com
2 r.skimresources.com 1 redirects www.justjared.com
2 get.s-onetag.com 1 redirects www.justjared.com
2 connect.facebook.net www.justjared.com
connect.facebook.net
2 platform.twitter.com www.justjared.com
platform.twitter.com
2 message.sp-prod.net ccpa.sp-prod.net
2 edge.quantserve.com www.justjared.com
2 tradecraft.s.llnwi.net www.justjared.com
1 odr.mookie1.com ads.pubmatic.com
1 bttrack.com ssum-sec.casalemedia.com
1 biddr.brealtime.com df80k0z3fi8zg.cloudfront.net
1 ad-cdn.technoratimedia.com df80k0z3fi8zg.cloudfront.net
1 cdn.districtm.io df80k0z3fi8zg.cloudfront.net
1 connect-metrics-collector.s-onetag.com get.s-onetag.com
1 dsp.adkernel.com 2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com
1 ads.avads.net 1 redirects
1 google.ops.beeline.ru 1 redirects
1 a.c.appier.net 1 redirects
1 ads.travelaudience.com 1 redirects
1 cm.ctnsnet.com 1 redirects
1 d.adroll.com 1 redirects
1 rtb.adentifi.com ssum-sec.casalemedia.com
1 id.crwdcntrl.net ads.pubmatic.com
1 thrtle.com www.justjared.com
1 px.britepool.com 1 redirects
1 id.rlcdn.com aax-eu.amazon-adsystem.com
1 media1.giphy.com www.justjared.com
1 pixel-eu.rubiconproject.com 1 redirects
1 cms.insticator.com d3lcz8vpax4lo2.cloudfront.net
1 as-sec.casalemedia.com js-sec.indexww.com
1 ie-lb.gumgum.com www.justjared.com
1 insticator-d.openx.net df80k0z3fi8zg.cloudfront.net
1 apex.go.sonobi.com df80k0z3fi8zg.cloudfront.net
1 prebid.technoratimedia.com df80k0z3fi8zg.cloudfront.net
1 ums.acuityplatform.com 1 redirects
1 tags.bluekai.com 1 redirects
1 public-prod-dspcookiematching.dmxleo.com a.tribalfusion.com
1 aa.agkn.com 1 redirects
1 amazon-tam-match.dotomi.com aax-eu.amazon-adsystem.com
1 cs.admanmedia.com 1 redirects
1 s.ad.smaato.net 1 redirects
1 www8.smartadserver.com sac.ayads.co
1 optchk.ayads.co sac.ayads.co
1 geoworker.ayads.co sac.ayads.co
1 syndication.twitter.com platform.twitter.com
1 api.rlcdn.com js-sec.indexww.com
ads.rubiconproject.com
1 sac.ayads.co d188m5xxcpvuue.cloudfront.net
1 ccpa-service.sp-prod.net ccpa.sp-prod.net
1 ads.rubiconproject.com tradecraft.s.llnwi.net
1 ajax.googleapis.com www.google.com
1 js.gumgum.com www.justjared.com
1 b.scorecardresearch.com www.justjared.com
1 s.skimresources.com www.justjared.com
1 cdn03.cdn.justjaredjr.com www.justjared.com
1 cdn02.cdn.justjaredjr.com www.justjared.com
1 cdn01.cdn.justjaredjr.com www.justjared.com
1 btloader.com www.justjared.com
1 mediatradecraft-com.videoplayerhub.com 1 redirects
1 www.gstatic.com www.justjared.com
1 ccpa.sp-prod.net www.justjared.com
1 www.googletagmanager.com www.justjared.com
1 justjared.com 1 redirects
0 px.adhigh.net Failed 2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com
0 c.eu1.dyntrk.com Failed 2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com
0 gcm.ctnsnet.com Failed 2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com
0 google2waycm.netmng.com Failed 2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com
0 pixel-sync.sitescout.com Failed ads.pubmatic.com
0 match.adsby.bidtheatre.com Failed ads.pubmatic.com
0 api.britepool.com Failed ads.pubmatic.com
0 ssp-nj.webtradehub.com Failed www.justjared.com
0 tag.1rx.io Failed df80k0z3fi8zg.cloudfront.net
0 hb.emxdgt.com Failed df80k0z3fi8zg.cloudfront.net
0 ssc.33across.com Failed df80k0z3fi8zg.cloudfront.net
0 hb.aralego.com Failed df80k0z3fi8zg.cloudfront.net
0 dmx.districtm.io Failed df80k0z3fi8zg.cloudfront.net
0 dmp.brand-display.com Failed ssum-sec.casalemedia.com
0 bcp.crwdcntrl.net Failed ssum-sec.casalemedia.com
0 bidswitch-eu.splicky.com Failed rtb.gumgum.com
0 go1.aniview.com Failed player.aniview.com
0 p.rfihub.com Failed rtb.gumgum.com
0 match.deepintent.com Failed rtb.gumgum.com
0 prebid.a-mo.net Failed ads.rubiconproject.com
0 signal-beacon.s-onetag.com Failed get.s-onetag.com
0 onetag-geo.s-onetag.com Failed get.s-onetag.com
0 idx.liadm.com Failed js-sec.indexww.com
757 241

This site contains links to these domains. Also see Links.

Domain
www.tmz.com
twitter.com
www.justjaredjr.com
toofab.com
www.vogue.com
www.toofab.com
Subject Issuer Validity Valid
*.google-analytics.com
GTS CA 1C3		 2021-05-10 -
2021-08-02		 3 months crt.sh
*.privacy-mgmt.com
R3		 2021-06-01 -
2021-08-30		 3 months crt.sh
*.sp-prod.net
R3		 2021-05-08 -
2021-08-06		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-05-17 -
2021-08-09		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-05-10 -
2021-08-02		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-10-06 -
2021-10-06		 a year crt.sh
*.skimresources.com
DigiCert SHA2 Secure Server CA		 2020-09-10 -
2021-10-12		 a year crt.sh
*.gumgum.com
Amazon		 2020-11-14 -
2021-12-13		 a year crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-05 -
2021-11-09		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-05-10 -
2021-08-02		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-05-26 -
2021-08-24		 3 months crt.sh
*.s-onetag.com
Amazon		 2021-02-03 -
2022-03-04		 a year crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2020-08-04 -
2021-08-02		 a year crt.sh
sulkycook.com
R3		 2021-05-15 -
2021-08-13		 3 months crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-05-10 -
2021-08-02		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-05-10 -
2021-08-02		 3 months crt.sh
*.ayads.co
DigiCert SHA2 Secure Server CA		 2020-06-01 -
2022-08-04		 2 years crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-05-10 -
2021-08-02		 3 months crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2021-04-09 -
2022-03-20		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-18 -
2022-01-18		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.3lift.com
Amazon		 2020-07-04 -
2021-08-05		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
teads.tv
R3		 2021-06-04 -
2021-09-02		 3 months crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
*.outbrain.com
Thawte RSA CA 2018		 2019-10-29 -
2021-11-23		 2 years crt.sh
*.technoratimedia.com
DigiCert SHA2 High Assurance Server CA		 2020-07-28 -
2021-10-01		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-01 -
2021-09-30		 a year crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2021-05-18 -
2022-06-19		 a year crt.sh
*.google.ch
GTS CA 1C3		 2021-05-17 -
2021-08-09		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2021-02-22 -
2022-02-21		 a year crt.sh
*.aniview.com
DigiCert SHA2 Secure Server CA		 2021-02-23 -
2022-02-27		 a year crt.sh
analytics.rlcdn.com
Amazon		 2020-12-09 -
2022-01-07		 a year crt.sh
*.a-mo.net
Amazon		 2020-08-24 -
2021-09-24		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2019-06-19 -
2021-08-31		 2 years crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2020-08-28 -
2021-08-20		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-05-10 -
2021-08-02		 3 months crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-13 -
2022-01-07		 a year crt.sh
*.myvisualiq.net
Go Daddy Secure Certificate Authority - G2		 2020-12-12 -
2022-01-13		 a year crt.sh
*.doubleverify.com
Network Solutions OV Server CA 2		 2019-11-05 -
2021-12-13		 2 years crt.sh
dspcookiematching.dmxleo.com
ZeroSSL RSA Domain Secure Site CA		 2021-06-04 -
2021-09-02		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
*.insticator.com
Sectigo RSA Organization Validation Secure Server CA		 2020-08-24 -
2021-08-24		 a year crt.sh
*.freetls.fastly.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-27 -
2022-05-29		 a year crt.sh
*.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-05-27 -
2021-07-14		 2 months crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-13 -
2021-12-14		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2020-12-06 -
2022-01-07		 a year crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-04-14 -
2021-07-12		 3 months crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-29 -
2021-09-22		 6 months crt.sh
*.giphy.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-05-03 -
2022-06-04		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.thrtle.com
Go Daddy Secure Certificate Authority - G2		 2021-03-22 -
2022-04-23		 a year crt.sh
*.id5-sync.com
R3		 2021-06-01 -
2021-08-30		 3 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-03-11 -
2022-02-07		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
adentifi.com
Amazon		 2020-10-02 -
2021-11-02		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-02 -
2022-01-02		 a year crt.sh
*.semasio.net
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-09 -
2022-04-10		 a year crt.sh
*.exelator.com
Go Daddy Secure Certificate Authority - G2		 2019-05-17 -
2021-06-25		 2 years crt.sh
assets.bly.ch
R3		 2021-05-27 -
2021-08-25		 3 months crt.sh
*.tradedoubler.com
Amazon		 2021-01-27 -
2022-02-25		 a year crt.sh
www.post.ch
SwissSign Server Gold CA 2014 - G22		 2021-03-04 -
2022-03-04		 a year crt.sh
campaigns.cembra.ch
R3		 2021-05-02 -
2021-07-31		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
*.adkernel.com
Sectigo RSA Domain Validation Secure Server CA		 2020-12-22 -
2022-01-05		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2021-04-12 -
2021-10-12		 6 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
*.audrte.com
Amazon		 2021-01-26 -
2022-02-24		 a year crt.sh
districtm.io
Cloudflare Inc ECC CA-3		 2021-06-02 -
2022-06-01		 a year crt.sh
*.brealtime.com
Go Daddy Secure Certificate Authority - G2		 2020-01-22 -
2022-03-22		 2 years crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2021-03-29 -
2022-03-29		 a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-22 -
2022-03-25		 a year crt.sh

This page contains 126 frames:

Primary Page: http://www.justjared.com/
Frame ID: 5B5B48EE70D2B82C93DAD4F46FB72184
Requests: 251 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.65127093553264
Frame ID: BFEB7CDD00DC978A1518C315E22FCCA4
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=http%3A%2F%2Fwww.justjared.com
Frame ID: C1826AE891EC028AF987C6D865F52205
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-23/html/container.html
Frame ID: 0E368578CB32E7DB445DF4B285854EB8
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-smaato_gg_n-index_pm-db5_rbd_n-emx_n-acuityads_cnv_n-amobee_sovrn_3lift&dcc=t
Frame ID: 3F7A3338855A01E273ECA6C680D04F63
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D
Frame ID: 62B71AE2A98AB3EF7483D48FAC08B717
Requests: 15 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=b72660c1-5b48-4d00-bd58-4280b2d3c0b0&gdpr=0&gdpr_consent=
Frame ID: E9E99277988173BC17009CA34E202A1C
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=atm&i=YMFbSAABq73bxAA4&gdpr=0&gdpr_consent=&_test=YMFbSAABq73bxAA4
Frame ID: E2C39617FF585E792FE8ACF6F688EE22
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV81YWYzOGI3MC0zODM2LTQyODQtODcxNy0zMTkxOWEyODYxOTE=&gdpr=0&gdpr_consent=&google_tc=
Frame ID: D3BBA59BF2C693E21954CFD049B378B8
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 0AC0EB9C591EB138FED95E59AC97F12F
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Frame ID: 5B000E7791BDED062FF161032F2F490A
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=ttd&i=d2513907-50a7-4b1a-a831-996b2a9a1e2d&t=1625876552
Frame ID: 79532A416D49CCDD07BEFF973EEB1B94
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: 478FB9055F798631033F9840395C5012
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=YMFbUMCo5sEAAAls5xYAAAAA
Frame ID: B8B92CCAD3274BAF1A31B4AAED988674
Requests: 1 HTTP requests in this frame

Frame: https://p.rfihub.com/cm?pub=42796&in=1
Frame ID: 5BA41688181BEF9054CD084DE9D6B99F
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=laNMGwN03LWN1DvJ87Kd&pi=gumgum
Frame ID: E2B13FFDBD6FA44C5F7455E17EA9C595
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvhoXRMhBBu-K-Qr-JZdo_RsXrtV-pwgBtOB_quf6HrCmn99hbkOJMa7uuGmDFpafdxh1wxX-pr-TMPl9ex7YwrsCbxQ0QkbA8dnbPBY3gkvON6dpoEbafnjOJmnji6osL9K-1NACILgZpP7Cum-tgp5Co0J59UDO587YwFKfjabTUKnp7nxjGy1hQluXLvq6EH2UVSXl0IEUGv4iXsyiC9tGpPpIJ-6Pk4LHvX16O816R1INOtuEif3VfXd-NTjhAuOX9M5KPIcc-qRQMjiJu1iruNVyiz9WAF-WO1K1B5YQG2f4_3gjNSBfT9DyHfDJAZocE6kQ-we2cgwWH1n5NlhWzHhyChjji4uXo&sig=Cg0ArKJSzOLTa5PxsV2wEAE&urlfix=1&adurl=
Frame ID: 398474C8C02045C489FF150B14A84FD3
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu6nhwD3_BvzQxiQdhxjDmhhinNM8sv10lEXWtUWAJiQyH42P8IfqQzq8gQRxNAO4RDAfwQgJRqje2s78k-SjqjZalj1bjezrHQ8-BcMwR-BjBZ1TxG5gpwSoLW3hCtYizk21gWVFmI0PYYTJe7R8qYldSds5TLWRert77vsNcR5RTlpadSn5CuIgvsyG7dXVo_QStAjkdzbij3L69ZB7tDn6pCqbSrFwkyaws15RKOjp4tteOg9TD6swtPpkWFuYAJavZi1u-F-sAIwmJYIN6NTiHWb-8PfSuxnIehAERYQypR_B5-HQ0vWSqm-zgmI4mw7bQJyTmf2llOiWfltN_JsH6grZp4kFYojcy1qcMWkBWbSXJNAF0041gBDe4PRze-&sig=Cg0ArKJSzPg1GPDnieNMEAE&urlfix=1&adurl=
Frame ID: 927E80753BAAACA497F9D13A74915E7B
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstQ8stC-bJ1278OnbAB_KYJpKJrqvisNhhE8tqO2eTk3SWkmAwzLszewzqPfh5_B5-alU3yL-fbFdHTRTXFEy5-QVj5uX0vAEsAsO2XV4882B6SYy6baCfhu75eSUThrb8lkkHAoBtgJa_P8KJNiI6y69rLWBV1qagrJ8atSNi83IcVJk9tDmwTLQmE47oz8O4-AWUWeROVcKTKmbMCqAd8fsX37VzJk9jAr2uGWIniLI5Ee127XviEDfxt3CuVpT_uZn4yLAH8zGH1T_vOyTGQDCSvrGzWlnCwW8GDghQbcf1NwdmxE81a40aZr_gJ3l72JLFucghp5lh96-u9029O0E4wkFfmHI1nl4k3uWFqHFN0YRb5x59bmJbxenxBDvxO03XybnRhqdfGOYNd_Wkcjfs&sig=Cg0ArKJSzBj9kmuSGuKKEAE&urlfix=1&adurl=
Frame ID: 758EE66247E80EA382DD7B256553F47B
Requests: 13 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d8ccec528a0617cae5a0755
Frame ID: 7898E51F21EEE642700CD7136D43FEFC
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_gg_n-index_pm-db5_rbd_n-emx_n-acuityads_cnv_n-amobee_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Frame ID: C277C7B7B68347752BC9FC01CD7AF2D7
Requests: 3 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Frame ID: A4F76AF87094257989A82AA749D34756
Requests: 9 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Frame ID: 20A2FAD0A74BD09DEB9CEAF10244C81F
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID&gdpr=0
Frame ID: D7D99E6A20C7DBE40360EF128560A143
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu&gdpr=0
Frame ID: D283D051CB6B4AFFF11D047B0CD63982
Requests: 11 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=acuity.com&id=0c71ed9c9c68ee4f9bd9c101ca551552239b6451&gdpr=0
Frame ID: 6F7A41B80A4A33079F61C22D41B986F0
Requests: 1 HTTP requests in this frame

Frame: https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D&gdpr=0
Frame ID: A80615A88A45C4AADC8F8F24122DFEBC
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=amobee.com&id=2390624913052329021
Frame ID: F43947D333E8DD5100AB2A24038E0607
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Frame ID: 348812D13731B24D3AB1AE83FA88320B
Requests: 7 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=11905015314952651458
Frame ID: 85F66A4BAE8922E47EBBAE93874C4BD3
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV81YWYzOGI3MC0zODM2LTQyODQtODcxNy0zMTkxOWEyODYxOTE=&gdpr=0&gdpr_consent=
Frame ID: D62D5942ED22C53153BFBFFA516E01D3
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: EEE11A135124A126F2D738AB6E8600BB
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Frame ID: BB850FA80A147CF9648EF287E2372D92
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: 310F398A076DC1D04EEB3DEB34533F33
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=YMFbUMCo5sEAAAls504AAAAA
Frame ID: E0920DCF42BA97B38CA267CD4B40701C
Requests: 1 HTTP requests in this frame

Frame: https://p.rfihub.com/cm?pub=42796&in=1
Frame ID: 9A1231BA4528FF59770C1F6DBF3A19BA
Requests: 1 HTTP requests in this frame

Frame: http://a.tribalfusion.com/p.media?clickID=anmTw7Rr6oPHvdWVM22rToodItXTXn3d3ZdQVFZc4mQZamdApTHJ6YrnkXUbjXTeNRUJEWFJYVdYWmUYvPFjs1EMt5aFe4q3PmqMKXFUcWHJVoAnBnGrqmWnE2qZbg5tiN5PjFnbbG0VMS1cYV1cjypabQ5UUPWUFBVP31QTb1ScUMQdUNYtZbuWPvM3VQWYrZbKVmPt2AB8PPBA3dMq0tBApd2o363y5FnQqZcLLfX&mediaDataID=4056396&mediaName=frame.html
Frame ID: E180014157FD1FDE18970F822FFECE53
Requests: 4 HTTP requests in this frame

Frame: http://a.tribalfusion.com/p.media?clickID=aomTw7T6Mu4sY3XUrZcU66p2PrbPmjD3HrO0HnCndEv36YV5cr7UsQjVcBiP6YnUWFTWbr03rZauWTbxVEQdSTvZcScBZcPbExRH7kVcbP2FTrodiOXqXw3HMFPsrH2mUHotZaOTHQf0rMd1UF91E6mPUUCWUQ5WdMXnbjqQFrq1E3y5EUl2aURnEBAXUf6TdMQoAUZapVjmotUD2qMg3WmN3AvGprv7Xrr7tqmH7N&mediaDataID=5436426&mediaName=frame.html
Frame ID: B33F07F09D9EDD34AD11F908BFF7B8E9
Requests: 4 HTTP requests in this frame

Frame: http://a.tribalfusion.com/p.media?clickID=apmTw7oTbD1rZb9UdJSnAQIpGUupt7C3Tr73dAy5A7ZbprMLXVnQXs3V1GFOpab33bFUTUvEWPnTPajSQsUrStjN1HfqVmYn3GBWYbZbZaVmXq2PUeQP7G2Wvm1dBLpdAo5mU05cjeVs3aUc78SmQOWWYRWrj22retVaQsWEJbSTYFSGQJRrZavSdjdVVYR5b6oodIo0aav2WYFPsFH4PJHmdXyVWZbZcXVrUt12ZatH&mediaDataID=6807466&mediaName=frame.html
Frame ID: FD4F5CA908024A771BA70BBF53A76BCE
Requests: 4 HTTP requests in this frame

Frame: http://a.tribalfusion.com/p.media?clickID=aqmTw7PHvdUVMV2Umsotus0qXO4tQBQVZbZa46vFodAtVWJaXrnbXFB91aIpPUUZcUbB0TdB3mbBxPrMyYT3q3Tjl4Tn4mEBKXbUhTtMWoA3ZdpGvwptMB5qMj2Hmr3AbGnbnHXVfX1sQ5XGbnmqjS5bYSTF7CVPU1QTY4PsZbtStZbr1dvpT6Qp3srXYFnBUPip2PnbRmnA2dnr1dnLnH2o36BY3snZdTUUVq6JEl0&mediaDataID=7665496&mediaName=frame.html
Frame ID: 02CCAD17B930CA7CC764D20C3A18FBD9
Requests: 4 HTTP requests in this frame

Frame: http://a.tribalfusion.com/p.media?clickID=armTw74sY40UUKV6ys4Av7R6nA3tnr1dvAntim56YR3srbTsQcVsb8SPvyWWY4UbMY5rToWaMvVqBjQEYZbQVfJPFerRW3kVsb35r6qodAn0qmp3WrEPsJF5AJZamdEyTHFeXrfi1FZbgXaeMSF3AWb32TtY1nbbqQFJnXTFs3TZba4q7YoTJI1FJ7WWFUn6fIpG3tmWbD3qnh2HAr56vGprbE0GrOYUYjvto2Jw&mediaDataID=8039566&mediaName=frame.html
Frame ID: 58AC1B2F17AAF04E611F3FAE13615489
Requests: 4 HTTP requests in this frame

Frame: http://a.tribalfusion.com/p.media?clickID=asmTw71rZb8WHbSn67KnGrpmH3G5Trf2HIN5PJEnrMZd0GnUYs331V7nmTFP5bY5VrnHUPf4PTrQQGFOQdZbMYtBpVPrO2cMWYUZbBUAir2PvcR6bK2WFp0tvJmW2v363Y5cvfTsJlUsfhPPYoTHQPWF755bZaqVaYsWEr6PEBZdQVJCPbuoPHUiVsrP5FupnHqs0qTN4tfFQsJG5AvZaoHXyVWQh0brLYcFXsPCYuK&mediaDataID=6347136&mediaName=frame.html
Frame ID: 77192B96B17AF55B6FA961D14BA1E31D
Requests: 4 HTTP requests in this frame

Frame: http://a.tribalfusion.com/p.media?clickID=atmTw7UVMT2FunmHAMYT6w4drEPsBA2AnHoteNTWJ60bn7YFBe1qiMSbrDWb3PVHJ4obYnPFbNYaZbN5EZbi2aYYmajEYbfhWWM0nmfZcpGUqmHnJ3a3e3Wet4mvZbprvEXVMYYsFTXVjupTb42rQQTrjBUAnXQTQ4PsnoPdUOYt7uVmbu4srUXrMJTm2o5mZb7R6BH4HBr0dMKmWiv5ABY3sjgVcUIWU7YmAmwed&mediaDataID=2713736&mediaName=frame.html
Frame ID: DF73A9DAB47675FA4BF923911EB4AAEB
Requests: 4 HTTP requests in this frame

Frame: http://a.tribalfusion.com/p.media?clickID=aumTw70UUIVmqn2AU7P6jD4Wvo1WrKmdao5mn15sr7VcQ8WsbfSA3oTdvSWF7S3r2nUabpVEYlQqJHSGJKRrAoRtn6WG3T4r6vnWqm0q2M4dMZdPsfG4PrLpWXtVWZbhXrMjYFY7Xq6qPbUZbTrU4THUXorBtQFBnXTvp4EUk2avRmEMD1r7fTdFPmm7Jmc7pmHUE5TBh3HZaq4mJZbnUbE0Gf01cYp0rbKtUAuAt&mediaDataID=6530936&mediaName=frame.html
Frame ID: 153B6E7A911B2FEF5005468DB1D2681C
Requests: 4 HTTP requests in this frame

Frame: http://a.tribalfusion.com/p.media?clickID=avmTw7WHbSoAnKpVrsmWbA5Evi5dep4ABGnbUGXGnQ1c3Y0V7wmE742UvRTrjZbWP73RTj1Qs3MQW3t1d7mT63u2GQYXFrITPiu56ZbdR6JE4WUO1d3Kmtem4PBR3sngTs3kWsM6PAQxWdY3TUf35UAtUqMrWEM6PEMKRGQIRr6vRW7dUVQ55bXqnHZaMYTew4dYCSVvG4ArZbpWetTtQh0bfk1UFG0WeGq8wobC&mediaDataID=6546596&mediaName=frame.html
Frame ID: 307A2AFC07BA03AA8091C319B7E57C61
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsur9kLoRr-laqiisyPqIel3Yx54xzyFCyzPdesmazFveH88qiJlogZUpUK0eC8eUNiUuZ44gERDnngyfpwCjZf0MvG54OM4hp2otYJfN4VxDk_FdKsIkYyJbwJNz4b2JS8t80DBwJRcG9bEZCt2Pxq2RafdUlcDJrEBBytO969-OEihYfvxlbf867jmO6zolDR53n5z4nRsvUkzzyBeqUcZUWLA281lYS8GiaJk3nMoVjI64PnvFXgp07m-ArFjrWM5mXXvXht3zWG9vW9DNcEdUzIxfaVfw7pzj3vcKIx1pE2Uhw07qB_zgpAtPhnJPhG96Cv9hQsvNP2ozuxMyywIYH-8stBbYtAfy6jiycf_sy1r-yBomiVVhMlLLMSnqQXiuI9bfAJtptB726SzPwXczu3Ha5zzYJY&sig=Cg0ArKJSzCx6NXQlb30VEAE&urlfix=1&adurl=
Frame ID: C77FCB1ADBA0ABDBC074F0217D70FE18
Requests: 17 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuC09k3ybMTlLwbbpYQe4r1k-wjdaniSgIiGc2xFl8GaifFDW__49R0kAqbgW4-idVuDvT40SYvmpf_U0RVsemCQcMc2h_rhV6uJ3kJQ0dbCkv9YwoNJE-bClFSEMAj8Bmct6Mvy2ySfzA9Kr1uspW90bNQabT7MqMT86m5qIbOp2u1v8Vy5mBAST855AJWzkTxL5JkWUIrcVV0zOQ5xymkKermCfRydYc_QAco2NJErD4XtBuANYfQYJ4DFbAuS2WJT_HLJcsyGBUmp2nHz1sJgRMuBCuf2_KZjLc9CYIw7jW7eH6GZnMeN3roB8Cr3ge64wbpSxp-uMChuhIlSiaxQMg8OnQ-5YtvbfDBYOVA68D6CQ&sig=Cg0ArKJSzKnlfXl0VBsQEAE&urlfix=1&adurl=
Frame ID: 9F27438371A9F43560F1E1EBEE71DB09
Requests: 2 HTTP requests in this frame

Frame: https://b2c.insticator.com/v3/pages/usertracking
Frame ID: 80251A23D8A40887A45938290709C134
Requests: 1 HTTP requests in this frame

Frame: http://a.tribalfusion.com/p.media?clickID=ammTw72avYoTbAXUZbcWWfQoA7ImsQopHQJ3TM93ter3A7JnbMIXcn0XcvXXsbonavW5FZbVVU7ZcW6fVPTMYScrsQHFv1t7sTPbn3GB00UvZbVmqw56nhPAfJ3dZbqXW3AntIn5mB13cv9VcUjVGflP6YMWdUQTbJ52r6tVajpTTQlQEBZcQVbCRb6sPtjbVsbV2F2soturXETv3WUEQcrZa2mJHmdEYTaZbPyyA9Tg&mediaDataID=9148826&mediaName=frame.html
Frame ID: 8A2C12362E3BC5C267F06F4876E761A8
Requests: 4 HTTP requests in this frame

Frame: http://a.tribalfusion.com/p.media?clickID=anmTw7Rr6oPHvcWGQV5b2oodAyYTyy3W3ZdQVFZc4mQZamdApTHJdXFnkXUbjXTeNRrJEWFJYVdYWmUYvPFjs1EMt5aFe4av2oEMKXFUcWHJVoAnBmsMqpWQA2qZbg5tiN5PjFnbbG0VMS1cYV1cjypabQ5UUPWUFBVP31QTb1ScUMQdUNYtZbuWAUv4cn0YrZbKVmPt2AB8PPBA3dMq0tBApd2o363y5FnQpmFBjU&mediaDataID=6719746&mediaName=frame.html
Frame ID: 52FD9E65DE8B431E810A9E31FD51EB29
Requests: 4 HTTP requests in this frame

Frame: http://a.tribalfusion.com/p.media?clickID=aomTw7T6Mu4sY5XbBBTmap2PrdPP7G4drO0HnCndEv36YV5crcTGQjVcBiP6YnUWFTWbr03rZauWTbxVEQdSTvZcScBZcPr6qRt7kVcbP2FTrodiOXq2N2HjHPsrH2mUHotZaOTHQf0rMd1UF91E6mPUUCWUQ5WdMXnbjqQFrq1E3y5EUl2aURnEfDXrF9TdMQoAUZapVjmotUD2qMg3WmN3AvGprv7Xrr7pM5wrX&mediaDataID=5207316&mediaName=frame.html
Frame ID: 2C92ED3F48E3E7355F577D8F0F97C5CC
Requests: 5 HTTP requests in this frame

Frame: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/0eb717a5-edb3-4ba3-8a50-e9f78184d544.js
Frame ID: EAC2BDEC0EF94FDE181FEA1009180854
Requests: 17 HTTP requests in this frame

Frame: http://edge.quantserve.com/quant.js
Frame ID: D7373926A38D7AF2E9129B1356F420E9
Requests: 2 HTTP requests in this frame

Frame: https://aa5208257b043a118cd885646456b3fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: DDEA5625E6591CCB9AB1372C2F1A453F
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4820968453026349056/index.html
Frame ID: 65C81361F5FD8C177363056BBB77FD4D
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 1FD9D9E4758269B3E3C32363DF6C0DAE
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: 59054298807336574A42504453532319
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 75409BE6A54034CEFAC6E1EF7B52E570
Requests: 1 HTTP requests in this frame

Frame: https://b2c.insticator.com/v3/pages/usertracking
Frame ID: B5A032781A8F4B61E71948F3917FA979
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 2804F92E2667D75F64BC57C752B97BB5
Requests: 14 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: CE4729A890B65685EA2F8141EE444820
Requests: 16 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: DCB11B0EF0F0A6EF1DF79753BF148670
Requests: 22 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=243001C2-55CB-49FA-8475-D0132988CDB5
Frame ID: 635330BB4ADE51E8B3F5C6515A2106B2
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3987235876482715318
Frame ID: F34BDE0C1A1783A65DC8B5B1796242A7
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 3F67B129911C1BADAA2E8BBC4B8DC6B4
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=pbm&i=243001C2-55CB-49FA-8475-D0132988CDB5
Frame ID: 38C3D3A7BE4324E324E14DF8FC2A3FD1
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: EEF23F67B2E1F2965B207181AE3A3E9F
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 1CAD0EB80BCCBBCBF617D4985000F27C
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: AFACECF7FC7939BCBE286709C6AE5A11
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 204E13C6833F602746FE89B7A6C352C1
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 5015BEC3C207247CC9A39C38EB5EB8E3
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: E224DB8DD9F32EFBEAF29E8D0C85BE9E
Requests: 6 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 4FD5812196C6FEE08B3EFF6863B9D0D3
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 8559DCE706D5749D6977A3DC8427139E
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: D9C687CB6F162ACD4C9758F0998286CB
Requests: 11 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 1DB14EF338741A374DDA0A12FA716F52
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 5961E84045E4F6AE7D750E9B2712F9CE
Requests: 12 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 91D3B8DC33B83A18FA5234E5532A3EEC
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 64BC9CEA6FD6AD1685A1E1390F208062
Requests: 4 HTTP requests in this frame

Frame: https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F63DB6F854595D2C6FFD2D3EE132799D
Requests: 18 HTTP requests in this frame

Frame: https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 65533D5652A2F71E28F73E5463E56A49
Requests: 18 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: B2F4D8FFCC179EEC2960F2AA6FA32D09
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: A3D077C02088B70BE21F3450AB75EAE7
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 0ED85CA595E8AF6651DA9AE30B1E1A97
Requests: 10 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6971954097301878934
Frame ID: 597615095D4EA70A77425172A4B2270E
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAAzRk7BgrcAADMcIDorAA
Frame ID: D6DEB373F85788A520F8BA5478D15607
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=pbm&i=243001C2-55CB-49FA-8475-D0132988CDB5
Frame ID: B621FC02225ADCC94642675CEC0B74F4
Requests: 1 HTTP requests in this frame

Frame: https://www.post.ch/de/
Frame ID: A55B35A9644879830E0D16853E722A48
Requests: 1 HTTP requests in this frame

Frame: https://img.tradedoubler.com/images/inv.gif
Frame ID: 9A98256C6280823650DA1DFC09C91EFC
Requests: 1 HTTP requests in this frame

Frame: https://img.tradedoubler.com/images/inv.gif
Frame ID: 7F67D409B5A1A37BC84C0447C5B7043E
Requests: 1 HTTP requests in this frame

Frame: https://campaigns.cembra.ch/campaigns/de/connects/index.html?ap=116404
Frame ID: 54E0CD71FE7CD68A819DA65DFD71FC58
Requests: 1 HTTP requests in this frame

Frame: https://campaigns.cembra.ch/campaigns/de/cumulusmc_pv/index.html?version=14010&ap=116404
Frame ID: 298316013BD241AFC0424B4802DA31AA
Requests: 1 HTTP requests in this frame

Frame: https://www.post.ch/de/
Frame ID: 4B5E137E9E54845A09297B2EC8759616
Requests: 1 HTTP requests in this frame

Frame: https://img.tradedoubler.com/images/inv.gif
Frame ID: 7FD2D012A8462EF1CDA7829BDB659841
Requests: 1 HTTP requests in this frame

Frame: https://img.tradedoubler.com/images/inv.gif
Frame ID: 5F7188CFF7856A092AEEB8DE47DE1E05
Requests: 1 HTTP requests in this frame

Frame: https://campaigns.cembra.ch/campaigns/de/connects/index.html?ap=116404
Frame ID: DE84C2B2CBAB3CD5EA78DE6FC834C1ED
Requests: 1 HTTP requests in this frame

Frame: https://campaigns.cembra.ch/campaigns/de/cumulusmc_pv/index.html?version=14010&ap=116404
Frame ID: 6471AA11F5BEDB6593825FE851927449
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A1CD3BD4E5276295A87268552F04012D
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8C369C741612E482F5F78D9F572E44F1
Requests: 9 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-d3cf6f02-c298-4587-af1e-2543bca75a6b-003
Frame ID: 8E32486234903FE51C47114E56009E14
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Frame ID: 5E5B001A778E022E6930B75CFDF6E05C
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=9mUSOjxkm4Y6koMrynzoW81W
Frame ID: 7C2B71BA38CF0253E2ADC8229C6E885D
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: D35CDD7F7E994F5AC03B77CDB4630DA1
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 6EEB3AAC8F87A262B583146091D863C6
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: ED22364EA2B5F831667398841449B970
Requests: 2 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/sync.html
Frame ID: 009975162429AEB2F9B8C17438D6B2BB
Requests: 2 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 4FC7BCAA38E4B81CC111E9110CD58BE1
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: E4CE6C4C482EA8032B2AA844A5C46A6F
Requests: 2 HTTP requests in this frame

Frame: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_3.27.1
Frame ID: B242997EA2DB6183857E82549F099B20
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=atx4xsU7Or6R0PaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 14C04E2D6EDE750324A2546AFB2D6F13
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 9BF592FF7F03097525BBE131841817CA
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: A2EC466CA12158DC511168981179840F
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 722CD73E2B1F883F9835DBCB7E2E32B0
Requests: 2 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=76f82d4b-8581-44b9-85f2-34f5ab6622df&gdpr=0
Frame ID: BC6BB949CBE19470BD915916422D6791
Requests: 7 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 4CC796F37510BD63CFF98F8EE2A841FA
Requests: 10 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=DFD26154-CAF9-4A9B-A4C8-0A3924C365A8
Frame ID: 5159A89AB8ABD73C68B7BBAD261DB043
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3987235876482715318
Frame ID: BEF6DA05F04DBBB5783C1BC857C6B912
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: A6698111208A68252AE7C6E11C4F4FA8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6971954144548550799
Frame ID: FA506C3AAE0A5A04EA64CE567C4D449D
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEOEE7BgrcAADLifD7mHw
Frame ID: 6AD849F3AE21ED82BE2C5096965936F7
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-d3cf6f02-c298-4587-af1e-2543bca75a6b-003
Frame ID: 2B922CB23E2E443B6D9899E155D0A6ED
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Frame ID: 6C3738E8586405EDE37291BF04F252EB
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?id=DFD26154-CAF9-4A9B-A4C8-0A3924C365A8&ex=pubmatic.com
Frame ID: DB0684E0800E6E0F2B43969FDB69CA2A
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=9mUSOjxkm4Y6koMrynzoW81W
Frame ID: F46BC72A1C125C528BCFAF5F5E4B95BE
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: CFB462F8D4F8F61A29590F1C097D02B0
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 612C7C48638D01F9CFEC6123154A6E4B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://justjared.com/ HTTP 301
    http://www.justjared.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

757
Requests

78 %
HTTPS

24 %
IPv6

141
Domains

241
Subdomains

149
IPs

13
Countries

5648 kB
Transfer

16548 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://justjared.com/ HTTP 301
    http://www.justjared.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • http://www.google.com/jsapi HTTP 301
  • https://www.gstatic.com/charts/loader.js
Request Chain 14
  • http://mediatradecraft-com.videoplayerhub.com/galleryloader.js HTTP 301
  • https://btloader.com/tag?h=mediatradecraft-com&upapi=true
Request Chain 79
  • http://connect.facebook.net/en_US/sdk.js HTTP 307
  • https://connect.facebook.net/en_US/sdk.js
Request Chain 83
  • http://get.s-onetag.com/7e8b2caf-3c72-4be6-9c44-36b91a473863/tag.min.js HTTP 301
  • https://get.s-onetag.com/7e8b2caf-3c72-4be6-9c44-36b91a473863/tag.min.js
Request Chain 86
  • https://r.skimresources.com/api/ HTTP 307
  • https://r.skimresources.com/api/?xguid=01F7SMS3H7ETN84587F046JJD6&persistence=1&checksum=a340d0aaebca6013d9b090cc6be777caebaa49ca5279bba7191da2479dea205a
Request Chain 95
  • http://rules.quantcount.com/rules-p-2bXhGE9g7fCno.js HTTP 301
  • https://rules.quantcount.com/rules-p-2bXhGE9g7fCno.js
Request Chain 115
  • https://sb.scorecardresearch.com/b?c1=7&c2=31732370&c3=874156489745619&ns__t=1623284552080&ns_c=UTF-8&cv=3.5&c8=Celebrity%20Gossip%20and%20Entertainment%20News%20%7C%20Just%20Jared&c7=http%3A%2F%2Fwww.justjared.com%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=31732370&c3=874156489745619&ns__t=1623284552080&ns_c=UTF-8&cv=3.5&c8=Celebrity%20Gossip%20and%20Entertainment%20News%20%7C%20Just%20Jared&c7=http%3A%2F%2Fwww.justjared.com%2F&c9=
Request Chain 120
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-smaato_gg_n-index_pm-db5_rbd_n-emx_n-acuityads_cnv_n-amobee_sovrn_3lift HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-smaato_gg_n-index_pm-db5_rbd_n-emx_n-acuityads_cnv_n-amobee_sovrn_3lift&dcc=t
Request Chain 156
  • https://pixel.rubiconproject.com/exchange/sync.php?p=rp-pbs&gdpr=0&gdpr_consent=&account=21666&us_privacy= HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=rubicon&account=21666&uid=KPQ5PKTL-V-4HSC&gdpr=0
Request Chain 157
  • https://creativecdn.com/cm-notify?pi=rp-pbserv HTTP 302
  • https://creativecdn.com/cm-notify?pi=rp-pbserv&tc=1 HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=rtbhouse&uid=laNMGwN03LWN1DvJ87Kd&pi=rp-pbserv&tc=1
Request Chain 161
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID HTTP 302
  • https://rtb.gumgum.com/usersync?b=apn&i=7761284304466057866
Request Chain 162
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_5af38b70-3836-4284-8717-31919a286191&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_5af38b70-3836-4284-8717-31919a286191&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2 HTTP 302
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=0b002104-6c20-4d93-a3fa-bf91feb3dacd&ssp=gumgum2 HTTP 302
  • https://rtb.gumgum.com/usersync?b=bsw&i=28089516-6d3a-4447-b279-e92369718e38
Request Chain 163
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28tt8WV8RwTQ2LP4UAW-b9CNu2vzWeTXmTdzqcGo_M1Aq7oc5ViHhU2b-FCD_6sew2%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28tt8WV8RwTQ2LP4UAW-b9CNu2vzWeTXmTdzqcGo_M1Aq7oc5ViHhU2b-FCD_6sew2%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_5af38b70-3836-4284-8717-31919a286191&obuid=ENC(tt8WV8RwTQ2LP4UAW-b9CNu2vzWeTXmTdzqcGo_M1Aq7oc5ViHhU2b-FCD_6sew2) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=icco6m5&ttd_tpi=1$CMP HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=ttd&uid=d2513907-50a7-4b1a-a831-996b2a9a1e2d
Request Chain 164
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=opx&i=529d47fe-bd6d-45db-887d-93fc7601f5b4
Request Chain 165
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=sta&i=0-ada90c0d-ed01-46ed-43f4-368459c57f78$ip$185.156.175.107
Request Chain 166
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=oth&i=y-4JiinnhE2pfiXALTIPn7HsKZ.M66Xzba6vvw~A
Request Chain 167
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=vnt&i=fc2d18db-c981-11eb-8083-5d9004511ec3
Request Chain 170
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_5af38b70-3836-4284-8717-31919a286191&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=0
Request Chain 171
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=idi&i=f0c200a6-600f-4ea8-afec-d51b7d80d7a2
Request Chain 172
  • https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8639096965 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/d2513907-50a7-4b1a-a831-996b2a9a1e2d HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-4b6b31cb-0c5c-402c-be96-53a916fee2fa-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-4b6b31cb-0c5c-402c-be96-53a916fee2fa-003 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rhy&i=RX-4b6b31cb-0c5c-402c-be96-53a916fee2fa-003
Request Chain 173
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://rtb.gumgum.com/usersync?b=pln&i=7UuxSOkeBCcM&ev=1&pid=558355
Request Chain 175
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://rtb.gumgum.com/usersync?b=mmh&i=b72660c1-5b48-4d00-bd58-4280b2d3c0b0&gdpr=0&gdpr_consent=
Request Chain 176
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YMFbSAABq73bxAA4 HTTP 302
  • https://rtb.gumgum.com/usersync?b=atm&i=YMFbSAABq73bxAA4&gdpr=0&gdpr_consent=&_test=YMFbSAABq73bxAA4
Request Chain 177
  • https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV81YWYzOGI3MC0zODM2LTQyODQtODcxNy0zMTkxOWEyODYxOTE=&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV81YWYzOGI3MC0zODM2LTQyODQtODcxNy0zMTkxOWEyODYxOTE=&gdpr=0&gdpr_consent=&google_tc=
Request Chain 180
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=ttd&i=d2513907-50a7-4b1a-a831-996b2a9a1e2d&t=1625876552
Request Chain 182
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://rtb.gumgum.com/usersync?b=sus&i=YMFbUMCo5sEAAAls5xYAAAAA
Request Chain 184
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://rtb.gumgum.com/usersync?b=rth&i=laNMGwN03LWN1DvJ87Kd&pi=gumgum
Request Chain 219
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com/s%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smaato.com&id=5afd5761cde011039857
Request Chain 220
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dbrealtime.com%26id%3D%24UID&gdpr=0 HTTP 302
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dbrealtime.com%26id%3D%24EMXUID HTTP 302
  • https://cs.emxdgt.com/umcheck?apnxid=7761284304466057866&redirect=https://aax-eu.amazon-adsystem.com/s/ecm3?ex=brealtime.com&id=$EMXUID HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=brealtime.com&uid=7761284304466057866brt44261623284553958665f1
Request Chain 225
  • https://cs.admanmedia.com/sync/amazon?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dacuity.com%26id%3D%24UID&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=acuity.com&id=0c71ed9c9c68ee4f9bd9c101ca551552239b6451&gdpr=0
Request Chain 227
  • https://ad.turn.com/r/cs?pid=64&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Damobee.com%26id%3D%23USER_ID%23 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=amobee.com&id=2390624913052329021
Request Chain 228
  • https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0 HTTP 302
  • https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Request Chain 229
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=11905015314952651458
Request Chain 230
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_5af38b70-3836-4284-8717-31919a286191&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=28089516-6d3a-4447-b279-e92369718e38
Request Chain 231
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=sta&i=0-4f726f1d-b263-4f7b-7a92-d1b0eef6745c$ip$185.156.175.107
Request Chain 232
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=vnt&i=fc3f1a55-c981-11eb-b51e-0b7b74916066
Request Chain 235
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_5af38b70-3836-4284-8717-31919a286191&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=0
Request Chain 236
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=idi&i=f0c200a6-600f-4ea8-afec-d51b7d80d7a2
Request Chain 242
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://rtb.gumgum.com/usersync?b=sus&i=YMFbUMCo5sEAAAls504AAAAA
Request Chain 246
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YMFbSGKU0Ksl-eiRobrDDQAABF0AAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEOWuD_KGZwqGHFpcTyVNtj4&google_cver=1
Request Chain 247
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YMFbSGKU0Ksl.eiRobrDDQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHhPXQd2pOKdVH6pCJNSVpw&google_cver=1&google_hm=2
Request Chain 249
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=X8pH7lyYEOZEmxLnD84Jul3LHL5EnxfmDclbhijA
Request Chain 250
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YMFbSAABq73bxAA4
Request Chain 265
  • https://ad.doubleclick.net/ddm/trackimp/N1153793.3739983VDX.TV/B25815549.304512015;dc_trk_aid=497111762;dc_trk_cid=149936816;ord=500371489;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N1153793.3739983VDX.TV/B25815549.304512015;dc_pre=CJGHkZrmi_ECFTXXEQgdG9QMuw;dc_trk_aid=497111762;dc_trk_cid=149936816;ord=500371489;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=
Request Chain 267
  • https://t.myvisualiq.net/impression_pixel?r=500371489&et=i&ago=212&ao=993&aca=25815549&si=6596925&ci=149936816&pi=304512015&ad=497111762&advt=9642282&chnl=-7&vndr=115&sz=9675&u={AuctionID};&viq_did=%pdevice=!;&pt=I HTTP 302
  • https://t.myvisualiq.net/ul_cb/impression_pixel?r=500371489&et=i&ago=212&ao=993&aca=25815549&si=6596925&ci=149936816&pi=304512015&ad=497111762&advt=9642282&chnl=-7&vndr=115&sz=9675&u={AuctionID};&viq_did=%pdevice=!;&pt=I
Request Chain 277
  • https://cm.g.doubleclick.net/pixel?google_nid=exp&google_cm&google_sc&google_ula=2786954&google_hm=18072662182946732675 HTTP 302
  • https://a.tribalfusion.com/i.match?p=b6&u=adx&google_gid=CAESEPufMOzq1XtewYLe3Ou4nQw&google_cver=1&google_ula=2786954,0 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=adx&google_gid=CAESEPufMOzq1XtewYLe3Ou4nQw&google_cver=1&google_ula=2786954,0
Request Chain 279
  • https://aa.agkn.com/adscores/g.pixel?sid=9212295768&_puid=18072662182946732675 HTTP 302
  • https://a.tribalfusion.com/i.match?p=b23&u=164900603813000002667 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b23&u=164900603813000002667
Request Chain 281
  • https://a.tribalfusion.com/i.match?p=b22&u=18072662182946732675&redirect=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dexponential%26partner_uid%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b22&u=18072662182946732675&redirect=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dexponential%26partner_uid%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662182944508513
Request Chain 283
  • https://a.tribalfusion.com/i.match?p=b10&u=18072662182946732675&redirect=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b10&u=18072662182946732675&redirect=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662182946826614&expires=180
Request Chain 285
  • https://pixel.advertising.com/ups/57628/sync?uid=18072662182946732675&_origin=1&redir=true HTTP 302
  • https://pixel.advertising.com/ups/57628/sync?uid=18072662182946732675&_origin=1&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662182946732675&_origin=1&redir=true&apid=UPf3c79711-c981-11eb-8a62-023b6a5161f8 HTTP 302
  • https://a.tribalfusion.com/i.match?p=b17&u=UPf3c79711-c981-11eb-8a62-023b6a5161f8
Request Chain 287
  • https://a.tribalfusion.com/i.match?p=b24&u=18072662182946732675&redirect=https%3A%2F%2Fpublic-prod-dspcookiematching.dmxleo.com%2Fdspreply%3FdspId%3D15%26dspUserId%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b24&u=18072662182946732675&redirect=https%3A%2F%2Fpublic-prod-dspcookiematching.dmxleo.com%2Fdspreply%3FdspId%3D15%26dspUserId%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662182944329157
Request Chain 302
  • https://tags.bluekai.com/site/4229?id=18072662182946732675&redir=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db3%26u%3D%24_BK_UUID HTTP 302
  • https://a.tribalfusion.com/i.match?p=b3&u=Q0C2vy9999emuXaQ
Request Chain 304
  • https://us-u.openx.net/w/1.0/cm?id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537141727%2526val%253D%2524TF_USER_ID_ENC%2524%26u%3D HTTP 302
  • https://a.tribalfusion.com/i.match?p=b12&redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=ac9b9233-0007-4413-985d-3df64c8f0cce HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662182946879246
Request Chain 306
  • https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=131&external_user_id=18072662182946732675&cb=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db20%26u%3D HTTP 302
  • https://a.tribalfusion.com/i.match?p=b20&u=YMFbSGKU0Ksl.eiRobrDDQAA
Request Chain 319
  • https://ad.doubleclick.net/ddm/trackimp/N1153793.3739983VDX.TV/B25944579.304320042;dc_trk_aid=496913219;dc_trk_cid=151507519;ord=500373157;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N1153793.3739983VDX.TV/B25944579.304320042;dc_pre=CNGLkZrmi_ECFYTnuwgdJcIHwA;dc_trk_aid=496913219;dc_trk_cid=151507519;ord=500373157;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=
Request Chain 331
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D18072662182946732675%2526r%253Dhttps%25253A//a.tribalfusion.com/i.match%25253Fp%25253Db11%252526u%25253D%252524%25257BPUBMATIC_UID%25257D HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D18072662182946732675%2526r%253Dhttps%25253A//a.tribalfusion.com/i.match%25253Fp%25253Db11%252526u%25253D%252524%25257BPUBMATIC_UID%25257D&rdf=1 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw&piggybackCookie=18072662182946732675&r=https%3A//a.tribalfusion.com/i.match%3Fp%3Db11%26u%3D%24%7BPUBMATIC_UID%7D HTTP 302
  • https://a.tribalfusion.com/i.match?p=b11&u=243001C2-55CB-49FA-8475-D0132988CDB5
Request Chain 333
  • https://sync.search.spotxchange.com/partner?adv_id=8731&uid=18072662182946732675&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db19%26u%3D$SPOTX_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8731&uid=18072662182946732675&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db19%26u%3D$SPOTX_USER_ID&__user_check__=1&sync_id=f41743a1-c981-11eb-ae84-194044dd0506 HTTP 302
  • https://a.tribalfusion.com/i.match?p=b19&u=f4174368-c981-11eb-ae84-194044dd0506
Request Chain 338
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=bidswitch&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D79%26user_id%3D_wfivefivec_%26expires%3D30%26ssp%3Dfmx%26bsw_param%3D28089516-6d3a-4447-b279-e92369718e38 HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&st=bidswitch&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D79%26user_id%3D_wfivefivec_%26expires%3D30%26ssp%3Dfmx%26bsw_param%3D28089516-6d3a-4447-b279-e92369718e38 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=79&user_id=286l9JDr1LR8sY5&expires=30&ssp=fmx&bsw_param=28089516-6d3a-4447-b279-e92369718e38 HTTP 302
  • https://ce.lijit.com/merge?pid=26&3pid=28089516-6d3a-4447-b279-e92369718e38
Request Chain 339
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=86&3pid=laNMGwN03LWN1DvJ87Kd&pi=sovrn&gdpr_consent=&gdpr=0
Request Chain 340
  • https://ums.acuityplatform.com/tum?umid=27&uid=276ff8e138bba4aa5ae5ff82&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=66&3pid=584457098739
Request Chain 341
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=49&3pid=7UuxSOkeBCcM&ev=1&pid=558511&gdpr_consent=&gdpr=0
Request Chain 342
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=Mjc2ZmY4ZTEzOGJiYTRhYTVhZTVmZjgy&gdpr=0
Request Chain 396
  • http://rules.quantcount.com/rules-p-00TsOkvHvnsZU.js HTTP 301
  • https://rules.quantcount.com/rules-p-00TsOkvHvnsZU.js
Request Chain 397
  • https://id5-sync.com/s/441/9.gif?puid=e_9cfc47e5-d880-4d32-b76a-dcf8c5c95563&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/441/9/1.gif?puid=e_9cfc47e5-d880-4d32-b76a-dcf8c5c95563&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO07tTqx4uh3NMXsYgMN1YKtDBm4Za5JEsHI6akw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/441/124/8/2.gif?puid=f0c200a6-600f-4ea8-afec-d51b7d80d7a2&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/7/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/7/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/19/7/3.gif?puid=e531f6244b4306da9a81f2b632d62d5c&gdpr=1&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F101%2F6%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F101%2F6%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/441/101/6/4.gif?puid=ae96d8df-dd82-41a7-9c09-d368d40f5de2&gdpr=1&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F5%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F5%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/108/5/5.gif?puid=d9b2ee22-bd4e-44cc-8d37-5bb8ea643263&gdpr=1&gdpr_consent= HTTP 302
  • https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F4%2F6.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 301
  • https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F4%2F6.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/441/146/4/6.gif?puid=0b002104-6c20-4d93-a3fa-bf91feb3dacd&gdpr=1&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=463291&dpuuid=ID5-ZHMO07tTqx4uh3NMXsYgMN1YKtDBm4Za5JEsHI6akw&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F160%2F3%2F7.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/160/3/7.gif?puid=64758246895708994823274547570088186167&gdpr=1&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=494279&dpuuid=ID5-ZHMO07tTqx4uh3NMXsYgMN1YKtDBm4Za5JEsHI6akw&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F340%2F2%2F8.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/340/2/8.gif?puid=64758246895708994823274547570088186167&gdpr=1&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=483047&dpuuid=ID5-ZHMO07tTqx4uh3NMXsYgMN1YKtDBm4Za5JEsHI6akw&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F349%2F1%2F9.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Request Chain 427
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 460
  • https://c1.adform.net/serving/cookie/match?party=14&cid=243001C2-55CB-49FA-8475-D0132988CDB5 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=243001C2-55CB-49FA-8475-D0132988CDB5
Request Chain 461
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3987235876482715318
Request Chain 464
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=JDABwlXLSfqEddATKYjNtQ%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 465
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=b72660c1-5b48-4d00-bd58-4280b2d3c0b0
Request Chain 466
  • https://pixel.onaudience.com/?partner=214&mapped=243001C2-55CB-49FA-8475-D0132988CDB5 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=d2513907-50a7-4b1a-a831-996b2a9a1e2d&icm HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=7f88407e40da51b1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=bc81cbd3-8650-4506-5257-d867b78f0833&reqId=df53c4e7-0b76-4aac-4e49-fe5feeaa48db&zcluid=7f88407e40da51b1&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESECMENMpKIWhqbPkG_5hgx9A&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=bc81cbd3-8650-4506-5257-d867b78f0833&reqId=df53c4e7-0b76-4aac-4e49-fe5feeaa48db&zcluid=7f88407e40da51b1&zdid=1332
Request Chain 467
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjQzMDAxQzItNTVDQi00OUZBLTg0NzUtRDAxMzI5ODhDREI1&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 468
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIYemLSCDKQv2Hg48g-Ga3w&google_cver=1
Request Chain 470
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:b72660c1-5b48-4d00-bd58-4280b2d3c0b0&gdpr=0&gdpr_consent=
Request Chain 471
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=871952570536581476
Request Chain 472
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=d2513907-50a7-4b1a-a831-996b2a9a1e2d
Request Chain 473
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7761284304466057866&gdpr=0&gdpr_consent=
Request Chain 477
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=a9eu&gdpr=0&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=KPQ5PKTL-V-4HSC&ex=d-rubiconproject.com&status=ok&gdpr=0
Request Chain 483
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODhiYTcyMmI3ZGNmZmJhYTgzZDVhNjU0Y2E0NzgyZTVjMGI1MWE1Nw&gdpr=0
Request Chain 485
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/6axVIxVdwzQXCzRg553vow?csrc=&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3480645534301063835
Request Chain 486
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=b72660c1-5b48-4d00-bd58-4280b2d3c0b0&gdpr=0&gdpr_consent=
Request Chain 487
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEBvtNLj2TdZpBHqJS8qHSYs&google_cver=1
Request Chain 488
  • https://token.rubiconproject.com/token?pid=26594&gdpr=0 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KPQ5PKTL-V-4HSC&sigv=1&esig=2~0f6014245fdab29106e168621d969a8ae7438d04&gdpr=0
Request Chain 489
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YMFbSAABq73bxAA4&gdpr=0
Request Chain 490
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BRNVBLVEwtVi00SFND&gdpr=0
Request Chain 493
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fwww.justjared.com%2F&domain=www.justjared.com&cw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=Fbqv4Hw5TTVvTEQvTGJsMThSaGs0WUl3L2lnT1FoTTlBZ0xUczNRV0xlRmtGNWQxZ1htNnZrY0FGOGVqUjNqQklpd2VPbUsxRlVxTmtlRzRhU0FMUkZveWI1S2hNQ0x4c1lCemc5Tms5b0NPYjZGcEUvNTlWR01QQVBXZEFDcERNZTJKR2p2ZTFxa1lSbzhSR2xUQXczWnVzZ1N0Zy9Vc2QyTjRqQ21YbHR4Mkt1cUUwRXV0R3hZbDA5S0JjZ2dlNG1ETk9GYURKc3VEOXcxZlFMQWhJSWVSdmhXU0ZhdVZLekFNQ3hYV2tsNk1kVW5JPXw&cppv=2
Request Chain 494
  • https://px.britepool.com/new?partner_id=t HTTP 302
  • https://thrtle.com/insync?vxii_pid=10054&vxii_pdid=c65c9366-1668-4843-9797-e12d4835b04b
Request Chain 551
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7761284304466057866
Request Chain 553
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2390624913052329021
Request Chain 554
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YMFbSGKU0Ksl-eiRobrDDQAABF0AAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/YMFbSGKU0Ksl-eiRobrDDQAABF0AAAAB
Request Chain 556
  • https://d.adroll.com/cm/index/ssp HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 557
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=286l9JDr1LR8sY5
Request Chain 558
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=871952570536581476&expiration=1624494166
Request Chain 560
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7761284304466057866
Request Chain 562
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAAzRk7BgrcAADMcIDorAA&expiration=1624494163
Request Chain 563
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=b72660c1-5b48-4d00-bd58-4280b2d3c0b0
Request Chain 564
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YMFbSAABq73bxAA4
Request Chain 565
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=286l9JDr1LR8sY5
Request Chain 566
  • https://x.bidswitch.net/sync?ssp=index HTTP 302
  • https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=index&bsw_uid=28089516-6d3a-4447-b279-e92369718e38 HTTP 302
  • https://a.volvelle.tech/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=index&bsw_uid=28089516-6d3a-4447-b279-e92369718e38 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=351e790b-e7f1-45ce-bc35-1fd259b31e21&ssp=index HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=28089516-6d3a-4447-b279-e92369718e38
Request Chain 570
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7761284304466057866
Request Chain 571
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAA55E7BgrcAADM_IDorAA&expiration=1624494163
Request Chain 572
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YMFbSGKU0Ksl-eiRobrDDQAABF0AAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/YMFbSGKU0Ksl-eiRobrDDQAABF0AAAAB
Request Chain 573
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=b72660c1-5b48-4d00-bd58-4280b2d3c0b0
Request Chain 574
  • https://cm.ctnsnet.com/int/cm?exc=19 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=85ccf6c4a7c34ec6b41e6bee6624d15c&expiration=1625876564 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=85ccf6c4a7c34ec6b41e6bee6624d15c&expiration=1625876564&C=1
Request Chain 575
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YMFbSGKU0Ksl.eiRobrDDQAA%261117?gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YMFbSGKU0Ksl.eiRobrDDQAA%261117
Request Chain 576
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1623370959
Request Chain 581
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6971954097301878934
Request Chain 582
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBNTVFN0JncmNBQURNX0lEb3JBQQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAA55E7BgrcAADM_IDorAA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=3652133321888945880 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAAzRk7BgrcAADMcIDorAA&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D3652133321888945880%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?userid=3652133321888945880&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAAzRk7BgrcAADMcIDorAA&pid=558502&do=add HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAAzRk7BgrcAADMcIDorAA
Request Chain 584
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=243001C2-55CB-49FA-8475-D0132988CDB5&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=243001C2-55CB-49FA-8475-D0132988CDB5&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=243001C2-55CB-49FA-8475-D0132988CDB5&addseg=31
Request Chain 585
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=243001C2-55CB-49FA-8475-D0132988CDB5&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=243001C2-55CB-49FA-8475-D0132988CDB5&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 587
  • https://loadm.exelator.com/load/?p=204&g=71&buid=243001C2-55CB-49FA-8475-D0132988CDB5&gdpr=0&gdpr_consent=&j=0 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=71&buid=243001C2-55CB-49FA-8475-D0132988CDB5&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
Request Chain 588
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=243001C2-55CB-49FA-8475-D0132988CDB5&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-4qK6xF1E2uUxHQZgRUjO9OhRgItAAuA-~A&gdpr=0&gdpr_consent=
Request Chain 589
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=TMaT0k-UxNpXl8bbHMLdhk7HyIJXk8PaHsXKbE_o
Request Chain 590
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_uid=28089516-6d3a-4447-b279-e92369718e38 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=0&user_id=&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=28089516-6d3a-4447-b279-e92369718e38&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 591
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YMFbSAABq73bxAA4&gdpr=0&gdpr_consent=
Request Chain 592
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2390624913052329021&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 601
  • https://impch.tradedoubler.com/imp?type(inv)g(24852340)a(3014885)&rnd=52959 HTTP 302
  • https://img.tradedoubler.com/images/inv.gif
Request Chain 605
  • https://impch.tradedoubler.com/imp?type(inv)g(24852340)a(3014885)&rnd=65934 HTTP 302
  • https://img.tradedoubler.com/images/inv.gif
Request Chain 609
  • https://cct.connects.ch/tpv.php?t=116404V1571145373M HTTP 302
  • https://cct.shop.post.ch/tpv.php?t=116404V1571145373M&sdtr=1 HTTP 302
  • https://tracking.adtracker.ch/link/red/l/Mzg2?utm_medium=Referral&utm_source=Affiliate&utm_campaign=connects&lea_source=2021061002224451320574857X116404V1571145373M HTTP 302
  • https://www.post.ch/?lea_source=2021061002224451320574857X116404V1571145373M HTTP 301
  • https://www.post.ch/de?lea_source=2021061002224451320574857X116404V1571145373M HTTP 301
  • https://www.post.ch/de/
Request Chain 610
  • https://impch.tradedoubler.com/imp?type(inv)g(24852354)a(3014885) HTTP 302
  • https://img.tradedoubler.com/images/inv.gif
Request Chain 611
  • https://impch.tradedoubler.com/imp?type(inv)g(24936634)a(3014885) HTTP 302
  • https://img.tradedoubler.com/images/inv.gif
Request Chain 614
  • https://cct.connects.ch/tpv.php?t=116404V1571145373M HTTP 302
  • https://cct.shop.post.ch/tpv.php?t=116404V1571145373M&sdtr=1 HTTP 302
  • https://tracking.adtracker.ch/link/red/l/Mzg2?utm_medium=Referral&utm_source=Affiliate&utm_campaign=connects&lea_source=2021061002224451320574859X116404V1571145373M HTTP 302
  • https://www.post.ch/?lea_source=2021061002224451320574859X116404V1571145373M HTTP 301
  • https://www.post.ch/de?lea_source=2021061002224451320574859X116404V1571145373M HTTP 301
  • https://www.post.ch/de/
Request Chain 615
  • https://impch.tradedoubler.com/imp?type(inv)g(24852354)a(3014885) HTTP 302
  • https://img.tradedoubler.com/images/inv.gif
Request Chain 616
  • https://impch.tradedoubler.com/imp?type(inv)g(24936634)a(3014885) HTTP 302
  • https://img.tradedoubler.com/images/inv.gif
Request Chain 619
  • https://impfr.tradedoubler.com/imp?type(img)g(24852340)a(3014885)266090059 HTTP 302
  • https://vht.tradedoubler.com/file/308023/2021/iabDE/JuneAffiliateStaticBanners300x250.jpg
Request Chain 622
  • https://impfr.tradedoubler.com/imp?type(img)g(24852340)a(3014885)978753824 HTTP 302
  • https://vht.tradedoubler.com/file/308023/2021/iabDE/JuneAffiliateStaticBanners300x250.jpg
Request Chain 626
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEMl44P6AtI8a0ElkGh0w-s4&google_cver=1&google_push=AYg5qPJ5fvw3dt6bhXARZHrybKzlh77s2z9wsuPSu-Ba_IE3ys89Wa5hdUzSL27BOwh05DTd2MmZe2JCZC0F0dEovPkPUyRvwqar HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=86gANFKoRdeE3MKnqBXQfA2&google_push=AYg5qPJ5fvw3dt6bhXARZHrybKzlh77s2z9wsuPSu-Ba_IE3ys89Wa5hdUzSL27BOwh05DTd2MmZe2JCZC0F0dEovPkPUyRvwqar HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=86gANFKoRdeE3MKnqBXQfA2&google_push=AYg5qPJ5fvw3dt6bhXARZHrybKzlh77s2z9wsuPSu-Ba_IE3ys89Wa5hdUzSL27BOwh05DTd2MmZe2JCZC0F0dEovPkPUyRvwqar&google_tc=
Request Chain 627
  • https://a.c.appier.net/gcm?google_gid=CAESEHE6B-BW-BhlAnUInLHxq0k&google_cver=1&google_push=AYg5qPKHFFW9ToSZCRGZDkBcfQld7Nl3nGsxSFd2f7EJJMTHxZvZPSa3YAHnp24pqMnRzofKSSyqx7T4Ql6naMj2SBMPErSOZIfs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=NTNfZlc2NS1BZ0tTcDR3R1VWdkJZQQ%3D%3D&google_push=AYg5qPKHFFW9ToSZCRGZDkBcfQld7Nl3nGsxSFd2f7EJJMTHxZvZPSa3YAHnp24pqMnRzofKSSyqx7T4Ql6naMj2SBMPErSOZIfs
Request Chain 628
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEC0vcK4BSGVMzZYplP5D58Y&google_cver=1&google_push=AYg5qPIUZH67FP4Uwxik2i2YehuYnXHAx96_0mWxnAyhhUiEBny9fBisL--XxGJzPorCGtU04FdIjGKM6Z-iTBmRZxQG-2Q19rgg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=JDABwlXLSfqEddATKYjNtQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIUZH67FP4Uwxik2i2YehuYnXHAx96_0mWxnAyhhUiEBny9fBisL--XxGJzPorCGtU04FdIjGKM6Z-iTBmRZxQG-2Q19rgg
Request Chain 629
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAYg5qPLSzG_Rjt4S21J0Kz6J-cY69RBAGGT40j5Rdyvkx-Ex_zhlVzGHIAxyqtrMtsfD7jW0PstBTfEOD-7jRkgJXb1-m3TIrUnf%26google_hm%3D%5BUID%5D&google_gid=CAESELf-aJgx5fl3rmwcu21vxCk&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AYg5qPLSzG_Rjt4S21J0Kz6J-cY69RBAGGT40j5Rdyvkx-Ex_zhlVzGHIAxyqtrMtsfD7jW0PstBTfEOD-7jRkgJXb1-m3TIrUnf&google_hm=0c52e386-7a59-4db0-97c1-c504ee61acd4
Request Chain 630
  • https://google.ops.beeline.ru/p?ssp=gl&google_gid=CAESEPL8NOHdakge0blb7Ya_ssk&google_cver=1&google_push=AYg5qPKaMqFt0YlZv0bfcWJtngGbR0ZXGqAKWy89IFfKH3Lcvgx0Ey5lq2P-bwZc-NgCmhdo1XCIXV3ikge32tzJEoY6Mpf-1omWvQ HTTP 301
  • https://cm.g.doubleclick.net/pixel?google_nid=vimpelcom_pjsc&google_hm=ZGJiNWFkN2EtYmRiMy00OWM1LWFlZjItOGMxMjEwYmJkZDUz&google_push=AYg5qPKaMqFt0YlZv0bfcWJtngGbR0ZXGqAKWy89IFfKH3Lcvgx0Ey5lq2P-bwZc-NgCmhdo1XCIXV3ikge32tzJEoY6Mpf-1omWvQ
Request Chain 631
  • https://ads.avads.net/sync/ggl?google_gid=CAESEB_2dpuLi_E34Y-s20Of48Y&google_cver=1&google_push=AYg5qPJXdKprO1Mb3fpQNaMxW1zK1bCe7rA8zCBXLgSudLpECXdhXsdMX8PjraDTmgSvTJDcMNMSKlUq9NVkpT6tkMmJJxS4-TX4rg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=MTRmNzgxMjktOGM5Yi00NTY3LTk5YmItOWQ3N2YxNzIyYzZm
Request Chain 634
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEDdEKfLDmMA7g5prpd4HpBg&google_cver=1&google_push=AYg5qPKsDxLBuEIeFWNcRe0i4cYdXrhsc15yDpiPc8uxu9Rhs4T9mhxTq4HNQ1hFXnSnNl73hmYEf_oHkF073vF-RfqrqbCzP-I HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk3MTk1NDA5NzMwMTg3ODkzNA%3D%3D&google_push=AYg5qPKsDxLBuEIeFWNcRe0i4cYdXrhsc15yDpiPc8uxu9Rhs4T9mhxTq4HNQ1hFXnSnNl73hmYEf_oHkF073vF-RfqrqbCzP-I
Request Chain 637
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEMIzwOE8USa5qh4qspm3zQk&google_cver=1&google_push=AYg5qPLGSfmDd-7mQHXhstljfOI8Xbikn-_sE8pMcaJjwLEu2tXIpN8YjqN0YRaSU982026Y-AweF857zfBEVI3YFiE_07msFKlB HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=3cdaff92-bc1b-44dd-978f-444a3f228382&ssp=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_cm=1&google_hm=YnHsMq1OQneQ7IReIj84tg== HTTP 302
  • https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESENLXMXZpmhOKb8JEaAlgkdg&google_cver=1
Request Chain 646
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEPqKHYPtlW2JvvX1udYRJB8&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Request Chain 647
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTE5MDUwMTUzMTQ5NTI2NTE0NTg%3D
Request Chain 649
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/11905015314952651458?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-0ezVTRZE2oS1tT7Y9hMZiW9j6IE5CSbL54nBGiDbVQ--~A&dongle=0883
Request Chain 650
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=7761284304466057866&dongle=4d58&gdpr=1&gdpr_consent=
Request Chain 651
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=11905015314952651458 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=11905015314952651458&dcc=t
Request Chain 652
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1 HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=2460&xuid=&dongle=dba8&gdpr=1&cmp_cs=&us_privacy=
Request Chain 656
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEPqKHYPtlW2JvvX1udYRJB8&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Request Chain 657
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTE5MDUwMTUzMTQ5NTI2NTE0NTg%3D
Request Chain 659
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/11905015314952651458?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-0ezVTRZE2oS1tT7Y9hMZiW9j6IE5CSbL54nBGiDbVQ--~A&dongle=0883
Request Chain 660
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=7761284304466057866&dongle=4d58&gdpr=1&gdpr_consent=
Request Chain 661
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=11905015314952651458 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=11905015314952651458&dcc=t
Request Chain 662
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Request Chain 666
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEPqKHYPtlW2JvvX1udYRJB8&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Request Chain 667
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTE5MDUwMTUzMTQ5NTI2NTE0NTg%3D
Request Chain 669
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/11905015314952651458?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-0ezVTRZE2oS1tT7Y9hMZiW9j6IE5CSbL54nBGiDbVQ--~A&dongle=0883
Request Chain 670
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=7761284304466057866&dongle=4d58&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=3335&xuid=7761284304466057866&dongle=4d58&gdpr=1&cmp_cs=&us_privacy=
Request Chain 671
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=11905015314952651458 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=11905015314952651458&dcc=t
Request Chain 672
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Request Chain 675
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-4b6b31cb-0c5c-402c-be96-53a916fee2fa-003&rndcb=697988315 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=f8b554b3-f6e3-4699-a903-ae7fbffc4ee8&google_hm=ZjhiNTU0YjMtZjZlMy00Njk5LWE5MDMtYWU3ZmJmZmM0ZWU4 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEHBB4ph9kt24-ghNj6RYlE0&google_cver=1&ssp=adconductor&bsw_param=f8b554b3-f6e3-4699-a903-ae7fbffc4ee8 HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/f8b554b3-f6e3-4699-a903-ae7fbffc4ee8?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-d3cf6f02-c298-4587-af1e-2543bca75a6b-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-d3cf6f02-c298-4587-af1e-2543bca75a6b-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-d3cf6f02-c298-4587-af1e-2543bca75a6b-003
Request Chain 676
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Request Chain 677
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=9mUSOjxkm4Y6koMrynzoW81W
Request Chain 680
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=243001C2-55CB-49FA-8475-D0132988CDB5 HTTP 302
  • https://a.audrte.com/p
Request Chain 681
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA%3D%26piggybackCookie%3D%24UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1208692412575765778
Request Chain 696
  • https://id5-sync.com/s/441/9.gif?puid=e_9cfc47e5-d880-4d32-b76a-dcf8c5c95563&gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=483047&dpuuid=ID5-ZHMO07tTqx4uh3NMXsYgMN1YKtDBm4Za5JEsHI6akw&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F349%2F8%2F2.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/349/8/2.gif?puid=50558326327517680903860398498804200514&gdpr=1&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=e531f6244b4306da9a81f2b632d62d5c&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F485%2F7%2F3.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/485/7/3.gif?puid=50558326327517680903860398498804200514&gdpr=1&gdpr_consent= HTTP 302
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NiZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY HTTP 303
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NiZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NiZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NiZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEIoMqqOwyLIklYj1NfSMNpU&google_cver=1 HTTP 303
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEIoMqqOwyLIklYj1NfSMNpU&sd=Y2FzY2FkZXNSZW1haW5pbmc9NiZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcookie-matching.mediarithmics.com%2Finput%3Fkey%3DAPX%26apx_uid%3D%24UID%26opid%3Dapx%26ops%3D%26utidl%3Dtech%3Agoo%3ACAESEIoMqqOwyLIklYj1NfSMNpU%26sd%3DY2FzY2FkZXNSZW1haW5pbmc9NiZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY%26action%3DGET_ID%26etid%3D%26domid%3D1033 HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=4626903868815124967&opid=apx&ops=&utidl=tech:goo:CAESEIoMqqOwyLIklYj1NfSMNpU&sd=Y2FzY2FkZXNSZW1haW5pbmc9NiZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
  • https://id5-sync.com/qp/18.gif?puid=vec%3A17997186262&sd=Y2FzY2FkZXNSZW1haW5pbmc9NiZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY
Request Chain 697
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=e315a43aa9&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=d2513907-50a7-4b1a-a831-996b2a9a1e2d&pubid=e315a43aa9
Request Chain 698
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=sonobi&bsw_custom_parameter=28089516-6d3a-4447-b279-e92369718e38 HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=sonobi&bsw_custom_parameter=28089516-6d3a-4447-b279-e92369718e38 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=28cf2283-1a2e-4cf3-a403-5eef0743c4fe&ssp=sonobi&expires=30&user_group=5&bsw_param=28089516-6d3a-4447-b279-e92369718e38 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=4&user_id=28cf2283-1a2e-4cf3-a403-5eef0743c4fe&ssp=sonobi&expires=30&user_group=5&bsw_param=28089516-6d3a-4447-b279-e92369718e38 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=6271ec32-ad4e-4277-90ec-845e223f38b6
Request Chain 699
  • https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID] HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=b72660c1-5b48-4d00-bd58-4280b2d3c0b0
Request Chain 700
  • https://sync.aralego.com/idsync HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/0c624eba-9f73-3486-9dca-63669b00d970?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-CabvSpxE2oXshCcxgGhkjVJlao2luLy_w.LtuTA-~A&redirect= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ucfunnel&google_hm=MGM2MjRlYmEtOWY3My0zNDg2LTlkY2EtNjM2NjliMDBkOTcw&google_redir=https%3A%2F%2Fcdn.aralego.net%2Fimg%2F1x1.png HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ucfunnel&google_hm=MGM2MjRlYmEtOWY3My0zNDg2LTlkY2EtNjM2NjliMDBkOTcw&google_redir=https%3A%2F%2Fcdn.aralego.net%2Fimg%2F1x1.png&google_tc= HTTP 302
  • https://cdn.aralego.net/img/1x1.png
Request Chain 703
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=121360c1-5b55-4300-8935-02b65d963cf4
Request Chain 704
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=i4aS7IjUxOiQgcS4idDc7NmFxOSQhpW_iIL3LGkT
Request Chain 705
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=871952570536581476
Request Chain 707
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODljZjMwNDQtNWMwZi0yMzI5LWZhZTYtZDlhODc0YjMzYTky HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODljZjMwNDQtNWMwZi0yMzI5LWZhZTYtZDlhODc0YjMzYTky&google_tc=
Request Chain 708
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEO2AIdOFZOZSgHrUFEBC-CM&google_cver=1
Request Chain 710
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YMFbVHrq5gUsYcc01MhTygAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YMFbVHrq5gUsYcc01MhTygAA&google_tc= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIfoGnPcWCBV80ZbTG4iA24&google_cver=1
Request Chain 711
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YMFbVHrq5gUsYcc01MhTygAABFYAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YMFbVHrq5gUsYcc01MhTygAABFYAAAIB&gdpr_consent=&us_privacy=&gdpr=&google_tc= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEOl5XTczN-ALImftnCw1ir0&google_cver=1
Request Chain 712
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YMFbVHrq5gUsYcc01MhTygAABFYAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YMFbVHrq5gUsYcc01MhTygAABFYAAAIB&dcc=t
Request Chain 714
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1623370965
Request Chain 715
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=YMFbVgABq5SZtQA4 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YMFbVgABq5SZtQA4&_test=YMFbVgABq5SZtQA4
Request Chain 722
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 725
  • https://c1.adform.net/serving/cookie/match?party=14&cid=DFD26154-CAF9-4A9B-A4C8-0A3924C365A8 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=DFD26154-CAF9-4A9B-A4C8-0A3924C365A8
Request Chain 726
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3987235876482715318
Request Chain 727
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:62c060c1-5b59-4e00-ab8c-32c2382a2fab&gdpr=0&gdpr_consent=
Request Chain 728
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4150698187221535170
Request Chain 729
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENiYSvuWiW7QobS4uxh0v84&google_cver=1
Request Chain 730
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=3b7ecffc-7e9a-4156-8cae-98b0d9533a0d
Request Chain 732
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1208692412575765778&gdpr=0&gdpr_consent=
Request Chain 733
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=GV1jmBoPNcgCXjKcGFktmBtYNpkCCzOfSwz0MTAO
Request Chain 734
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6971954144548550799
Request Chain 735
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFT0VFN0JncmNBQURMaWZEN21Idw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAEOEE7BgrcAADLifD7mHw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=6768698747352176198 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAEOEE7BgrcAADLifD7mHw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D6768698747352176198%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?userid=6768698747352176198&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAEOEE7BgrcAADLifD7mHw&pid=558502&do=add HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEOEE7BgrcAADLifD7mHw
Request Chain 738
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5928506021 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/3b7ecffc-7e9a-4156-8cae-98b0d9533a0d HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-d3cf6f02-c298-4587-af1e-2543bca75a6b-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-d3cf6f02-c298-4587-af1e-2543bca75a6b-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-d3cf6f02-c298-4587-af1e-2543bca75a6b-003
Request Chain 739
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Request Chain 741
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=39JhVMr5SpukyAo5JMNlqA%3D%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=39JhVMr5SpukyAo5JMNlqA%3D%3D&google_tc= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 742
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=409260c1-5b59-4e00-bfc4-0d5a16ea5ff6
Request Chain 743
  • https://pixel.onaudience.com/?partner=214&mapped=DFD26154-CAF9-4A9B-A4C8-0A3924C365A8 HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=37ee5ff10918f95e HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=fb5cc52b-e4f6-49ce-7156-b2452846b78c&reqId=02fba9d6-9bea-4f89-5932-46ef94741b31&zcluid=37ee5ff10918f95e&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEE-ni2XSprzXeRmh_TBGRwo&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=fb5cc52b-e4f6-49ce-7156-b2452846b78c&reqId=02fba9d6-9bea-4f89-5932-46ef94741b31&zcluid=37ee5ff10918f95e&zdid=1332
Request Chain 745
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=DFD26154-CAF9-4A9B-A4C8-0A3924C365A8&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=DFD26154-CAF9-4A9B-A4C8-0A3924C365A8&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-hiYFRThE2uXs8g9PJkMpQcAQ6P.zI_s-~A&gdpr=0&gdpr_consent=
Request Chain 746
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=f8b554b3-f6e3-4699-a903-ae7fbffc4ee8&ssp=pubmatic&gdpr=0&gdpr_consent=
Request Chain 747
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YMFbWgABq7DLVgA4 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YMFbWgABq7DLVgA4&gdpr=0&gdpr_consent=&_test=YMFbWgABq7DLVgA4
Request Chain 748
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3765948413551573858&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 756
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=9mUSOjxkm4Y6koMrynzoW81W
Request Chain 759
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA%3D%26piggybackCookie%3D%24UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6430579671915000608
Request Chain 760
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=DFD26154-CAF9-4A9B-A4C8-0A3924C365A8&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=DFD26154-CAF9-4A9B-A4C8-0A3924C365A8&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=DFD26154-CAF9-4A9B-A4C8-0A3924C365A8&addseg=31
Request Chain 761
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=DFD26154-CAF9-4A9B-A4C8-0A3924C365A8&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=DFD26154-CAF9-4A9B-A4C8-0A3924C365A8&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 763
  • https://loadm.exelator.com/load/?p=204&g=71&buid=DFD26154-CAF9-4A9B-A4C8-0A3924C365A8&gdpr=0&gdpr_consent=&j=0 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=71&buid=DFD26154-CAF9-4A9B-A4C8-0A3924C365A8&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
Request Chain 764
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=REZEMjYxNTQtQ0FGOS00QTlCLUE0QzgtMEEzOTI0QzM2NUE4&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

757 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.justjared.com/
Redirect Chain
  • http://justjared.com/
  • http://www.justjared.com/
86 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
085ddb2ec0f17b64f0ab2964c9c51f6454e6a07364f91c5619fc28dccf457d2c

Request headers

Host
www.justjared.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:30 GMT
Connection
Keep-Alive
Cache-Control
no-cache
Content-Encoding
gzip
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Last-Modified
Thu, 10 Jun 2021 00:18:38 +0000
Server
nginx
Vary
Cookie
Expires
Thu, 10 Jun 2021 00:22:29 GMT
NC
HIT
Access-Control-Allow-Origin
*
X-HW
1623284550.dop001.fr8.t,1623284550.cds007.fr8.sc,1623284550.cds007.fr8.p

Redirect headers

Server
awselb/2.0
Date
Thu, 10 Jun 2021 00:22:30 GMT
Content-Type
text/html
Content-Length
134
Connection
keep-alive
Location
http://www.justjared.com:80/
main.css
d188m5xxcpvuue.cloudfront.net/justjared/ 		667 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://d188m5xxcpvuue.cloudfront.net/justjared/main.css
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
2600:9000:218d:1e00:0:bed9:b980:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0a8f070341d03be263cd2fdf329aca04efaa321be66b35175b84a660e26302bb

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
IaQ9Dv0dosgK_PGlSJ4CKQanBmowL8Vc
Via
1.1 c77cf9ec92c5b3b895af521940f61fb8.cloudfront.net (CloudFront)
ETag
"40c63a800a2e429207339487e6f1c054"
Age
2325
X-Cache
Hit from cloudfront
x-amz-replication-status
PENDING
Connection
keep-alive
Content-Length
667
Last-Modified
Wed, 09 Jun 2021 18:43:42 GMT
Server
AmazonS3
Date
Wed, 09 Jun 2021 23:46:14 GMT
Content-Type
text/css
Cache-Control
max-age=3600
X-Amz-Cf-Pop
CDG50-P2
Accept-Ranges
bytes
X-Amz-Cf-Id
NuyCvSnWjfJ_sBDUuQWhLwbk-b7XLBwRO8kBoGOvpyUTux63L2w7ew==
style.css
www.justjared.com/wp-content/themes/default/ 		36 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.justjared.com/wp-content/themes/default/style.css?v=06072021
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
52b04ccb62661945ee9f969429d41521a800ee9288acd4cb179f572787edfee7

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.justjared.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.justjared.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:30 GMT
Content-Encoding
gzip
Last-Modified
Tue, 08 Jun 2021 16:29:02 GMT
Server
nginx
ETag
W/"60bf9ace-9167"
Transfer-Encoding
chunked
X-HW
1623284550.dop243.fr8.t,1623284550.cds233.fr8.sc,1623284550.cds233.fr8.p
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public
Connection
Keep-Alive
Expires
Thu, 17 Jun 2021 00:22:30 GMT
js
www.googletagmanager.com/gtag/ 		89 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-86316-1
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
438546ab319911389625ab2478027cbfbc8d5645c969131055f3ed8b2bd429b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:30 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35897
x-xss-protection
0
last-modified
Thu, 10 Jun 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 10 Jun 2021 00:22:30 GMT
wrapperMessagingWithoutDetection.js
cdn.privacy-mgmt.com/ 		151 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/wrapperMessagingWithoutDetection.js
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.174.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-174-106.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6c4aa0b188daf9fb45476c3844b6fdb6be6f0d8b090c9be422684c9b94afba45

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
last-modified
Wed, 02 Jun 2021 22:46:02 GMT
server
AmazonS3
age
3540
etag
W/"f51802d0b85b54ef3426c04411b09a6f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 c77cf9ec92c5b3b895af521940f61fb8.cloudfront.net (CloudFront)
cache-control
max-age=3600
date
Wed, 09 Jun 2021 23:23:31 GMT
x-amz-cf-pop
CDG50-P2
x-amz-cf-id
j-XV8n18FLRxLCIf8RyXnM-Tqg2Bp-a865e_Hvj6fzpwG6kZQT83lA==
ccpa.js
ccpa.sp-prod.net/ 		55 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ccpa.sp-prod.net/ccpa.js
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-56.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fc0fbadd0003a518363a079597843305fcab3a583fc69bb67f352c98e57b68a2

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:16:28 GMT
content-encoding
gzip
last-modified
Wed, 26 May 2021 19:16:01 GMT
server
AmazonS3
age
363
etag
W/"7e503d9d7f98c42383dd12185af4fa97"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 9eb0e845437929074828e0cf53f179af.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
t-Twd7FZnOjMQ-3XTEXrWfoNOOMkm6pojLp15rB1WPMPsliDKSlt0Q==
jjlib.js
tradecraft.s.llnwi.net/v1/pub/01/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tradecraft.s.llnwi.net/v1/pub/01/jjlib.js
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
178.79.242.181 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
CloudStorage /
Resource Hash
761c5d128949e6a0a3054e863c31bebc46866ec17538e8f4a6e78257b3864cdb

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:30 GMT
Last-Modified
Wed, 09 Jun 2021 14:15:00 GMT
Server
CloudStorage
Age
1086
Content-Type
application/javascript
X-Agile-Checksum
761c5d128949e6a0a3054e863c31bebc46866ec17538e8f4a6e78257b3864cdb
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4069
X-LLID
aeebde5d58b7bccf9a223bc33deb04f9
191040-27970744739601.js
js-sec.indexww.com/ht/p/ 		38 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://js-sec.indexww.com/ht/p/191040-27970744739601.js
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
15c2484e4c9d126e98adc14975ad47a6eb45e20b2a9f05d76412f0d7f84393ee

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:31 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Jun 2021 00:21:14 GMT
Server
Apache
ETag
"76412f-988f-5c45e5e7f826b"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
13167
Expires
Thu, 10 Jun 2021 01:22:31 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		123 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
52.222.200.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-200-121.cdg50.r.cloudfront.net
Software
Server /
Resource Hash
0f4b08d07ecca9f8fcaf108ea78bb163fc98cfc19a844bd0f87412ab34a41873

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:13:26 GMT
Content-Encoding
gzip
Age
543
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Timing-Allow-Origin
*
Server
Server
ETag
c457e964d47ff007ca9e04843536c474
x-amz-version-id
Jwh5QR0v6YiK3IJ9r6Bka1yZ2ycEMCFp
Via
1.1 3927bf0011a2eb853e62f4b12f7ba87f.cloudfront.net (CloudFront)
Cache-Control
public, max-age=900
X-Amz-Cf-Pop
CDG50-P2
Accept-Ranges
bytes
Content-Type
application/javascript
X-Amz-Cf-Id
UsKcefNkH4576BotWV2NV_A8c-_CNZYJY_KpaxXzf0B12Dx7SzTBrQ==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		61 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
3f3bd411e584342f97dd415f4b53a585b1c7e2a4ff7ce59c152d5df767e5cc91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"898 / 858 of 1000 / last-modified: 1623280302"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21287
x-xss-protection
0
expires
Thu, 10 Jun 2021 00:22:30 GMT
pagenavi-css.css
www.justjared.com/wp-content/plugins/pagenavi/ 		1 KB
870 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.justjared.com/wp-content/plugins/pagenavi/pagenavi-css.css
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
85f2debf26ab62202bca8710e8050b38ff8254bc3cca4a9de1318092b8854fd2

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.justjared.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.justjared.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:30 GMT
Content-Encoding
gzip
Last-Modified
Tue, 08 Jun 2021 16:29:02 GMT
Server
nginx
ETag
W/"60bf9ace-55d"
Transfer-Encoding
chunked
X-HW
1623284550.dop232.fr8.t,1623284550.cds221.fr8.sc,1623284550.cds221.fr8.p
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public
Connection
Keep-Alive
Expires
Thu, 17 Jun 2021 00:22:30 GMT
loader.js
www.gstatic.com/charts/
Redirect Chain
  • http://www.google.com/jsapi
  • https://www.gstatic.com/charts/loader.js
65 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/charts/loader.js
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
efdde317b774ed03a69918bb931553608881c84987ce79e68c7f9d32d6138a96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 23:36:28 GMT
x-content-type-options
nosniff
age
2762
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
66641
x-xss-protection
0
last-modified
Mon, 12 Apr 2021 17:45:29 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=3600
access-control-allow-credentials
true
accept-ranges
bytes
expires
Thu, 10 Jun 2021 00:36:28 GMT

Redirect headers

Date
Thu, 10 Jun 2021 00:02:55 GMT
X-Content-Type-Options
nosniff
Server
sffe
Age
1175
Content-Type
text/html; charset=UTF-8
Location
https://www.gstatic.com/charts/loader.js
Cache-Control
public, max-age=1800
Content-Length
237
X-XSS-Protection
0
Expires
Thu, 10 Jun 2021 00:32:55 GMT
jquery.mobile.custom.swipe.min.js
www.justjared.com/wp-content/themes/default/js/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.justjared.com/wp-content/themes/default/js/jquery.mobile.custom.swipe.min.js
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
3dd3eddc67a3bcd0b6d9785767b3096b2fbeb7f12347dccd755e3cd6be0a712b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.justjared.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://www.justjared.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:30 GMT
Content-Encoding
gzip
Last-Modified
Tue, 08 Jun 2021 16:29:02 GMT
Server
nginx
ETag
"60bf9ace-22e2"
Transfer-Encoding
chunked
X-HW
1623284550.dop209.fr8.t,1623284550.cds247.fr8.sc,1623284550.cds247.fr8.p
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public
Connection
Keep-Alive
Accept-Ranges
bytes
Expires
Thu, 17 Jun 2021 00:22:30 GMT
jj-mobile.js
www.justjared.com/wp-content/themes/default/js/ 		424 B
766 B 		Script
General
Check archive.org
Download Go to
Full URL
http://www.justjared.com/wp-content/themes/default/js/jj-mobile.js
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
d533d520a7bc97bbb3f7eb3fdbbe4a9a0e42495c5fd6cd3c0adaec0f07f4dc4c

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.justjared.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://www.justjared.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:30 GMT
Content-Encoding
gzip
Last-Modified
Tue, 08 Jun 2021 16:29:02 GMT
Server
nginx
ETag
"60bf9ace-1a8"
Transfer-Encoding
chunked
X-HW
1623284550.dop243.fr8.t,1623284550.cds103.fr8.sc,1623284550.cds103.fr8.p
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public
Connection
Keep-Alive
Accept-Ranges
bytes
Expires
Thu, 17 Jun 2021 00:22:30 GMT
jjh.js
tradecraft.s.llnwi.net/v1/pub/01/ 		354 B
721 B 		Script
General
Check archive.org
Download Go to
Full URL
http://tradecraft.s.llnwi.net/v1/pub/01/jjh.js
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
178.79.242.181 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
CloudStorage /
Resource Hash
fce4d55d2141dd9c259cdca934ff21faf514f6f45f7c025e91b9b5abe699d564

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:30 GMT
Last-Modified
Thu, 06 May 2021 21:55:41 GMT
Server
CloudStorage
Age
36235
Content-Type
application/javascript
X-Agile-Checksum
fce4d55d2141dd9c259cdca934ff21faf514f6f45f7c025e91b9b5abe699d564
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
354
X-LLID
ab6e77995bfed5ef12dd1eb9b474a30f
tag
btloader.com/
Redirect Chain
  • http://mediatradecraft-com.videoplayerhub.com/galleryloader.js
  • https://btloader.com/tag?h=mediatradecraft-com&upapi=true
10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?h=mediatradecraft-com&upapi=true
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4376199dd0df8fd1a4e4f6654f329ca7520cec6bdd20fbdee7e759aa6a5b6bf4

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:30 GMT
via
1.1 google
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2141
content-encoding
br
cf-request-id
0a94e5a4ec00001f5521008000000001
server
cloudflare
etag
W/"005dc0697e7750325dc26f32a7b42f59"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=hPrePFMPYSi4Sq7E%2Bp5uu%2Bmi%2BFlm62aZuTO3Wr08x1DYG%2FXKoTmnFZrBLikSEZPzjis8%2FQmLNAkf4ahLIAilQLFka5Qg9CsJhxkrKhoemJhm0vnD7NUizavw%2Fm4hp7djuXd9D8c%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800, must-revalidate
cf-ray
65ce721b1cbd1f55-FRA

Redirect headers

Date
Thu, 10 Jun 2021 00:22:30 GMT
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=mN0d%2B%2BvlDOH88Ba7%2FQF33vAGygM8Kt43kzL0C9zHiL6PMsiqFj%2FmJzmyhJcgc6kbXqHtGsxnI%2FxVyncfcXDcuqf8HUtX7WN0Bk9HviQAPyecaVpd4SXC6rNsoqXHyoXiuKBdEn857d8TUgBI8ZlsyQ3pljMX6Mnb9JB729CvwA%3D%3D"}],"group":"cf-nel","max_age":604800}
Location
https://btloader.com/tag?h=mediatradecraft-com&upapi=true
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
65ce721acd4e3237-FRA
cf-request-id
0a94e5a4bd000032374b87d000000001
Expires
Thu, 10 Jun 2021 01:22:30 GMT
jjlogo7.gif
cdn01.cdn.justjared.com/wp-content/themes/default/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn01.cdn.justjared.com/wp-content/themes/default/images/jjlogo7.gif
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
aee7edbcb570cae2ec689ea12a8195acddbdef7396e20f6389bba9f0608b39d3

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:30 GMT
Last-Modified
Tue, 08 Jun 2021 16:29:02 GMT
Server
nginx
ETag
"60bf9ace-b3f"
X-HW
1623284550.dop236.fr8.t,1623284550.cds201.fr8.c
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
2879
kanye-west-irina-shayk.jpg
cdn02.cdn.justjared.com/wp-content/uploads/headlines/2021/06/ 		111 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn02.cdn.justjared.com/wp-content/uploads/headlines/2021/06/kanye-west-irina-shayk.jpg
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.10 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
1d00f1fcd4a407ed4d34e36f39364195e37ecf56b8cfcb39790d639c8043ba8b

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:30 GMT
Last-Modified
Wed, 09 Jun 2021 15:52:10 GMT
ETag
"1623253930"
X-HW
1623284550.dop203.fr8.t,1623284550.cds144.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=574436
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
113663
meghan-harry-rules.jpg
cdn02.cdn.justjared.com/wp-content/uploads/headlines/2021/06/ 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn02.cdn.justjared.com/wp-content/uploads/headlines/2021/06/meghan-harry-rules.jpg
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.10 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
a2b0958b48c3026a004c84275ce9e83b9a1b7523263adb54336781fad1b5163d

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:30 GMT
Last-Modified
Wed, 09 Jun 2021 15:29:40 GMT
ETag
"1623252580"
X-HW
1623284550.dop202.fr8.t,1623284550.cds005.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=573069
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
52568
billionaire-taxes.jpg
cdn03.cdn.justjared.com/wp-content/uploads/headlines/2021/06/ 		102 KB
103 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn03.cdn.justjared.com/wp-content/uploads/headlines/2021/06/billionaire-taxes.jpg
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
tlb.hwcdn.net
Software
/
Resource Hash
73b4d780445fdef277c6bdbe589971b58d167b3e61027169707758b22542f0fe

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:30 GMT
Last-Modified
Wed, 09 Jun 2021 14:17:46 GMT
ETag
"1623248266"
X-HW
1623284550.dop235.fr8.t,1623284550.cds140.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=568693
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
104872
kim-kardashian-on-sex-tape-on-kuwtk.jpg
cdn01.cdn.justjared.com/wp-content/uploads/headlines/2021/06/ 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn01.cdn.justjared.com/wp-content/uploads/headlines/2021/06/kim-kardashian-on-sex-tape-on-kuwtk.jpg
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
tlb.hwcdn.net
Software
/
Resource Hash
fba4accd2025c8c3dd6c60596965cac90bc9bb290d43a5a88c70e8659d7b2bbd

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:30 GMT
Last-Modified
Sat, 05 Jun 2021 15:55:05 GMT
ETag
"1622908505"
X-HW
1623284550.dop236.fr8.t,1623284550.cds281.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=229091
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
70580
little-big-town-step-out-for-the-cmt-awards.jpg
cdn02.cdn.justjared.com/wp-content/uploads/headlines/2021/06/ 		120 KB
120 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn02.cdn.justjared.com/wp-content/uploads/headlines/2021/06/little-big-town-step-out-for-the-cmt-awards.jpg
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.10 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
528e08fc0def5fa605cd721a0010d95c9d68da909fec05177095a749cd86a854

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:30 GMT
Last-Modified
Thu, 10 Jun 2021 00:12:03 GMT
ETag
"1623283923"
X-HW
1623284550.dop235.fr8.t,1623284550.cds252.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=604530
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
123052
little-big-town-step-out-for-the-cmt-awards-01.jpg
cdn03.cdn.justjared.com/wp-content/uploads/2021/06/lbt-cmt/thumbs/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn03.cdn.justjared.com/wp-content/uploads/2021/06/lbt-cmt/thumbs/little-big-town-step-out-for-the-cmt-awards-01.jpg
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
tlb.hwcdn.net
Software
/
Resource Hash
857de8f799aa927187faded6d2f45bf0e400a6e58bf5ace81af263ce877ab362

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:30 GMT
Last-Modified
Thu, 10 Jun 2021 00:12:01 GMT
ETag
"1623283921"
X-HW
1623284550.dop142.fr8.t,1623284550.cds281.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=604530
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
4884
little-big-town-step-out-for-the-cmt-awards-02.jpg
cdn04.cdn.justjared.com/wp-content/uploads/2021/06/lbt-cmt/thumbs/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn04.cdn.justjared.com/wp-content/uploads/2021/06/lbt-cmt/thumbs/little-big-town-step-out-for-the-cmt-awards-02.jpg
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
tlb.hwcdn.net
Software
/
Resource Hash
1b6a1dfd7ef53f1f53eca58b568521540eba3a64849aec9754020bed71b8b44d

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:30 GMT
Last-Modified
Thu, 10 Jun 2021 00:12:01 GMT
ETag
"1623283921"
X-HW
1623284550.dop202.fr8.t,1623284550.cds127.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=604530
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
4024
little-big-town-step-out-for-the-cmt-awards-03.jpg
cdn01.cdn.justjared.com/wp-content/uploads/2021/06/lbt-cmt/thumbs/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn01.cdn.justjared.com/wp-content/uploads/2021/06/lbt-cmt/thumbs/little-big-town-step-out-for-the-cmt-awards-03.jpg
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
tlb.hwcdn.net
Software
/
Resource Hash
8daf7c4ed794b0b378c601fe12d72033585f350d780fc76bae98e8f38e8b8f82

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:30 GMT
Last-Modified
Thu, 10 Jun 2021 00:12:01 GMT
ETag
"1623283921"
X-HW
1623284550.dop235.fr8.t,1623284550.cds237.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=604529
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
4508
little-big-town-step-out-for-the-cmt-awards-04.jpg
cdn02.cdn.justjared.com/wp-content/uploads/2021/06/lbt-cmt/thumbs/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn02.cdn.justjared.com/wp-content/uploads/2021/06/lbt-cmt/thumbs/little-big-town-step-out-for-the-cmt-awards-04.jpg
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.10 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
ccffb3d568c9b420f05e8a4d5bd33fa23bed2eba1dae2e67f400ea13e0feadc5

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:30 GMT
Last-Modified
Thu, 10 Jun 2021 00:12:01 GMT
ETag
"1623283921"
X-HW
1623284550.dop224.fr8.t,1623284550.cds214.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=604530
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
4205
little-big-town-step-out-for-the-cmt-awards-05.jpg
cdn03.cdn.justjared.com/wp-content/uploads/2021/06/lbt-cmt/thumbs/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn03.cdn.justjared.com/wp-content/uploads/2021/06/lbt-cmt/thumbs/little-big-town-step-out-for-the-cmt-awards-05.jpg
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
tlb.hwcdn.net
Software
/
Resource Hash
bf7a1a088786e44d4f09bd052851d3f39f34cf3aef2a6c9353cac1500a77ee65

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:30 GMT
Last-Modified
Thu, 10 Jun 2021 00:12:01 GMT
ETag
"1623283921"
X-HW
1623284550.dop235.fr8.t,1623284550.cds127.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=604530
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
4818
morebar.gif
cdn04.cdn.justjared.com/wp-content/themes/default/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn04.cdn.justjared.com/wp-content/themes/default/images/morebar.gif
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
c499ce33b2a130245a2e37676df8c9197b81c23c90015c00d36aa7d827e5dce2

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:30 GMT
Last-Modified
Tue, 08 Jun 2021 16:29:02 GMT
Server
nginx
ETag
"60bf9ace-9d2"
X-HW
1623284550.dop223.fr8.t,1623284550.cds064.fr8.c
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
2514
mickey-guyton-gladys-knight-cmt-awards-red-carpet.jpg
cdn01.cdn.justjared.com/wp-content/uploads/headlines/2021/06/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn01.cdn.justjared.com/wp-content/uploads/headlines/2021/06/mickey-guyton-gladys-knight-cmt-awards-red-carpet.jpg
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
tlb.hwcdn.net
Software
/
Resource Hash
e1f3ed7e09b0a37d9b832f730bd1341009bb0ddb748f29829b7fb0674175fbc8

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:30 GMT
Last-Modified
Thu, 10 Jun 2021 00:05:02 GMT
ETag
"1623283502"
X-HW
1623284550.dop223.fr8.t,1623284550.cds165.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=604038
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
45699
mickey-guyton-gladys-knight-cmt-awards-red-carpet-01.jpg
cdn02.cdn.justjared.com/wp-content/uploads/2021/06/mickey-cmt/thumbs/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn02.cdn.justjared.com/wp-content/uploads/2021/06/mickey-cmt/thumbs/mickey-guyton-gladys-knight-cmt-awards-red-carpet-01.jpg
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.10 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
b50836ef88b58e78151f63895b7c478c270b9fd57bc86c41243a757678693440

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:30 GMT
Last-Modified
Thu, 10 Jun 2021 00:05:01 GMT
ETag
"1623283501"
X-HW
1623284550.dop019.fr8.t,1623284550.cds286.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=604040
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
3817
mickey-guyton-gladys-knight-cmt-awards-red-carpet-02.jpg
cdn03.cdn.justjared.com/wp-content/uploads/2021/06/mickey-cmt/thumbs/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn03.cdn.justjared.com/wp-content/uploads/2021/06/mickey-cmt/thumbs/mickey-guyton-gladys-knight-cmt-awards-red-carpet-02.jpg
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
tlb.hwcdn.net
Software
/
Resource Hash
3613cc14c86a302e6123102daddf621174e9442a82f5aebbff8cc63d768ff90e

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:30 GMT
Last-Modified
Thu, 10 Jun 2021 00:05:01 GMT
ETag
"1623283501"
X-HW
1623284550.dop235.fr8.t,1623284550.cds015.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=604041
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
3822
mickey-guyton-gladys-knight-cmt-awards-red-carpet-03.jpg
cdn04.cdn.justjared.com/wp-content/uploads/2021/06/mickey-cmt/thumbs/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn04.cdn.justjared.com/wp-content/uploads/2021/06/mickey-cmt/thumbs/mickey-guyton-gladys-knight-cmt-awards-red-carpet-03.jpg
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
tlb.hwcdn.net
Software
/
Resource Hash
6b5600aee676958ae62273fbaf8b9738ab097c7caf144bdca2c3f1a22d066a18

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:30 GMT
Last-Modified
Thu, 10 Jun 2021 00:05:01 GMT
ETag
"1623283501"
X-HW
1623284550.dop142.fr8.t,1623284550.cds228.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=604040
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
3780
mickey-guyton-gladys-knight-cmt-awards-red-carpet-04.jpg
cdn01.cdn.justjared.com/wp-content/uploads/2021/06/mickey-cmt/thumbs/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn01.cdn.justjared.com/wp-content/uploads/2021/06/mickey-cmt/thumbs/mickey-guyton-gladys-knight-cmt-awards-red-carpet-04.jpg
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
tlb.hwcdn.net
Software
/
Resource Hash
bbf7d5f3c51524a743ef6e4208db936c8d47720d7658c98ae6a446a772bb2aaf

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:30 GMT
Last-Modified
Thu, 10 Jun 2021 00:05:01 GMT
ETag
"1623283501"
X-HW
1623284550.dop236.fr8.t,1623284550.cds225.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=604040
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
3987
mickey-guyton-gladys-knight-cmt-awards-red-carpet-05.jpg
cdn02.cdn.justjared.com/wp-content/uploads/2021/06/mickey-cmt/thumbs/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn02.cdn.justjared.com/wp-content/uploads/2021/06/mickey-cmt/thumbs/mickey-guyton-gladys-knight-cmt-awards-red-carpet-05.jpg
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.10 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
94fc677e12759a4ff807d8b0939a719f0a978a41386348b63cbcd1ff8df9d4cd

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:30 GMT
Last-Modified
Thu, 10 Jun 2021 00:05:01 GMT
ETag
"1623283501"
X-HW
1623284550.dop154.fr8.t,1623284550.cds011.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=604040
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
4016
lady-a-brightens-up-red-carpet-at-cmt-awards.jpg
cdn03.cdn.justjared.com/wp-content/uploads/headlines/2021/06/ 		122 KB
123 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn03.cdn.justjared.com/wp-content/uploads/headlines/2021/06/lady-a-brightens-up-red-carpet-at-cmt-awards.jpg
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
tlb.hwcdn.net
Software
/
Resource Hash
7469aebd27c020ddb4e40d58fc2d32536e1a1c23802039426328c4df8494ecc0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:30 GMT
Last-Modified
Wed, 09 Jun 2021 23:50:48 GMT
ETag
"1623282648"
X-HW
1623284550.dop202.fr8.t,1623284550.cds130.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=603396
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
125325
lady-a-brightens-up-red-carpet-at-cmt-awards-01.jpg
cdn04.cdn.justjared.com/wp-content/uploads/2021/06/lady-a-colors/thumbs/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn04.cdn.justjared.com/wp-content/uploads/2021/06/lady-a-colors/thumbs/lady-a-brightens-up-red-carpet-at-cmt-awards-01.jpg
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
tlb.hwcdn.net
Software
/
Resource Hash
2629fc7347f82a42995da8e54b28567c1838b66f0663c92d058cf14114efe534

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:30 GMT
Last-Modified
Wed, 09 Jun 2021 23:50:45 GMT
ETag
"1623282645"
X-HW
1623284550.dop223.fr8.t,1623284550.cds248.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=603476
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
5067
lady-a-brightens-up-red-carpet-at-cmt-awards-02.jpg
cdn01.cdn.justjared.com/wp-content/uploads/2021/06/lady-a-colors/thumbs/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn01.cdn.justjared.com/wp-content/uploads/2021/06/lady-a-colors/thumbs/lady-a-brightens-up-red-carpet-at-cmt-awards-02.jpg
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
tlb.hwcdn.net
Software
/
Resource Hash
f01de67e61cc8fd53112b8636ffb1d84f5b293b8b866900fd818235ea56df2a3

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:30 GMT
Last-Modified
Wed, 09 Jun 2021 23:50:45 GMT
ETag
"1623282645"
X-HW
1623284550.dop236.fr8.t,1623284550.cds108.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=603476
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
4885
lady-a-brightens-up-red-carpet-at-cmt-awards-03.jpg
cdn02.cdn.justjared.com/wp-content/uploads/2021/06/lady-a-colors/thumbs/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn02.cdn.justjared.com/wp-content/uploads/2021/06/lady-a-colors/thumbs/lady-a-brightens-up-red-carpet-at-cmt-awards-03.jpg
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.10 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
d05210ec7272a11872150a17e08935aa61052df4a11ed2525a474ddcc950ae27

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:30 GMT
Last-Modified
Wed, 09 Jun 2021 23:50:45 GMT
ETag
"1623282645"
X-HW
1623284550.dop154.fr8.t,1623284550.cds127.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=603476
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
4951
lady-a-brightens-up-red-carpet-at-cmt-awards-04.jpg
cdn03.cdn.justjared.com/wp-content/uploads/2021/06/lady-a-colors/thumbs/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn03.cdn.justjared.com/wp-content/uploads/2021/06/lady-a-colors/thumbs/lady-a-brightens-up-red-carpet-at-cmt-awards-04.jpg
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
tlb.hwcdn.net
Software
/
Resource Hash
21128c3efad2be6d3fd0f9d6353b151b6929b8485788bd26da6d35eba65eff85

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:30 GMT
Last-Modified
Wed, 09 Jun 2021 23:50:45 GMT
ETag
"1623282645"
X-HW
1623284550.dop235.fr8.t,1623284550.cds145.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=603476
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
5026
lady-a-brightens-up-red-carpet-at-cmt-awards-05.jpg
cdn04.cdn.justjared.com/wp-content/uploads/2021/06/lady-a-colors/thumbs/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn04.cdn.justjared.com/wp-content/uploads/2021/06/lady-a-colors/thumbs/lady-a-brightens-up-red-carpet-at-cmt-awards-05.jpg
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
tlb.hwcdn.net
Software
/
Resource Hash
0cc73e3604e2a59111d602e6bbe0dbd21f1744b38fc78b7eaec321ebdb2907f7

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:30 GMT
Last-Modified
Wed, 09 Jun 2021 23:50:46 GMT
ETag
"1623282646"
X-HW
1623284550.dop142.fr8.t,1623284550.cds053.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=603476
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
4889
jojo-siwa-mod.jpg
cdn01.cdn.justjared.com/wp-content/uploads/headlines/2021/06/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn01.cdn.justjared.com/wp-content/uploads/headlines/2021/06/jojo-siwa-mod.jpg
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
tlb.hwcdn.net
Software
/
Resource Hash
6da7ccdbf9d1666df4d2de4b79578c7b2bd7cf540b7d260710a240dde103db80

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:30 GMT
Last-Modified
Fri, 04 Jun 2021 07:43:21 GMT
ETag
"1622792601"
X-HW
1623284550.dop235.fr8.t,1623284550.cds246.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=112990
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
20985
tmz.gif
cdn02.cdn.justjared.com/wp-content/themes/default/images/featured/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn02.cdn.justjared.com/wp-content/themes/default/images/featured/tmz.gif
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.10 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
336235bd83543a7c33fc68f80b234b0e21b109ea9a3a056f5064be394a35386b

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:30 GMT
Last-Modified
Tue, 08 Jun 2021 16:29:02 GMT
Server
nginx
ETag
"60bf9ace-a0b"
X-HW
1623284550.dop019.fr8.t,1623284550.cds213.fr8.c
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
2571
thomas-rhett-arrives-solo-cmt-awards.jpg
cdn03.cdn.justjared.com/wp-content/uploads/headlines/2021/06/ 		92 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn03.cdn.justjared.com/wp-content/uploads/headlines/2021/06/thomas-rhett-arrives-solo-cmt-awards.jpg
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
tlb.hwcdn.net
Software
/
Resource Hash
02050300780e6994c47fe3f944bc51e3a5d787035030981af5ea662172336fd9

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:30 GMT
Last-Modified
Wed, 09 Jun 2021 23:41:53 GMT
ETag
"1623282113"
X-HW
1623284550.dop201.fr8.t,1623284550.cds215.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=602557
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
94344
thomas-rhett-arrives-solo-cmt-awards-01.jpg
cdn04.cdn.justjared.com/wp-content/uploads/2021/06/rhett-solo/thumbs/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn04.cdn.justjared.com/wp-content/uploads/2021/06/rhett-solo/thumbs/thomas-rhett-arrives-solo-cmt-awards-01.jpg
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
tlb.hwcdn.net
Software
/
Resource Hash
7f33a1fdceb5d9775534fc94fd84f8d0b4ce045f389476680512df4d22bb0f12

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:30 GMT
Last-Modified
Wed, 09 Jun 2021 23:41:50 GMT
ETag
"1623282110"
X-HW
1623284550.dop223.fr8.t,1623284550.cds218.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=602557
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
3616
thomas-rhett-arrives-solo-cmt-awards-02.jpg
cdn01.cdn.justjared.com/wp-content/uploads/2021/06/rhett-solo/thumbs/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn01.cdn.justjared.com/wp-content/uploads/2021/06/rhett-solo/thumbs/thomas-rhett-arrives-solo-cmt-awards-02.jpg
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
tlb.hwcdn.net
Software
/
Resource Hash
e08b363ca703656b7a31c71270d58fe37b0e8edfe2b581adf59f3cfda4bd86bb

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:30 GMT
Last-Modified
Wed, 09 Jun 2021 23:41:50 GMT
ETag
"1623282110"
X-HW
1623284550.dop236.fr8.t,1623284550.cds018.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=602557
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
4016
thomas-rhett-arrives-solo-cmt-awards-03.jpg
cdn02.cdn.justjared.com/wp-content/uploads/2021/06/rhett-solo/thumbs/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn02.cdn.justjared.com/wp-content/uploads/2021/06/rhett-solo/thumbs/thomas-rhett-arrives-solo-cmt-awards-03.jpg
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.10 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
d210cd0f02c4eb3c200ff32c9d223c4422949783272d0f092eead584c8ea0993

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:30 GMT
Last-Modified
Wed, 09 Jun 2021 23:41:50 GMT
ETag
"1623282110"
X-HW
1623284550.dop203.fr8.t,1623284550.cds004.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=602557
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
4093
thomas-rhett-arrives-solo-cmt-awards-04.jpg
cdn03.cdn.justjared.com/wp-content/uploads/2021/06/rhett-solo/thumbs/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn03.cdn.justjared.com/wp-content/uploads/2021/06/rhett-solo/thumbs/thomas-rhett-arrives-solo-cmt-awards-04.jpg
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
tlb.hwcdn.net
Software
/
Resource Hash
c1e487e44b8b2f105c31c000e8f29cf427da6e1e638ffd5007f7719328055eeb

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:30 GMT
Last-Modified
Wed, 09 Jun 2021 23:41:50 GMT
ETag
"1623282110"
X-HW
1623284550.dop235.fr8.t,1623284550.cds108.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=602557
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
4235
thomas-rhett-arrives-solo-cmt-awards-05.jpg
cdn04.cdn.justjared.com/wp-content/uploads/2021/06/rhett-solo/thumbs/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn04.cdn.justjared.com/wp-content/uploads/2021/06/rhett-solo/thumbs/thomas-rhett-arrives-solo-cmt-awards-05.jpg
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
tlb.hwcdn.net
Software
/
Resource Hash
323ea81b9ff5c91410966fb383641258dc6e254cb3357368f3993ff424d31f5d

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:30 GMT
Last-Modified
Wed, 09 Jun 2021 23:41:50 GMT
ETag
"1623282110"
X-HW
1623284550.dop142.fr8.t,1623284550.cds013.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=602557
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
4195
carly-pearce-lindsay-ell-tenille-arts-cmt-awards.jpg
cdn01.cdn.justjared.com/wp-content/uploads/headlines/2021/06/ 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn01.cdn.justjared.com/wp-content/uploads/headlines/2021/06/carly-pearce-lindsay-ell-tenille-arts-cmt-awards.jpg
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
tlb.hwcdn.net
Software
/
Resource Hash
15c6f028fc7bed8a2002555ab88fb36301567df75157c2ef7af4453c3e80bff1

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:30 GMT
Last-Modified
Wed, 09 Jun 2021 23:33:40 GMT
ETag
"1623281620"
X-HW
1623284550.dop235.fr8.t,1623284550.cds245.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=602278
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
49369
carly-pearce-lindsay-ell-tenille-arts-cmt-awards-01.jpg
cdn02.cdn.justjared.com/wp-content/uploads/2021/06/carly-cmt/thumbs/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn02.cdn.justjared.com/wp-content/uploads/2021/06/carly-cmt/thumbs/carly-pearce-lindsay-ell-tenille-arts-cmt-awards-01.jpg
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.10 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
fc0a6f4424f099c3b226a62a045f4ba5f1d80f08738ff58cc881371a7862ccd4

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:30 GMT
Last-Modified
Wed, 09 Jun 2021 23:33:38 GMT
ETag
"1623281618"
X-HW
1623284550.dop019.fr8.t,1623284550.cds291.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=602278
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
4200
carly-pearce-lindsay-ell-tenille-arts-cmt-awards-02.jpg
cdn03.cdn.justjared.com/wp-content/uploads/2021/06/carly-cmt/thumbs/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn03.cdn.justjared.com/wp-content/uploads/2021/06/carly-cmt/thumbs/carly-pearce-lindsay-ell-tenille-arts-cmt-awards-02.jpg
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
tlb.hwcdn.net
Software
/
Resource Hash
a0f20ea9cf6454114ad642cb1d979414a11e1d56c2664ab01ec1e5db30ef3ace

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:30 GMT
Last-Modified
Wed, 09 Jun 2021 23:33:38 GMT
ETag
"1623281618"
X-HW
1623284550.dop202.fr8.t,1623284550.cds289.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=602278
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
4032
carly-pearce-lindsay-ell-tenille-arts-cmt-awards-03.jpg
cdn04.cdn.justjared.com/wp-content/uploads/2021/06/carly-cmt/thumbs/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn04.cdn.justjared.com/wp-content/uploads/2021/06/carly-cmt/thumbs/carly-pearce-lindsay-ell-tenille-arts-cmt-awards-03.jpg
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
tlb.hwcdn.net
Software
/
Resource Hash
a49f4d8fadea490054eb1092442ed11701616ec3049199aea3504fd694e1a0e6

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:30 GMT
Last-Modified
Wed, 09 Jun 2021 23:33:38 GMT
ETag
"1623281618"
X-HW
1623284550.dop223.fr8.t,1623284550.cds109.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=602278
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
4168
carly-pearce-lindsay-ell-tenille-arts-cmt-awards-04.jpg
cdn01.cdn.justjared.com/wp-content/uploads/2021/06/carly-cmt/thumbs/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn01.cdn.justjared.com/wp-content/uploads/2021/06/carly-cmt/thumbs/carly-pearce-lindsay-ell-tenille-arts-cmt-awards-04.jpg
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
tlb.hwcdn.net
Software
/
Resource Hash
e2923098d7ce3a0e918ad52d744372d02b13498fd6ca6540fb881d0cfffcba10

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:30 GMT
Last-Modified
Wed, 09 Jun 2021 23:33:38 GMT
ETag
"1623281618"
X-HW
1623284550.dop236.fr8.t,1623284550.cds281.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=602278
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
3808
carly-pearce-lindsay-ell-tenille-arts-cmt-awards-05.jpg
cdn02.cdn.justjared.com/wp-content/uploads/2021/06/carly-cmt/thumbs/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn02.cdn.justjared.com/wp-content/uploads/2021/06/carly-cmt/thumbs/carly-pearce-lindsay-ell-tenille-arts-cmt-awards-05.jpg
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.10 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
5c53a8a2e98b1341eb6036cce0609193eee4a04e28c9b0c5e60291b41f8b7fc1

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:30 GMT
Last-Modified
Wed, 09 Jun 2021 23:33:38 GMT
ETag
"1623281618"
X-HW
1623284550.dop203.fr8.t,1623284550.cds128.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=602278
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
4360
posner-everest-links.jpg
cdn03.cdn.justjared.com/wp-content/uploads/headlines/2021/06/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn03.cdn.justjared.com/wp-content/uploads/headlines/2021/06/posner-everest-links.jpg
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
tlb.hwcdn.net
Software
/
Resource Hash
9dd5a9d5052c8f4eb1125b94f04e48a1a89fe3f8b7a27a73b0d3962922bf049a

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:30 GMT
Last-Modified
Wed, 09 Jun 2021 06:22:03 GMT
ETag
"1623219723"
X-HW
1623284550.dop235.fr8.t,1623284550.cds258.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=539999
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
36589
maya-erskine-anna-kronkle-pregnant-together.jpg
cdn04.cdn.justjared.com/wp-content/uploads/headlines/2021/06/ 		80 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn04.cdn.justjared.com/wp-content/uploads/headlines/2021/06/maya-erskine-anna-kronkle-pregnant-together.jpg
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
tlb.hwcdn.net
Software
/
Resource Hash
ce7a06aab85be0d13838baab4aba2530e041c774b93ced51a5a83227cb83c3c7

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:30 GMT
Last-Modified
Wed, 09 Jun 2021 22:55:04 GMT
ETag
"1623279304"
X-HW
1623284550.dop142.fr8.t,1623284550.cds164.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=601111
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
82097
kane-brown-wife-katelyn-cmt-music-awards.jpg
cdn01.cdn.justjared.com/wp-content/uploads/headlines/2021/06/ 		110 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn01.cdn.justjared.com/wp-content/uploads/headlines/2021/06/kane-brown-wife-katelyn-cmt-music-awards.jpg
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
tlb.hwcdn.net
Software
/
Resource Hash
1677ee1b31b47635a448144c8a81b4c5d1835fadcaab9a6c3daf6c3134bc4278

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:30 GMT
Last-Modified
Wed, 09 Jun 2021 23:15:09 GMT
ETag
"1623280509"
X-HW
1623284550.dop223.fr8.t,1623284550.cds129.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=601111
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
112368
kane-brown-wife-katelyn-cmt-music-awards-01.jpg
cdn02.cdn.justjared.com/wp-content/uploads/2021/06/brown-carpet/thumbs/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn02.cdn.justjared.com/wp-content/uploads/2021/06/brown-carpet/thumbs/kane-brown-wife-katelyn-cmt-music-awards-01.jpg
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.10 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
3cca9f17d14d725b3ea07b4e2561e53dea9e66c124e1032167ff8bfca2fd3b21

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:30 GMT
Last-Modified
Wed, 09 Jun 2021 23:14:36 GMT
ETag
"1623280476"
X-HW
1623284550.dop019.fr8.t,1623284550.cds286.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=601111
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
4045
kane-brown-wife-katelyn-cmt-music-awards-02.jpg
cdn03.cdn.justjared.com/wp-content/uploads/2021/06/brown-carpet/thumbs/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn03.cdn.justjared.com/wp-content/uploads/2021/06/brown-carpet/thumbs/kane-brown-wife-katelyn-cmt-music-awards-02.jpg
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
tlb.hwcdn.net
Software
/
Resource Hash
11f6326c7a1032c3ac85291537cac3bad5d2d9c67f782dee97ce1028b8f789ab

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:30 GMT
Last-Modified
Wed, 09 Jun 2021 23:14:36 GMT
ETag
"1623280476"
X-HW
1623284550.dop202.fr8.t,1623284550.cds233.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=601111
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
4117
kane-brown-wife-katelyn-cmt-music-awards-03.jpg
cdn04.cdn.justjared.com/wp-content/uploads/2021/06/brown-carpet/thumbs/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn04.cdn.justjared.com/wp-content/uploads/2021/06/brown-carpet/thumbs/kane-brown-wife-katelyn-cmt-music-awards-03.jpg
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
tlb.hwcdn.net
Software
/
Resource Hash
10e6a052296ced51fb4bfd0013fdd1591f8edc520fe90c96190f95315c23b33a

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:30 GMT
Last-Modified
Wed, 09 Jun 2021 23:14:36 GMT
ETag
"1623280476"
X-HW
1623284550.dop223.fr8.t,1623284550.cds109.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=601111
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
4232
kane-brown-wife-katelyn-cmt-music-awards-04.jpg
cdn01.cdn.justjared.com/wp-content/uploads/2021/06/brown-carpet/thumbs/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn01.cdn.justjared.com/wp-content/uploads/2021/06/brown-carpet/thumbs/kane-brown-wife-katelyn-cmt-music-awards-04.jpg
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
tlb.hwcdn.net
Software
/
Resource Hash
b6025a4fcefa0b8608fb06afedce99f6c842fb1d67177e771eba9748c8e489fa

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:30 GMT
Last-Modified
Wed, 09 Jun 2021 23:14:36 GMT
ETag
"1623280476"
X-HW
1623284550.dop236.fr8.t,1623284550.cds280.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=601111
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
3580
kane-brown-wife-katelyn-cmt-music-awards-05.jpg
cdn02.cdn.justjared.com/wp-content/uploads/2021/06/brown-carpet/thumbs/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn02.cdn.justjared.com/wp-content/uploads/2021/06/brown-carpet/thumbs/kane-brown-wife-katelyn-cmt-music-awards-05.jpg
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.10 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
6ca9c6777086d4cf13e7f288aeae7749e4efcc48aedc9f1f726e8c3536a2854a

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:30 GMT
Last-Modified
Wed, 09 Jun 2021 23:14:36 GMT
ETag
"1623280476"
X-HW
1623284550.dop203.fr8.t,1623284550.cds277.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=601111
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
4501
jjjr_logo_featured.gif
cdn03.cdn.justjared.com/wp-content/uploads/sidebar/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn03.cdn.justjared.com/wp-content/uploads/sidebar/jjjr_logo_featured.gif
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
tlb.hwcdn.net
Software
/
Resource Hash
058edf53f777d5ee4e6e2003b6b095430e234c6cbf6984cf3ea6cde06d949353

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:30 GMT
Last-Modified
Thu, 18 Apr 2019 15:43:03 GMT
ETag
"1555602183"
X-HW
1623284550.dop201.fr8.t,1623284550.cds201.fr8.c
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=173683
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
5311
sadie-sink-stars-in-fear-street-film-trilogy-trailer-watch-now.jpg
cdn01.cdn.justjaredjr.com/wp-content/uploads/headlines/2021/06/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn01.cdn.justjaredjr.com/wp-content/uploads/headlines/2021/06/sadie-sink-stars-in-fear-street-film-trilogy-trailer-watch-now.jpg
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.10 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
23e0bfaf8050b6d8c737ce4b83c04a828fa6c93df0128580701ff76837eac129

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:30 GMT
Last-Modified
Wed, 09 Jun 2021 22:43:43 GMT
ETag
"1623278623"
X-HW
1623284550.dop234.fr8.t,1623284550.cds270.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
46949
miranda-cosgrove-recreates-iconic-meme-in-new-icarly-opening-theme-song.jpg
cdn02.cdn.justjaredjr.com/wp-content/uploads/headlines/2021/06/ 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn02.cdn.justjaredjr.com/wp-content/uploads/headlines/2021/06/miranda-cosgrove-recreates-iconic-meme-in-new-icarly-opening-theme-song.jpg
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.10 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
a2dc66b52f38698dd05b7a5a9a1b7a5c9c47a1c9d3dcd80a5381aa2ff6899d7e

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:30 GMT
Last-Modified
Wed, 09 Jun 2021 22:06:59 GMT
ETag
"1623276419"
X-HW
1623284550.dop234.fr8.t,1623284550.cds287.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
68236
the-bold-type-adds-a-nod-to-melora-hardins-past-tv-work-into-tonights-episode.jpg
cdn03.cdn.justjaredjr.com/wp-content/uploads/headlines/2021/06/ 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn03.cdn.justjaredjr.com/wp-content/uploads/headlines/2021/06/the-bold-type-adds-a-nod-to-melora-hardins-past-tv-work-into-tonights-episode.jpg
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.10 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
46ec1c0e1ab2b8dbad8d5e5a89623be23c5ed0143de6e770d457a877f7a683d5

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:30 GMT
Last-Modified
Wed, 09 Jun 2021 20:18:08 GMT
ETag
"1623269888"
X-HW
1623284550.dop235.fr8.t,1623284550.cds167.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
53608
tmz_footer.gif
cdn04.cdn.justjared.com/wp-content/themes/default/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn04.cdn.justjared.com/wp-content/themes/default/images/tmz_footer.gif
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
a55b9272dbfcad8f1c9a7a747b437205c888c8a8b172e35b97880dd129ce4a73

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:30 GMT
Last-Modified
Tue, 08 Jun 2021 16:29:02 GMT
Server
nginx
ETag
"60bf9ace-a39"
X-HW
1623284550.dop223.fr8.t,1623284550.cds064.fr8.c
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
2617
toofab_footer2.gif
cdn01.cdn.justjared.com/wp-content/themes/default/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn01.cdn.justjared.com/wp-content/themes/default/images/toofab_footer2.gif
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
a3ca410e2b8bfa703696c31cf30e1ba7009e8f7e13795ed2f024c27af0c27ef8

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:30 GMT
Last-Modified
Tue, 08 Jun 2021 16:29:02 GMT
Server
nginx
ETag
"60bf9ace-a24"
X-HW
1623284550.dop235.fr8.t,1623284550.cds222.fr8.c
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
2596
jj-circle-logo-new.gif
cdn02.cdn.justjared.com/wp-content/themes/default/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn02.cdn.justjared.com/wp-content/themes/default/images/jj-circle-logo-new.gif
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.10 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
ce228fe909a2d596d995ef8c95991d201dcb87527814d7037b1d07355fa2c257

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:31 GMT
Last-Modified
Tue, 08 Jun 2021 16:29:02 GMT
Server
nginx
ETag
"60bf9ace-7ff"
X-HW
1623284551.dop019.fr8.t,1623284551.cds281.fr8.c
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
2047
jr-circle-logo.gif
cdn03.cdn.justjared.com/wp-content/themes/default/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn03.cdn.justjared.com/wp-content/themes/default/images/jr-circle-logo.gif
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
8eaa3be9055370c233d3df6b3bf088768915c503748caf2cff104298afee9934

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:31 GMT
Last-Modified
Tue, 08 Jun 2021 16:29:02 GMT
Server
nginx
ETag
"60bf9ace-5f6"
X-HW
1623284551.dop202.fr8.t,1623284551.cds290.fr8.c
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
1526
93029X1547060.skimlinks.js
s.skimresources.com/js/ 		55 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.skimresources.com/js/93029X1547060.skimlinks.js
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
708df3aeb30e06153a1d6d797aeae9c15043a2b5d812c5509cc82cbfd03b8972

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:30 GMT
content-encoding
gzip
last-modified
Wed, 17 Mar 2021 12:07:22 GMT
server
AmazonS3
x-amz-request-id
1WDP0SNGFNX1NAPQ
etag
"713a060f855542cda7b08368aeda7239"
x-hw
1623284550.cds167.fr8.hn,1623284550.cds229.fr8.c
content-type
application/octet-stream
cache-control
max-age=3600
accept-ranges
bytes
content-length
20509
x-amz-id-2
4VSkxMf2bmb5fVZcitNKnMQ4nyAMllYdqTdqxy+hGMq6CPD6skCT5YR/QDhOsHJS9iTLyPOFYfk=
native-message
cdn.privacy-mgmt.com/wrapper/tcfv2/v1/gdpr/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/wrapper/tcfv2/v1/gdpr/native-message?requestUUID=202a1aa7-62bd-4755-9907-551ecc5da5ad&hasCsp=true&env=prod&consentLanguage=browserDefault&body=%7B%22accountId%22%3A1247%2C%22requestUUID%22%3A%22202a1aa7-62bd-4755-9907-551ecc5da5ad%22%2C%22propertyHref%22%3A%22http%3A%2F%2Fwww.justjared.com%2F%22%2C%22euconsent%22%3Anull%2C%22authId%22%3Anull%2C%22meta%22%3A%22%7B%5C%22mmsCookies%5C%22%3A%5B%5D%2C%5C%22resolved%5C%22%3Anull%7D%22%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fcdn.privacy-mgmt.com%22%2C%22targetingParams%22%3A%22%7B%5C%22type%5C%22%3A%5C%22GDPR%5C%22%7D%22%2C%22campaignEnv%22%3A%22prod%22%2C%22pubData%22%3A%7B%7D%7D
Protocol
H2
Server
52.222.174.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-174-106.cdg50.r.cloudfront.net
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
http://www.justjared.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
text/plain; charset=utf-8
content-length
2
date
Thu, 10 Jun 2021 00:22:30 GMT
x-powered-by
Express
access-control-allow-origin
http://www.justjared.com
access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods
GET, PUT, POST, DELETE
cache-control
no-cache, no-store
vary
Accept-Encoding
x-cache
Miss from cloudfront
via
1.1 44c2a31e0ccb10df901e3de0c99e9ad7.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-P2
x-amz-cf-id
fl5DdKxuRK6kkD7SSsiHksVdXzPplGRP03ef5T0MnGcs7ANISvMifA==
beacon.js
b.scorecardresearch.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://b.scorecardresearch.com/beacon.js
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
52.222.174.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-174-42.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
Date
Thu, 10 Jun 2021 00:06:45 GMT
Via
1.1 7fbc1adfbf55c351343006ea853f668b.cloudfront.net (CloudFront)
Last-Modified
Fri, 26 Feb 2021 14:35:05 GMT
Server
AmazonS3
Age
948
ETag
"1827f116c73f319409b97f10b8a58ade"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
X-Amz-Cf-Pop
CDG50-P2
Accept-Ranges
bytes
Content-Length
1469
X-Amz-Cf-Id
y9ZHYJi0B9DOHlHHrEi4kgQhMzXe2OpsnPsuuJBgLK6CA_b--CZqig==
quant.js
edge.quantserve.com/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://edge.quantserve.com/quant.js
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:31 GMT
Content-Encoding
gzip
Etag
"WhyxmPkT7L77qVDcrjxwGw=="
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
private, max-age=604800
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Accept-Ranges
bytes
Expires
Thu, 17 Jun 2021 00:22:31 GMT
native-message
cdn.privacy-mgmt.com/wrapper/tcfv2/v1/gdpr/ 		509 KB
24 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy-mgmt.com/wrapper/tcfv2/v1/gdpr/native-message?requestUUID=202a1aa7-62bd-4755-9907-551ecc5da5ad&hasCsp=true&env=prod&consentLanguage=browserDefault&body=%7B%22accountId%22%3A1247%2C%22requestUUID%22%3A%22202a1aa7-62bd-4755-9907-551ecc5da5ad%22%2C%22propertyHref%22%3A%22http%3A%2F%2Fwww.justjared.com%2F%22%2C%22euconsent%22%3Anull%2C%22authId%22%3Anull%2C%22meta%22%3A%22%7B%5C%22mmsCookies%5C%22%3A%5B%5D%2C%5C%22resolved%5C%22%3Anull%7D%22%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fcdn.privacy-mgmt.com%22%2C%22targetingParams%22%3A%22%7B%5C%22type%5C%22%3A%5C%22GDPR%5C%22%7D%22%2C%22campaignEnv%22%3A%22prod%22%2C%22pubData%22%3A%7B%7D%7D
Requested by
Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/wrapperMessagingWithoutDetection.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.174.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-174-106.cdg50.r.cloudfront.net
Software
/ Express
Resource Hash
0544aba21173bcaae55abd61a1b928c9b8406eea1d1f12beb29a84dbdc59def2

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 10 Jun 2021 00:22:30 GMT
content-encoding
gzip
x-amz-cf-pop
CDG50-P2
x-powered-by
Express
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
http://www.justjared.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-cache
Miss from cloudfront
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id
eGsgrJCYTLpDIM5n-c5JtgBxnVj5wfakfMmWvGLZCVqRdORBqW9mlg==
via
1.1 44c2a31e0ccb10df901e3de0c99e9ad7.cloudfront.net (CloudFront)
get_site_data
message.sp-prod.net/mms/ 		198 B
432 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://message.sp-prod.net/mms/get_site_data?requestUUID=0130254f-42bf-400c-bc96-337d90d66d39&account_id=1247&href=http%3A%2F%2Fwww.justjared.com%2F
Requested by
Host: ccpa.sp-prod.net
URL: https://ccpa.sp-prod.net/ccpa.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.163.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-163-197.eu-central-1.compute.amazonaws.com
Software
Jetty(9.4.2.v20170220) /
Resource Hash
a73e34e986dddc00d9e0f27047c88d78aabf6b01387183571d499fcbc8c78d69

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:30 GMT
x-sp-mms-node
mms-asm.node.fra.consul
server
Jetty(9.4.2.v20170220)
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
http://www.justjared.com
cache-control
max-age=2592000
access-control-allow-credentials
true
services.js
js.gumgum.com/ 		98 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.gumgum.com/services.js
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-69.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
02c6619a43bc679d2d881e6660f49c1f21380e992d2d29513274993202ba150e

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
._NUrt_ikha8blXY.5VNGQDb39YChoUg
content-encoding
gzip
etag
W/"a948d11d400b33614c018ca2670be4bc"
age
10810
x-cache
Hit from cloudfront
x-amz-meta-timing-allow-origin
*
x-amz-meta-access-control-allow-origin
*
last-modified
Mon, 07 Jun 2021 20:11:01 GMT
server
AmazonS3
date
Wed, 09 Jun 2021 21:22:23 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
okGK78_MhSmGdcUg74b-7Ids3prnji65qAb-RErscwHKqewjIW4Esg==
widgets.js
platform.twitter.com/ 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6712) /
Resource Hash
a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:31 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Apr 2021 17:57:32 GMT
Server
ECS (frb/6712)
Age
184
Etag
"9eb59e5602fef4b3ebf6090856ff21db+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
28779
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.4.2/ 		70 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
Requested by
Host: www.google.com
URL: http://www.google.com/jsapi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 19:58:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
102257
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24715
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jun 2022 19:58:14 GMT
main.js
d188m5xxcpvuue.cloudfront.net/justjared/ 		223 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://d188m5xxcpvuue.cloudfront.net/justjared/main.js
Requested by
Host: tradecraft.s.llnwi.net
URL: http://tradecraft.s.llnwi.net/v1/pub/01/jjh.js
Protocol
HTTP/1.1
Server
2600:9000:218d:1e00:0:bed9:b980:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3c0fef7c6558b2d0244228980559d778d8b69aab9f81ba102395c8dcc074cc

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
fO4atbTPXoaJ1sL9PrzAQswYGRe4WzbV
Content-Encoding
gzip
ETag
W/"a8f44721514b64671796f4a0a57f4dd1"
Age
2325
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
x-amz-replication-status
PENDING
Connection
keep-alive
Last-Modified
Wed, 09 Jun 2021 18:43:42 GMT
Server
AmazonS3
Date
Wed, 09 Jun 2021 23:46:15 GMT
Vary
Accept-Encoding
Content-Type
application/x-javascript
Via
1.1 04a0003b41de711e6a8b7432e24f89a5.cloudfront.net (CloudFront)
Cache-Control
max-age=3600
X-Amz-Cf-Pop
CDG50-P2
X-Amz-Cf-Id
pKM-DvyCZoD2TS7keRWSUP1iicob9Ua23TMOG8_QgtwFeQ48cxHRtw==
sdk.js
connect.facebook.net/en_US/
Redirect Chain
  • http://connect.facebook.net/en_US/sdk.js
  • https://connect.facebook.net/en_US/sdk.js
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a1da6246173632c0bb2f56b9ee26fd9bc6781eb07a380565b9009f8a5fe7a487
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
ob/JQRSa8Jj+LQAJ28cUog==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1780
x-fb-rlafr
0
x-fb-debug
4Y0UyDvIEEtbtruN6NrusUo6AzGM2khXjU9sV6+EWu1eVHx5QU7X+HuB9adfySCq0gkriyGPFn0f6nUvurbEwg==
x-fb-trip-id
686109401
x-fb-content-md5
eeab1f1c6ee19594856547716cdcc76e
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Thu, 10 Jun 2021 00:22:31 GMT
vary
Accept-Encoding
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"db1409734ab3d6a3f468e6a2e3144b24"
timing-allow-origin
*
priority
u=3,i
expires
Thu, 10 Jun 2021 00:35:16 GMT

Redirect headers

Location
https://connect.facebook.net/en_US/sdk.js#xfbml=1&version=v3.2&appId=145071315902360
Non-Authoritative-Reason
HSTS
50p_black.png
www.justjared.com/wp-content/themes/default/images/ 		132 B
537 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.justjared.com/wp-content/themes/default/images/50p_black.png
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/wp-content/themes/default/style.css?v=06072021
Protocol
HTTP/1.1
Server
69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
c7cfcde04f4d67f9a622885d416a95614e789602cc0f9007a4ce38e836f1078f

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.justjared.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://www.justjared.com/wp-content/themes/default/style.css?v=06072021
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.justjared.com/wp-content/themes/default/style.css?v=06072021
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:31 GMT
Last-Modified
Tue, 08 Jun 2021 16:29:02 GMT
Server
nginx
ETag
"60bf9ace-84"
X-HW
1623284550.dop232.fr8.t,1623284550.cds106.fr8.sc,1623284551.cds106.fr8.p
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
132
Expires
Thu, 17 Jun 2021 00:22:31 GMT
icon_morehere.gif
www.justjared.com/wp-content/themes/default/images/ 		504 B
910 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.justjared.com/wp-content/themes/default/images/icon_morehere.gif
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/wp-content/themes/default/style.css?v=06072021
Protocol
HTTP/1.1
Server
69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
70772a7a36ab39e1f8cc319770a5eea261d23326e087c878d390eca09963d83b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.justjared.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://www.justjared.com/wp-content/themes/default/style.css?v=06072021
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.justjared.com/wp-content/themes/default/style.css?v=06072021
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:31 GMT
Last-Modified
Tue, 08 Jun 2021 16:29:02 GMT
Server
nginx
ETag
"60bf9ace-1f8"
X-HW
1623284550.dop209.fr8.t,1623284550.cds238.fr8.sc,1623284551.cds238.fr8.p
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
504
Expires
Thu, 17 Jun 2021 00:22:31 GMT
blackbar.gif
www.justjared.com/wp-content/themes/default/images/ 		909 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.justjared.com/wp-content/themes/default/images/blackbar.gif
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/wp-content/themes/default/style.css?v=06072021
Protocol
HTTP/1.1
Server
69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
dc5a281743479dcc6f352b67e5219524b6153d1a73da652498a687e7aa16c81a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.justjared.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://www.justjared.com/wp-content/themes/default/style.css?v=06072021
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.justjared.com/wp-content/themes/default/style.css?v=06072021
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:31 GMT
Last-Modified
Tue, 08 Jun 2021 16:29:02 GMT
Server
nginx
ETag
"60bf9ace-38d"
X-HW
1623284551.dop161.fr8.t,1623284551.cds013.fr8.sc,1623284551.cds013.fr8.p
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
909
Expires
Thu, 17 Jun 2021 00:22:31 GMT
tag.min.js
get.s-onetag.com/7e8b2caf-3c72-4be6-9c44-36b91a473863/
Redirect Chain
  • http://get.s-onetag.com/7e8b2caf-3c72-4be6-9c44-36b91a473863/tag.min.js
  • https://get.s-onetag.com/7e8b2caf-3c72-4be6-9c44-36b91a473863/tag.min.js
35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/7e8b2caf-3c72-4be6-9c44-36b91a473863/tag.min.js
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.174.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-174-32.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
af32a26ee374d22f4c0d2a8f9e3a1168a79c589e347793082964816c120081c5

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Kogyr_8Yc3_VGfprXcQxpDOtGcKtQJqE
content-encoding
gzip
last-modified
Sun, 30 May 2021 13:14:39 GMT
server
AmazonS3
age
37162
etag
W/"52d87b4e36e0ea3e1914fa6d1294744a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 377eda51088ff7e8ba4d09b212e54946.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Wed, 09 Jun 2021 14:03:11 GMT
x-amz-cf-pop
CDG50-P1
x-amz-cf-id
tcA91X2D5RwuD77clEvmvI0hzS0Vvwton1VrWk5970tEGr1Q52C-JA==

Redirect headers

Date
Thu, 10 Jun 2021 00:22:32 GMT
Via
1.1 5321ce1f67b98139d1f43997aea9b44a.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
CDG50-P1
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://get.s-onetag.com/7e8b2caf-3c72-4be6-9c44-36b91a473863/tag.min.js
Connection
keep-alive
Content-Length
183
X-Amz-Cf-Id
Fov0x2W7dU-DrvmpUz6QcJIJWSveeUzP1LKV4vHdesr33ZpZZHIKmw==
21666_JustJared.js
ads.rubiconproject.com/prebid/ 		403 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ads.rubiconproject.com/prebid/21666_JustJared.js
Requested by
Host: tradecraft.s.llnwi.net
URL: http://tradecraft.s.llnwi.net/v1/pub/01/jjlib.js
Protocol
HTTP/1.1
Server
2.19.35.65 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-35-65.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6c48053cbfeab2800707c69fc0ebfb27739a4582a6dbcda6bd7e3f098bfe4d72

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 09 Jun 2021 17:51:17 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=4011
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
118143
Expires
Thu, 10 Jun 2021 01:29:23 GMT
pubads_impl_2021060301.js
securepubads.g.doubleclick.net/gpt/ 		312 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
d0b3850a417ef733c6acaff02a3311c7ce9a5b7ee55d2cd76d8c7f1f661bcb20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 03 Jun 2021 08:37:25 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112073
x-xss-protection
0
expires
Thu, 10 Jun 2021 00:22:30 GMT
/
r.skimresources.com/api/
Redirect Chain
  • https://r.skimresources.com/api/
  • https://r.skimresources.com/api/?xguid=01F7SMS3H7ETN84587F046JJD6&persistence=1&checksum=a340d0aaebca6013d9b090cc6be777caebaa49ca5279bba7191da2479dea205a
200 B
499 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.skimresources.com/api/?xguid=01F7SMS3H7ETN84587F046JJD6&persistence=1&checksum=a340d0aaebca6013d9b090cc6be777caebaa49ca5279bba7191da2479dea205a
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
101.59.190.35.bc.googleusercontent.com
Software
openresty/1.11.2.5 /
Resource Hash
1528e29e532e044bd6cccb9c85dfcfb0254f82afb7781244d41a5941c4d6850d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
openresty/1.11.2.5
strict-transport-security
max-age=31536000
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
http://www.justjared.com
vary
Accept-Encoding
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
via
1.1 google

Redirect headers

date
Thu, 10 Jun 2021 00:22:31 GMT
via
1.1 google
server
openresty/1.11.2.5
access-control-allow-origin
http://www.justjared.com
strict-transport-security
max-age=31536000
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://r.skimresources.com/api/?xguid=01F7SMS3H7ETN84587F046JJD6&persistence=1&checksum=a340d0aaebca6013d9b090cc6be777caebaa49ca5279bba7191da2479dea205a
access-control-allow-credentials
true
content-type
text/html
alt-svc
clear
content-length
193
robots.txt
t.skimresources.com/api/v2/ Frame BFEB 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.65127093553264
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:32 GMT
via
1.1 google
server
Python/3.7 aiohttp/3.5.4
alt-svc
clear
content-length
0
content-type
text/plain charset=UTF-8
px.gif
p.skimresources.com/ 		43 B
307 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://p.skimresources.com/px.gif?ch=1&rn=5.735826303703095
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:32 GMT
Via
1.1 google
Server
Skimlinks Pixel 1.0
P3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Length
43
Content-Type
image/gif
px.gif
p.skimresources.com/ 		43 B
307 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://p.skimresources.com/px.gif?ch=2&rn=5.735826303703095
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:32 GMT
Via
1.1 google
Server
Skimlinks Pixel 1.0
P3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Length
43
Content-Type
image/gif
message_url
message.sp-prod.net/mms/v2/ 		0
289 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://message.sp-prod.net/mms/v2/message_url?requestUUID=0130254f-42bf-400c-bc96-337d90d66d39&account_id=1247&abp=false&href=http%3A%2F%2Fwww.justjared.com%2F&consentUUID=undefined&loadedData=%5B%7B%22id%22%3A%22CONSENT%3Aendpoint%3Ahttps%3A%2F%2Fccpa-service.sp-prod.net%3A7443%22%2C%22result%22%3A%22%7B%5C%22hasConsentData%5C%22%3Afalse%2C%5C%22consentedToAny%5C%22%3Afalse%2C%5C%22consentedToAll%5C%22%3Afalse%2C%5C%22rejectedAny%5C%22%3Afalse%7D%22%7D%5D&stage_campaign=false&cookie=%5B%5D&t[type]=CCPA
Requested by
Host: ccpa.sp-prod.net
URL: https://ccpa.sp-prod.net/ccpa.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.163.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-163-197.eu-central-1.compute.amazonaws.com
Software
Jetty(9.4.2.v20170220) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:30 GMT
x-sp-mms-node
mms-asm.node.fra.consul
server
Jetty(9.4.2.v20170220)
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
http://www.justjared.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-sp-mms-env
1
content-length
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-86316-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
1310
date
Thu, 10 Jun 2021 00:00:41 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Thu, 10 Jun 2021 02:00:41 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Server
52.222.200.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-200-121.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 09 Jun 2021 10:05:50 GMT
Content-Encoding
gzip
Vary
Accept-Encoding,Origin
Age
51403
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Access-Control-Allow-Origin
*
Last-Modified
Wed, 07 Apr 2021 05:49:36 GMT
Server
AmazonS3
ETag
W/"a4d296427fc806b21335359e398c025c"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
x-amz-version-id
eEYYOb32LZFr6yGAi8hXG4401uAIPew2
Via
1.1 f4582372b9151740be645b6db921848f.cloudfront.net (CloudFront)
Cache-Control
public, max-age=86400
X-Amz-Cf-Pop
CDG50-P2
Content-Type
application/javascript
X-Amz-Cf-Id
NML7PJe573WTNpo3tlUdAMeAlG6w5x8U7ARYzhWOaGhb48fdjhBTgw==
display-dns
ccpa-service.sp-prod.net/ccpa/consent/7443/ 		0
0
display-dns
ccpa-service.sp-prod.net/ccpa/consent/7443/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ccpa-service.sp-prod.net/ccpa/consent/7443/display-dns?requestUUID=0130254f-42bf-400c-bc96-337d90d66d39
Protocol
H2
Server
34.238.106.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-106-121.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
http://www.justjared.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 10 Jun 2021 00:22:32 GMT
content-type
text/html; charset=utf-8
content-length
4
access-control-allow-origin
http://www.justjared.com
access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization
access-control-allow-methods
GET, PUT, POST, DELETE
cache-control
no-cache
allow
POST
rules-p-2bXhGE9g7fCno.js
rules.quantcount.com/
Redirect Chain
  • http://rules.quantcount.com/rules-p-2bXhGE9g7fCno.js
  • https://rules.quantcount.com/rules-p-2bXhGE9g7fCno.js
3 B
427 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-2bXhGE9g7fCno.js
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218d:600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 19:51:16 GMT
via
1.1 7aef920ed20c713960127526fa3a88f5.cloudfront.net (CloudFront)
age
16276
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
3
last-modified
Sat, 04 Mar 2017 19:48:44 GMT
server
AmazonS3
etag
"8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
CDG50-P2
accept-ranges
bytes
x-amz-cf-id
1i82lHqb41AKssuxZeI9nL2iZeSnBWVlsRKhys8IctbsAHAHnRkqnQ==

Redirect headers

Date
Thu, 10 Jun 2021 00:22:31 GMT
Via
1.1 6b4e2529be13169ec5ee4214df435dab.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
CDG50-P2
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://rules.quantcount.com/rules-p-2bXhGE9g7fCno.js
Connection
keep-alive
Content-Length
183
X-Amz-Cf-Id
XDnsN2k4O_DCFGEtFy_sJGbGmhq3ZcOt92XrU2tGvsoQfddq5n80CQ==
widget_iframe.06c6ee58c3810956b7509218508c7b56.html
platform.twitter.com/widgets/ Frame C182 		319 KB
103 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=http%3A%2F%2Fwww.justjared.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6723) /
Resource Hash
5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://www.justjared.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.justjared.com/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
534866
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Thu, 10 Jun 2021 00:22:31 GMT
Etag
"dab7ee9ff99366614e06e117bab5e542+gzip"
Last-Modified
Wed, 28 Apr 2021 17:56:54 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6723)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105298
sdk.js
connect.facebook.net/en_US/ 		220 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=3b3c21da45a8aa6507d28815392f38aa&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: http://connect.facebook.net/en_US/sdk.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a7933f860e68cec1fb6bc2d7dc4206f21e221aa6c77f4847add0d9e119c88f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
http://www.justjared.com
Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
FcOQFNhr1wErRuZmoEQ6uA==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
66152
x-fb-rlafr
0
x-fb-debug
Ykkhv25ePEAA7FWzpwuNAP/5dtK9942n6Nn6md85Q8zZ7t71iuYt5vtJESX+kXawdacowE53LvIixDQ6Olv19A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
30c2f275511e46199f172040f8ad4eac
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 10 Jun 2021 00:22:31 GMT
vary
Accept-Encoding
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"741364a6d084228abefaf74b29b4876f"
timing-allow-origin
*
priority
u=3,i
expires
Thu, 09 Jun 2022 21:43:37 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		0
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=78a541f2-9748-4ba5-9cda-85fd7a44b234&u=http%3A%2F%2Fwww.justjared.com%2F
Requested by
Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.200.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-200-121.cdg50.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 20:00:33 GMT
via
1.1 f4582372b9151740be645b6db921848f.cloudfront.net (CloudFront)
server
Server
age
15718
x-cache
Hit from cloudfront
access-control-allow-origin
http://www.justjared.com
cache-control
max-age=86087, s-maxage=86400
access-control-allow-credentials
true
x-amz-cf-pop
CDG50-P2
x-amz-cf-id
-Vrs3qbEkoFjVukpBixGy-Q5kmgLExpwTZ3loUXGmmIB7JCalfT_bg==
v2xvlFGSxXgH04nKGo3OP9MGpH4ZVEULG9eLw54klbAbVNIIJqQ8w1ZVy_0xydXGI
sulkycook.com/ 		103 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sulkycook.com/v2xvlFGSxXgH04nKGo3OP9MGpH4ZVEULG9eLw54klbAbVNIIJqQ8w1ZVy_0xydXGI
Requested by
Host: d188m5xxcpvuue.cloudfront.net
URL: http://d188m5xxcpvuue.cloudfront.net/justjared/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.249.84 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
84.249.186.35.bc.googleusercontent.com
Software
/
Resource Hash
d13e6ca9d1f7d26fa44110e49c9b207f5fc42f0f06203ea23584ff4c1d48bb51
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
x-datacenter
gce-europe-west1
etag
"3cfb6054d5dfbb21361a5a066ed3c0bd2b670b947efab20fae5f00615ca2786d"
vary
Accept-Encoding, Accept-Language
x-hostname
f8becdc5
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
date
Thu, 10 Jun 2021 00:22:31 GMT
timing-allow-origin
*
prebid
sac.ayads.co/sublime/33772/ 		405 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://sac.ayads.co/sublime/33772/prebid
Requested by
Host: d188m5xxcpvuue.cloudfront.net
URL: http://d188m5xxcpvuue.cloudfront.net/justjared/main.js
Protocol
HTTP/1.1
Server
2606:4700:10::6814:a25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fd8b544304d19a5969ba072dcad5f833205de22050d22ef2af14229434df746

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
public
Date
Thu, 10 Jun 2021 00:22:31 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Server
cloudflare
Age
1400
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
65ce721d2df4e003-FRA
cf-request-id
0a94e5a6340000e003d03cd000000001
Expires
Thu, 10 Jun 2021 01:22:31 GMT
95.ead3eb953ad0bf3e9e2d.js
d188m5xxcpvuue.cloudfront.net/justjared/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://d188m5xxcpvuue.cloudfront.net/justjared/95.ead3eb953ad0bf3e9e2d.js
Requested by
Host: d188m5xxcpvuue.cloudfront.net
URL: http://d188m5xxcpvuue.cloudfront.net/justjared/main.js
Protocol
HTTP/1.1
Server
2600:9000:218d:1e00:0:bed9:b980:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
047ee8cbb709a647294dc1d32a0ce0c78c44bcab5ca8ddcc7af4c0d2b2948834

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Ls6XJajyR.iIKdVfZSw4WHx7KeCkDYhZ
Content-Encoding
gzip
ETag
W/"59bdc5355fca7f4541a7b89d93098af9"
Age
2322
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
x-amz-replication-status
PENDING
Connection
keep-alive
Last-Modified
Wed, 09 Jun 2021 18:43:41 GMT
Server
AmazonS3
Date
Wed, 09 Jun 2021 23:46:16 GMT
Vary
Accept-Encoding
Content-Type
application/x-javascript
Via
1.1 04a0003b41de711e6a8b7432e24f89a5.cloudfront.net (CloudFront)
Cache-Control
max-age=3600
X-Amz-Cf-Pop
CDG50-P2
X-Amz-Cf-Id
20ZjcRjOQmcWPM7BWrsobj6TOHMDtcwUORw-xP4BBvAmlwXAWeESKA==
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=2054784078&t=pageview&_s=1&dl=http%3A%2F%2Fwww.justjared.com%2F&ul=en-us&de=UTF-8&dt=Celebrity%20Gossip%20and%20Entertainment%20News%20%7C%20Just%20Jared&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=974395598&gjid=1624064773&cid=2019856573.1623284551&tid=UA-86316-1&_gid=632642634.1623284551&_r=1&gtm=2ou621&z=1914053611
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://www.justjared.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
any
idx.liadm.com/idex/ie/ 		0
0
rid
match.adsrvr.org/track/ 		0
0
identity
api.rlcdn.com/api/ 		0
0
collect
stats.g.doubleclick.net/j/ 		4 B
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-86316-1&cid=2019856573.1623284551&jid=974395598&gjid=1624064773&_gid=632642634.1623284551&_u=YEBAAUAAAAAAAC~&z=1598147338
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 10 Jun 2021 00:22:31 GMT
content-type
text/plain
access-control-allow-origin
http://www.justjared.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
settings
syndication.twitter.com/ Frame C182 		256 B
441 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=83a9bb4171d701ee44433fea49ce9ae5efff8094
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=http%3A%2F%2Fwww.justjared.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
c9815821ab1442501b9e9bae3d4bc5730315d6a513c8b40141b2d47b76da1916
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:30 GMT
content-encoding
gzip
last-modified
Thu, 10 Jun 2021 00:22:31 GMT
server
tsa_o
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
13ffb4e83d0148918150c72a7cc570fd4baa56a6412da78991bc73106e00dbb4
content-length
176
ga-audiences
www.google.com/ads/ 		42 B
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-86316-1&cid=2019856573.1623284551&jid=974395598&_u=YEBAAUAAAAAAAC~&z=606699063
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-86316-1&cid=2019856573.1623284551&jid=974395598&_u=YEBAAUAAAAAAAC~&z=606699063
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
page
t.skimresources.com/api/v2/ 		22 B
382 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.skimresources.com/api/v2/page
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/93029X1547060.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:32 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.7 aiohttp/3.5.4
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8, application/javascript
access-control-allow-origin
http://www.justjared.com
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
22
/
antenna.ayads.co/ 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://antenna.ayads.co/?src=pb&t=1623284550085.2&ver=20210608122629&device=d&puid=p2956832834677702726&suid=s4231460080701053155&z=33772&gc=0&gm=0&ga=0&gs=0&dlt=0&e=l&tse=1623284551276&et=1192&tfz=6&sqid=1&bw=1600&bh=1200
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
18.200.182.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-200-182-178.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:31 GMT
server
nginx
config.json
d188m5xxcpvuue.cloudfront.net/ 		17 B
385 B 		Fetch
General
Check archive.org
Download Go to
Full URL
http://d188m5xxcpvuue.cloudfront.net/config.json
Requested by
Host: d188m5xxcpvuue.cloudfront.net
URL: http://d188m5xxcpvuue.cloudfront.net/justjared/main.js
Protocol
HTTP/1.1
Server
2600:9000:218d:1e00:0:bed9:b980:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
4612a731e8965beeb0f6f9d55bbc6ba91b2fd3672296d4561a8d42b502285a6c

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:31 GMT
Via
1.1 ed781950f045f8565b1dd350ab97767d.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
CDG50-P2
X-Cache
LambdaGeneratedResponse from cloudfront
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
17
X-Amz-Cf-Id
fBGdCWaaZaL7HRzBXM3fHZVOmDN3FeSnnBbhif0zqSL1voTZc_hzIA==
Artory
ad.doubleclick.net/ddm/adj/Bthlq/ 		11 B
629 B 		Script
General
Check archive.org
Download Go to
Full URL
http://ad.doubleclick.net/ddm/adj/Bthlq/Artory
Requested by
Host: sulkycook.com
URL: https://sulkycook.com/v2xvlFGSxXgH04nKGo3OP9MGpH4ZVEULG9eLw54klbAbVNIIJqQ8w1ZVy_0xydXGI
Protocol
HTTP/1.1
Server
142.250.185.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f6.1e100.net
Software
cafe /
Resource Hash
f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:31 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
Timing-Allow-Origin
*
P3P
policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
no-cache, must-revalidate
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
31
X-XSS-Protection
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-23/html/ Frame 0E36 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-23/html/container.html
Requested by
Host: sulkycook.com
URL: https://sulkycook.com/v2xvlFGSxXgH04nKGo3OP9MGpH4ZVEULG9eLw54klbAbVNIIJqQ8w1ZVy_0xydXGI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ced5c873136c4fab4584c0c6d26dcd530c748303d7ed9b7a7966b2fe1d6f5915
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-23/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.justjared.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.justjared.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1479
date
Tue, 08 Jun 2021 18:04:12 GMT
expires
Wed, 08 Jun 2022 18:04:12 GMT
last-modified
Tue, 10 Apr 2018 14:51:09 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
109099
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=31732370&c3=874156489745619&ns__t=1623284552080&ns_c=UTF-8&cv=3.5&c8=Celebrity%20Gossip%20and%20Entertainment%20News%20%7C%20Just%20Jared&c7=http%3A%2F%2F...
  • https://sb.scorecardresearch.com/b2?c1=7&c2=31732370&c3=874156489745619&ns__t=1623284552080&ns_c=UTF-8&cv=3.5&c8=Celebrity%20Gossip%20and%20Entertainment%20News%20%7C%20Just%20Jared&c7=http%3A%2F%2...
64 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=31732370&c3=874156489745619&ns__t=1623284552080&ns_c=UTF-8&cv=3.5&c8=Celebrity%20Gossip%20and%20Entertainment%20News%20%7C%20Just%20Jared&c7=http%3A%2F%2Fwww.justjared.com%2F&c9=
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.174.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-174-113.cdg50.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:32 GMT
via
1.1 819cd2dd67161d301a9388e0baebb3e5.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-P2
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
KyWH0bivquhkISwaKaC3JnpqWKigwb4w28_osr8Kxvf35RRG2abnAQ==

Redirect headers

date
Thu, 10 Jun 2021 00:22:32 GMT
via
1.1 819cd2dd67161d301a9388e0baebb3e5.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-P2
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=7&c2=31732370&c3=874156489745619&ns__t=1623284552080&ns_c=UTF-8&cv=3.5&c8=Celebrity%20Gossip%20and%20Entertainment%20News%20%7C%20Just%20Jared&c7=http%3A%2F%2Fwww.justjared.com%2F&c9=
content-length
244
x-amz-cf-id
VjEVjhfwpQgpsSL_5IWsLN8buu3wxHBXDJ8M4FFbVJEFGlQ10B86Yg==
bid
c.amazon-adsystem.com/e/dtb/ 		182 B
549 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fwww.justjared.com%2F&pid=Noctodig35rQd&cb=0&ws=1600x1200&v=7.66.00&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%221x1%22%5D%2C%22sn%22%3A%22%2F21854935662%2FJustJared_Desktop_ROS%2FJustJared_ROS_HighImpact%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F21854935662%2FJustJared_Home%2FJustJared_Home_Top_728x90%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22300x600%22%5D%2C%22sn%22%3A%22%2F21854935662%2FJustJared_Home%2FJustJared_Home_Top_Right_300x250_InnerRail%22%7D%5D&cfgv=0&schain=1.0%2C1!mediatradecraft.com%2C111111%2C1%2C%2C%2C&pubid=78a541f2-9748-4ba5-9cda-85fd7a44b234&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.200.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-200-121.cdg50.r.cloudfront.net
Software
Server /
Resource Hash
401889ab4827a00d020ca2b13fe3b57a88acb390f3425faa0a07fb46ef1ea24f

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:32 GMT
content-encoding
gzip
server
Server
x-amz-cf-pop
CDG50-P2
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
http://www.justjared.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
170
via
1.1 f4582372b9151740be645b6db921848f.cloudfront.net (CloudFront)
x-amz-cf-id
3jwgCX9M4VXu4-fNdDA8MyYXmCJJGlaCoPXRTA5KwpsyYGG1fHJbjw==
services
g2.gumgum.com/zones/jstjared/ 		644 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/zones/jstjared/services?dp=http%3A%2F%2Fwww.justjared.com%2F&pu=http%3A%2F%2Fwww.justjared.com%2F&ogu=http%3A%2F%2Fwww.justjared.com&rf=&r=3.82.11&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A2%2C%22ren%22%3A2%2C%22fc%22%3A0%2C%22ctx%22%3A%5B2%5D%2C%22jsv%22%3A%223.82.11%22%2C%22pbv%22%3A%220.0.0%22%7D&ns=10035&bf=9817fedb5be462d49a60039995f085b2f602fcc6&ce=true&fs=false&dpr=1&sch=1200&scw=1600&lt=1623284552135&to=-120&vpii=false&vph=1200&vpw=1600&gdprApplies=0
Requested by
Host: js.gumgum.com
URL: https://js.gumgum.com/services.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
33353c853630b0a620dcbd866e2bd49ebcb667b167aa11935934b89560e652d9

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 10 Jun 2021 00:22:35 GMT
content-encoding
gzip
server
nginx
etag
W/"08b34f459da597371c826d6e13aac1ca3"
p3p
CP="This is not a P3P policy"
access-control-allow-origin
http://www.justjared.com
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
/
onetag-geo.s-onetag.com/ 		0
0
beacon.min.js
signal-beacon.s-onetag.com/ 		0
0
Cookie set iu3
aax-eu.amazon-adsystem.com/s/ Frame 3F7A
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-smaato_gg_n-index_pm-db5_rbd_n-emx_n-acuityads_cnv_n-amobee_sovrn_3lift
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-smaato_gg_n-index_pm-db5_rbd_n-emx_n-acuityads_cnv_n-amobee_sovrn_3lift&dcc=t
304 B
974 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-smaato_gg_n-index_pm-db5_rbd_n-emx_n-acuityads_cnv_n-amobee_sovrn_3lift&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.123.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
b56c553700b064ca711e6818f4a7a82f390d5e85d8a697b485fcf305bfe70cba

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://www.justjared.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A_l68WkWykTAiqRVvH6O3QU|t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.justjared.com/

Response headers

Server
Server
Date
Thu, 10 Jun 2021 00:22:33 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
237
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Set-Cookie
ad-id=A_l68WkWykTAiqRVvH6O3QU; Domain=.amazon-adsystem.com; Expires=Sat, 01-Jan-2022 00:22:33 GMT; Path=/; Secure; HttpOnly; SameSite=None ad-privacy=0; Domain=.amazon-adsystem.com; Expires=Wed, 01-Jul-2026 00:22:33 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip

Redirect headers

Server
Server
Date
Thu, 10 Jun 2021 00:22:33 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-smaato_gg_n-index_pm-db5_rbd_n-emx_n-acuityads_cnv_n-amobee_sovrn_3lift&dcc=t
Set-Cookie
ad-id=A_l68WkWykTAiqRVvH6O3QU|t; Domain=.amazon-adsystem.com; Expires=Sat, 01-Jan-2022 00:22:33 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary
User-Agent
bid
c.amazon-adsystem.com/e/dtb/ 		182 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fwww.justjared.com%2F&pid=Noctodig35rQd&cb=1&ws=1600x1200&v=7.66.00&t=1200&slots=%5B%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22160x600%22%5D%2C%22sn%22%3A%22%2F21854935662%2FJustJared_Home%2FJustJared_Home_Bot_Right_300xFlex_InnerRail%22%7D%5D&cfgv=0&schain=1.0%2C1!mediatradecraft.com%2C111111%2C1%2C%2C%2C&pubid=78a541f2-9748-4ba5-9cda-85fd7a44b234&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.200.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-200-121.cdg50.r.cloudfront.net
Software
Server /
Resource Hash
5e8227bbd60e1f18eb0df4a580d5d84aa082f6b14f7ac2bfc320943ef88b2c04

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:32 GMT
content-encoding
gzip
server
Server
x-amz-cf-pop
CDG50-P2
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
http://www.justjared.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
170
via
1.1 f4582372b9151740be645b6db921848f.cloudfront.net (CloudFront)
x-amz-cf-id
GrOHnC-liNUcBfAnMpE-uc9m-FRfZq59VNha4ZV4591vxvWF15ioKQ==
bid
c.amazon-adsystem.com/e/dtb/ 		182 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fwww.justjared.com%2F&pid=Noctodig35rQd&cb=2&ws=1600x1200&v=7.66.00&t=1200&slots=%5B%7B%22sd%22%3A%224%22%2C%22s%22%3A%5B%22300x600%22%5D%2C%22sn%22%3A%22%2F21854935662%2FJustJared_Home%2FJustJared_Home_Mid_Right_300xFlex_InnerRail%22%7D%5D&cfgv=0&schain=1.0%2C1!mediatradecraft.com%2C111111%2C1%2C%2C%2C&pubid=78a541f2-9748-4ba5-9cda-85fd7a44b234&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.200.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-200-121.cdg50.r.cloudfront.net
Software
Server /
Resource Hash
2dbfd358b1763284fdd6f3a91c939364255c32992e33b98434b6765137fb49cb

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:32 GMT
content-encoding
gzip
server
Server
x-amz-cf-pop
CDG50-P2
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
http://www.justjared.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
170
via
1.1 f4582372b9151740be645b6db921848f.cloudfront.net (CloudFront)
x-amz-cf-id
m9VZTGEeFmBEbdgocp6HOCMegXSV634YpJZ-8U0412e-Is6DY9TbdQ==
bid
c.amazon-adsystem.com/e/dtb/ 		182 B
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fwww.justjared.com%2F&pid=Noctodig35rQd&cb=3&ws=1600x1200&v=7.66.00&t=1200&slots=%5B%7B%22sd%22%3A%225%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F21854935662%2FJustJared_Home%2FJustJared_Home_InContent1%22%7D%5D&cfgv=0&schain=1.0%2C1!mediatradecraft.com%2C111111%2C1%2C%2C%2C&pubid=78a541f2-9748-4ba5-9cda-85fd7a44b234&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.200.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-200-121.cdg50.r.cloudfront.net
Software
Server /
Resource Hash
74864ac77c343c7a82d64faa1b962645ad5a11cfb177aad9f0fde10d897f4dd5

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:32 GMT
content-encoding
gzip
server
Server
x-amz-cf-pop
CDG50-P2
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
http://www.justjared.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
169
via
1.1 f4582372b9151740be645b6db921848f.cloudfront.net (CloudFront)
x-amz-cf-id
DX0occp5UO9MyJvJFBeOKcLQd0Zl7HYbh9gyzLEiQClel3wKBm61tA==
/
geoworker.ayads.co/ 		1 B
277 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoworker.ayads.co/
Requested by
Host: sac.ayads.co
URL: http://sac.ayads.co/sublime/33772/prebid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:a25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:32 GMT
server
cloudflare
sublime-worker
true
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cf-ray
65ce7223edaabece-FRA
content-length
1
cf-request-id
0a94e5aa6f0000bece6a173000000001
cookie_sync
prebid-server.rubiconproject.com/ 		10 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/cookie_sync
Requested by
Host: ads.rubiconproject.com
URL: http://ads.rubiconproject.com/prebid/21666_JustJared.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.54.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-54-206.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
c59064803e1f033c94eb2900314d4d3b46755683a6bbb1a0276db67771d6a3b2

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:32 GMT
content-encoding
gzip
content-type
application/json
access-control-allow-origin
http://www.justjared.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
1644
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		198 B
400 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: ads.rubiconproject.com
URL: http://ads.rubiconproject.com/prebid/21666_JustJared.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.54.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-54-206.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
dcf42b32f3d47a09a6bcfc81f79aa31d8efa3a4e3e3311d433d56d77d7fe983f

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:32 GMT
content-encoding
gzip
content-type
application/json
access-control-allow-origin
http://www.justjared.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
185
expires
0
cygnus
htlb.casalemedia.com/ 		24 B
526 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=427965&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2250b1fc3c1955ae%22%2C%22site%22%3A%7B%22page%22%3A%22http%3A%2F%2Fwww.justjared.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.33.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22mediatradecraft.com%22%2C%22sid%22%3A%22111111%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%2C%22consented_providers_settings%22%3A%7B%22consented_providers%22%3A%221~%22%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%226c6958c2dac66b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22427965%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22786604097d4d31%22%2C%22ext%22%3A%7B%22siteID%22%3A%22427965%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%228729c0664d3d5%22%2C%22ext%22%3A%7B%22siteID%22%3A%22427965%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: ads.rubiconproject.com
URL: http://ads.rubiconproject.com/prebid/21666_JustJared.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.111.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-111-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
fa9afed7ba851a289c65ac652091f4e1d660a261a7c8b5ccf5f4e7f2a2b2916c

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:32 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[CH], RC:[ZH], CN:[EU], CIP:[185.156.175.107], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
access-control-allow-origin
http://www.justjared.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-type
application/json
content-length
44
x-ak-client-geo
12
expires
Thu, 10 Jun 2021 00:22:32 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
720 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.rubiconproject.com
URL: http://ads.rubiconproject.com/prebid/21666_JustJared.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:32 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.10:80
AN-X-Request-Uuid
d643c548-14c2-4c61-95da-1d1c2eb76a66
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://www.justjared.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
c
prebid.a-mo.net/a/ 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		263 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21666&site_id=293666&zone_id=1475128&size_id=15&alt_size_ids=9%2C10&gdpr=0&rp_schain=1.0,1!mediatradecraft.com,111111,1,,,&eid_pubcid.org=2a5ac84a-415a-44b4-ad97-f5f43141a28f%5E1&rf=http%3A%2F%2Fwww.justjared.com%2F&tk_flint=dmpbjs_v4.33.0&x_source.tid=f39ff64d-80cf-4e3a-8c9b-b44f0740713e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.323542932619147
Requested by
Host: ads.rubiconproject.com
URL: http://ads.rubiconproject.com/prebid/21666_JustJared.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.31 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
2ab3185248b863348abaa3ecb6a683d09150e95d4c5e8d46fed8e36e6982c253

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:32 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
http://www.justjared.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
263
Expires
Wed, 17 Sep 1975 21:32:10 GMT
auction
tlx.3lift.com/header/ 		19 B
493 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.33.0&referrer=http%3A%2F%2Fwww.justjared.com%2F&tmax=1200&gdpr=false
Requested by
Host: ads.rubiconproject.com
URL: http://ads.rubiconproject.com/prebid/21666_JustJared.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.29.202 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-29-202.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:32 GMT
x-auction-status
12
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
http://www.justjared.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: ads.rubiconproject.com
URL: http://ads.rubiconproject.com/prebid/21666_JustJared.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://www.justjared.com
date
Thu, 10 Jun 2021 00:22:32 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid-request
a.teads.tv/hb/ 		16 B
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: ads.rubiconproject.com
URL: http://ads.rubiconproject.com/prebid/21666_JustJared.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:32 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
http://www.justjared.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Thu, 10 Jun 2021 00:22:32 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		198 B
399 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: ads.rubiconproject.com
URL: http://ads.rubiconproject.com/prebid/21666_JustJared.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.54.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-54-206.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
91e2be63904d1abd904d52a42609b9cd50d63151076585845dbb04bd76ea0357

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:32 GMT
content-encoding
gzip
content-type
application/json
access-control-allow-origin
http://www.justjared.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
184
expires
0
prebid
ib.adnxs.com/ut/v3/ 		19 B
721 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.rubiconproject.com
URL: http://ads.rubiconproject.com/prebid/21666_JustJared.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:32 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.137:80
AN-X-Request-Uuid
8801a7cd-2dda-4a30-a637-e7194132eaba
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://www.justjared.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid-request
a.teads.tv/hb/ 		16 B
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: ads.rubiconproject.com
URL: http://ads.rubiconproject.com/prebid/21666_JustJared.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:32 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
http://www.justjared.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Thu, 10 Jun 2021 00:22:32 GMT
auction
tlx.3lift.com/header/ 		19 B
493 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.33.0&referrer=http%3A%2F%2Fwww.justjared.com%2F&tmax=1200&gdpr=false
Requested by
Host: ads.rubiconproject.com
URL: http://ads.rubiconproject.com/prebid/21666_JustJared.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.29.202 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-29-202.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:32 GMT
x-auction-status
12
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
http://www.justjared.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
c
prebid.a-mo.net/a/ 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		241 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21666&site_id=293666&zone_id=1475128&size_id=10&gdpr=0&rp_schain=1.0,1!mediatradecraft.com,111111,1,,,&eid_pubcid.org=2a5ac84a-415a-44b4-ad97-f5f43141a28f%5E1&rf=http%3A%2F%2Fwww.justjared.com%2F&tk_flint=dmpbjs_v4.33.0&x_source.tid=9fad5a3b-d26e-475b-a3a0-4479ce5e21df&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.32543756065983254
Requested by
Host: ads.rubiconproject.com
URL: http://ads.rubiconproject.com/prebid/21666_JustJared.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.31 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
1e7f8330be17f5d9db88adffbbe094b8d50b77f4aad6673263e4965bbf65a947

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:32 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
http://www.justjared.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: ads.rubiconproject.com
URL: http://ads.rubiconproject.com/prebid/21666_JustJared.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://www.justjared.com
date
Thu, 10 Jun 2021 00:22:32 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cygnus
htlb.casalemedia.com/ 		25 B
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=427965&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2237e81dce7ba0fc7%22%2C%22site%22%3A%7B%22page%22%3A%22http%3A%2F%2Fwww.justjared.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.33.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22mediatradecraft.com%22%2C%22sid%22%3A%22111111%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%2C%22consented_providers_settings%22%3A%7B%22consented_providers%22%3A%221~%22%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2239518809e3f1b62%22%2C%22ext%22%3A%7B%22siteID%22%3A%22427965%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: ads.rubiconproject.com
URL: http://ads.rubiconproject.com/prebid/21666_JustJared.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.111.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-111-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3fbd2d61930151f20acb5168106d7e0fd1f40f559efbde90f0cea1356ec9cb78

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:32 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[CH], RC:[ZH], CN:[EU], CIP:[185.156.175.107], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
access-control-allow-origin
http://www.justjared.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-type
application/json
content-length
45
x-ak-client-geo
12
expires
Thu, 10 Jun 2021 00:22:32 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		198 B
395 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: ads.rubiconproject.com
URL: http://ads.rubiconproject.com/prebid/21666_JustJared.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.54.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-54-206.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
609b9141f6e3340b6184957498cfa161ac0f3f08af205bcdcd326a76a5d0de0e

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:32 GMT
content-encoding
gzip
content-type
application/json
access-control-allow-origin
http://www.justjared.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
180
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		241 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21666&site_id=293666&zone_id=1475126&size_id=15&gdpr=0&rp_schain=1.0,1!mediatradecraft.com,111111,1,,,&eid_pubcid.org=2a5ac84a-415a-44b4-ad97-f5f43141a28f%5E1&rf=http%3A%2F%2Fwww.justjared.com%2F&tk_flint=dmpbjs_v4.33.0&x_source.tid=5414d82e-88d8-4135-970d-c638c11ec0fa&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4406094140126411
Requested by
Host: ads.rubiconproject.com
URL: http://ads.rubiconproject.com/prebid/21666_JustJared.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.31 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
3d0e685f99e9414dedf37e0a55f10faf2562d9f4a3f66d47c6ffef8b5b600432

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:32 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
http://www.justjared.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
720 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.rubiconproject.com
URL: http://ads.rubiconproject.com/prebid/21666_JustJared.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:32 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.73:80
AN-X-Request-Uuid
8dd5be48-f1fa-45ed-8e82-b8fcfb989d4c
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://www.justjared.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: ads.rubiconproject.com
URL: http://ads.rubiconproject.com/prebid/21666_JustJared.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://www.justjared.com
date
Thu, 10 Jun 2021 00:22:32 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cygnus
htlb.casalemedia.com/ 		25 B
526 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=427965&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22510e4557f1e0c6e%22%2C%22site%22%3A%7B%22page%22%3A%22http%3A%2F%2Fwww.justjared.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.33.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22mediatradecraft.com%22%2C%22sid%22%3A%22111111%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%2C%22consented_providers_settings%22%3A%7B%22consented_providers%22%3A%221~%22%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2252cfa7ed9455f0f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22427965%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: ads.rubiconproject.com
URL: http://ads.rubiconproject.com/prebid/21666_JustJared.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.111.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-111-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a5ce32dcf9131cc58ef562d6b91fb64929f0d25df7cf26e0e85b06b899df178e

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:32 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[CH], RC:[ZH], CN:[EU], CIP:[185.156.175.107], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
access-control-allow-origin
http://www.justjared.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-type
application/json
content-length
45
x-ak-client-geo
12
expires
Thu, 10 Jun 2021 00:22:32 GMT
bid-request
a.teads.tv/hb/ 		16 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: ads.rubiconproject.com
URL: http://ads.rubiconproject.com/prebid/21666_JustJared.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:32 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
http://www.justjared.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Thu, 10 Jun 2021 00:22:32 GMT
c
prebid.a-mo.net/a/ 		0
0
auction
tlx.3lift.com/header/ 		19 B
493 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.33.0&referrer=http%3A%2F%2Fwww.justjared.com%2F&tmax=1200&gdpr=false
Requested by
Host: ads.rubiconproject.com
URL: http://ads.rubiconproject.com/prebid/21666_JustJared.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.29.202 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-29-202.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:32 GMT
x-auction-status
12
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
http://www.justjared.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
/
optchk.ayads.co/ 		16 B
279 B 		Script
General
Check archive.org
Download Go to
Full URL
https://optchk.ayads.co/?callback=sublimeOptchk
Requested by
Host: sac.ayads.co
URL: http://sac.ayads.co/sublime/33772/prebid
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.8.132 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
49120de5d47bd735b7fe51736fde6bfd75dcdadbe3862c7eff507f27214ad6c2

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:33 GMT
Server
nginx
Content-Type
application/javascript
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
16
Expires
Sun, 01 Jan 2014 00:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		160 B
862 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: sac.ayads.co
URL: http://sac.ayads.co/sublime/33772/prebid
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
16bb6ec6db7947852c13d789c1c9959ef61443f1249092b76572b441b8574f19
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:32 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.54:80
AN-X-Request-Uuid
c5ba2d67-fbf0-4c1f-9f74-be401f9849c1
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://www.justjared.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
160
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ac
www8.smartadserver.com/ 		0
331 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www8.smartadserver.com/ac?siteid=405700&pgid=1372387&fmtid=42281&visit=M&tmstp=1623284552347&tgt=json%3Bvskinz%3Dtrue%3Bgm%3D0%3Bscreen%3Dlarge%3Blarge_screen%3DTRUE%3Btag%3Dpb%3Bpage_home%3Dtrue%3Bpage_height%3Dlarge%3Bskinz%3Dtrue%3B%7Cskinz-d%3D465%3Bpage_height_num%3D11000%3Bpage_weight%3D105000%3Buser_bandwidth%3D9.8%3Bpage_loading_speed%3D90&out=json&gdpr=1
Requested by
Host: sac.ayads.co
URL: http://sac.ayads.co/sublime/33772/prebid
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:31 GMT
x-smrt-d
3%3b4%3b52
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
http://www.justjared.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json
content-length
0
/
antenna.ayads.co/ 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://antenna.ayads.co/?src=pb&t=1623284550085.2&ver=20210608122629&device=d&puid=p2956832834677702726&suid=s4231460080701053155&z=33772&gc=0&gm=1&ga=1&gs=2&dlt=0&gv=2&e=p&gd&gdv&tse=1623284552352&et=2267&tfz=1082&sqid=2&bw=1600&bh=1200&ph=10992
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
18.200.182.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-200-182-178.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:32 GMT
server
nginx
/
antenna.ayads.co/ 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://antenna.ayads.co/?src=pb&t=1623284550085.2&ver=20210608122629&device=d&puid=p2956832834677702726&suid=s4231460080701053155&z=33772&gc=0&gm=1&ga=1&gs=2&dlt=0&gv=2&a=105869&e=sspc&sspname=sspv3-appnexus&isssp=1&sspplid=21413419&tse=1623284552352&et=2267&tfz=1082&sqid=3
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
18.200.182.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-200-182-178.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:32 GMT
server
nginx
/
antenna.ayads.co/ 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://antenna.ayads.co/?src=pb&t=1623284550085.2&ver=20210608122629&device=d&puid=p2956832834677702726&suid=s4231460080701053155&z=33772&gc=0&gm=1&ga=1&gs=2&dlt=0&gv=2&a=105870&e=sspc&sspname=sspv3-smartadserver&isssp=1&sspplid=405700%7C1372387%7C42281&tse=1623284552352&et=2267&tfz=1082&sqid=4
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
18.200.182.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-200-182-178.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:32 GMT
server
nginx
setuid
prebid-server.rubiconproject.com/
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=rp-pbs&gdpr=0&gdpr_consent=&account=21666&us_privacy=
  • https://prebid-server.rubiconproject.com/setuid?bidder=rubicon&account=21666&uid=KPQ5PKTL-V-4HSC&gdpr=0
86 B
483 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=rubicon&account=21666&uid=KPQ5PKTL-V-4HSC&gdpr=0
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.54.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-54-206.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/png
content-encoding
gzip
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://prebid-server.rubiconproject.com/setuid?bidder=rubicon&account=21666&uid=KPQ5PKTL-V-4HSC&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Expires
0
setuid
prebid-server.rubiconproject.com/
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=rp-pbserv
  • https://creativecdn.com/cm-notify?pi=rp-pbserv&tc=1
  • https://prebid-server.rubiconproject.com/setuid?bidder=rtbhouse&uid=laNMGwN03LWN1DvJ87Kd&pi=rp-pbserv&tc=1
86 B
568 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=rtbhouse&uid=laNMGwN03LWN1DvJ87Kd&pi=rp-pbserv&tc=1
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.54.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-54-206.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/png
content-encoding
gzip
expires
0

Redirect headers

location
https://prebid-server.rubiconproject.com/setuid?bidder=rtbhouse&uid=laNMGwN03LWN1DvJ87Kd&pi=rp-pbserv&tc=1
pragma
no-cache
date
Thu, 10 Jun 2021 00:22:32 GMT, Thu, 10 Jun 2021 00:22:32 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
prbds2s
rtb.gumgum.com/usync/ Frame 62B7 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D
Requested by
Host: ads.rubiconproject.com
URL: http://ads.rubiconproject.com/prebid/21666_JustJared.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.41.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
579cb7ff98207f29f91bcfc5253508268a1b27b76a05e217c197e0ce5c5c010f

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.justjared.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.justjared.com/

Response headers

date
Thu, 10 Jun 2021 00:22:32 GMT
content-type
text/html;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
set-cookie
vst=e_5af38b70-3836-4284-8717-31919a286191; Domain=.gumgum.com; Expires=Fri, 10-Jun-2022 00:22:32 GMT; Path=/; Secure; SameSite=None
etag
W/"08730e3037d44473aca14777985732bb1"
timing-allow-origin
*
content-encoding
gzip
/
antenna.ayads.co/ 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://antenna.ayads.co/?src=pb&t=1623284550085.2&ver=20210608122629&device=d&puid=p2956832834677702726&suid=s4231460080701053155&z=33772&gc=0&gm=1&ga=1&gs=2&dlt=0&gv=2&a=105869&e=sspko&sspname=sspv3-appnexus&isssp=1&sspplid=21413419&sspr=1&rt=2487&tse=1623284552573&et=2489&tfz=1303&sqid=5
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
18.200.182.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-200-182-178.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:32 GMT
server
nginx
/
antenna.ayads.co/ 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://antenna.ayads.co/?src=pb&t=1623284550085.2&ver=20210608122629&device=d&puid=p2956832834677702726&suid=s4231460080701053155&z=33772&gc=0&gm=1&ga=1&gs=2&dlt=0&gv=2&a=105870&e=sspko&sspname=sspv3-smartadserver&isssp=1&sspplid=405700%7C1372387%7C42281&sspr=1&rt=2487&tse=1623284552573&et=2489&tfz=1303&sqid=6
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
18.200.182.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-200-182-178.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:32 GMT
server
nginx
usersync
rtb.gumgum.com/ Frame 62B7
Redirect Chain
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID
  • https://rtb.gumgum.com/usersync?b=apn&i=7761284304466057866
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=apn&i=7761284304466057866
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.41.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:32 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:32 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.254:80
AN-X-Request-Uuid
e344c50c-1b77-43bb-a98d-454bbc328857
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://rtb.gumgum.com/usersync?b=apn&i=7761284304466057866
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
rtb.gumgum.com/ Frame 62B7
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_5af38b70-3836-4284-8717-31919a286191&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_5af38b70-3836-4284-8717-31919a286191&gdpr=0&gdpr_consent=&us_privacy=
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=0b002104-6c20-4d93-a3fa-bf91feb3dacd&ssp=gumgum2
  • https://rtb.gumgum.com/usersync?b=bsw&i=28089516-6d3a-4447-b279-e92369718e38
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=bsw&i=28089516-6d3a-4447-b279-e92369718e38
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.41.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:34 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
//rtb.gumgum.com/usersync?b=bsw&i=28089516-6d3a-4447-b279-e92369718e38
date
Thu, 10 Jun 2021 00:22:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
cookie-sync
sync.outbrain.com/ Frame 62B7
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28tt8WV8RwTQ2LP4UAW-b9CNu2vzWeTXmTdzqcGo_M1Aq7oc5ViHhU2b-FCD_6sew2%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_5af38b70-3836-4284-8717-31919a286191&obuid=ENC(tt8WV8RwTQ2LP4UAW-b9CNu2vzWeTXmTdzqcGo_M1Aq7oc5ViHhU2b-FCD_6sew2)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=icco6m5&ttd_tpi=1$CMP
  • https://sync.outbrain.com/cookie-sync?p=ttd&uid=d2513907-50a7-4b1a-a831-996b2a9a1e2d
0
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=ttd&uid=d2513907-50a7-4b1a-a831-996b2a9a1e2d
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.127 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:37 GMT
Cache-Control
no-cache
X-TraceId
d88910ea4f37d149430a7e98ade03498
Content-Length
0

Redirect headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:37 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.outbrain.com/cookie-sync?p=ttd&uid=d2513907-50a7-4b1a-a831-996b2a9a1e2d
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
199
usersync
rtb.gumgum.com/ Frame 62B7
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://rtb.gumgum.com/usersync?b=opx&i=529d47fe-bd6d-45db-887d-93fc7601f5b4
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=opx&i=529d47fe-bd6d-45db-887d-93fc7601f5b4
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.41.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:32 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Thu, 10 Jun 2021 00:22:32 GMT
content-encoding
gzip
server
OXGW/16.208.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://rtb.gumgum.com/usersync?b=opx&i=529d47fe-bd6d-45db-887d-93fc7601f5b4
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
usersync
rtb.gumgum.com/ Frame 62B7
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=sta&i=0-ada90c0d-ed01-46ed-43f4-368459c57f78$ip$185.156.175.107
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=sta&i=0-ada90c0d-ed01-46ed-43f4-368459c57f78$ip$185.156.175.107
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.41.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:48 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=sta&i=0-ada90c0d-ed01-46ed-43f4-368459c57f78$ip$185.156.175.107
Date
Thu, 10 Jun 2021 00:22:48 GMT
Connection
keep-alive
Content-Length
124
Content-Type
text/html; charset=utf-8
usersync
rtb.gumgum.com/ Frame 62B7
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=oth&i=y-4JiinnhE2pfiXALTIPn7HsKZ.M66Xzba6vvw~A
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=oth&i=y-4JiinnhE2pfiXALTIPn7HsKZ.M66Xzba6vvw~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.41.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:32 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Thu, 10 Jun 2021 00:22:32 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://rtb.gumgum.com/usersync?b=oth&i=y-4JiinnhE2pfiXALTIPn7HsKZ.M66Xzba6vvw~A
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync
rtb.gumgum.com/ Frame 62B7
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%...
  • https://rtb.gumgum.com/usersync?b=vnt&i=fc2d18db-c981-11eb-8083-5d9004511ec3
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=vnt&i=fc2d18db-c981-11eb-8083-5d9004511ec3
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.41.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:48 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=vnt&i=fc2d18db-c981-11eb-8083-5d9004511ec3
Date
Thu, 10 Jun 2021 00:22:48 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
fc2d18dc-c981-11eb-8083-5d9004511ec3
services
sync.technoratimedia.com/ Frame 62B7 		0
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
193.122.174.27 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:32 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
802433048
access-control-allow-origin
https://rtb.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame 62B7 		0
0
usersync
rtb.gumgum.com/ Frame 62B7
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_5af38b70-3836-4284-8717-31919a286191&gdpr=0&gdpr_consent=&us_privacy=
  • https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=0
35 B
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=0
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.41.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:45 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=0
Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:44 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
78
Content-Type
text/html; charset=utf-8
usersync
rtb.gumgum.com/ Frame 62B7
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://rtb.gumgum.com/usersync?b=idi&i=f0c200a6-600f-4ea8-afec-d51b7d80d7a2
35 B
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=idi&i=f0c200a6-600f-4ea8-afec-d51b7d80d7a2
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.41.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:34 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=idi&i=f0c200a6-600f-4ea8-afec-d51b7d80d7a2
date
Thu, 10 Jun 2021 00:22:33 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
rtb.gumgum.com/ Frame 62B7
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8639096965
  • https://sync.1rx.io/usersync/tradedesk/d2513907-50a7-4b1a-a831-996b2a9a1e2d
  • https://sync.targeting.unrulymedia.com/csync/RX-4b6b31cb-0c5c-402c-be96-53a916fee2fa-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-4b6b31cb-0c5c-402c-be96-53a916fee2fa-003
  • https://rtb.gumgum.com/usersync?b=rhy&i=RX-4b6b31cb-0c5c-402c-be96-53a916fee2fa-003
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=rhy&i=RX-4b6b31cb-0c5c-402c-be96-53a916fee2fa-003
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.41.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:33 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=rhy&i=RX-4b6b31cb-0c5c-402c-be96-53a916fee2fa-003
date
Thu, 10 Jun 2021 00:22:33 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX4b6b31cb0c5c402cbe9653a916fee2fa003
content-type
text/html
usersync
rtb.gumgum.com/ Frame 62B7
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://rtb.gumgum.com/usersync?b=pln&i=7UuxSOkeBCcM&ev=1&pid=558355
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=pln&i=7UuxSOkeBCcM&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.41.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:33 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://rtb.gumgum.com/usersync?b=pln&i=7UuxSOkeBCcM&ev=1&pid=558355
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-8474b759f8-xrp6v
expires
-1
setuid
prebid-server.rubiconproject.com/ Frame 62B7 		0
532 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=gumgum&gdpr=0&gdpr_consent=&us_privacy=&f=b&uid=e_5af38b70-3836-4284-8717-31919a286191
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.54.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-54-206.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
text/html
content-length
0
expires
0
usersync
rtb.gumgum.com/ Frame E9E9
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://rtb.gumgum.com/usersync?b=mmh&i=b72660c1-5b48-4d00-bd58-4280b2d3c0b0&gdpr=0&gdpr_consent=
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=mmh&i=b72660c1-5b48-4d00-bd58-4280b2d3c0b0&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.41.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=mmh&i=b72660c1-5b48-4d00-bd58-4280b2d3c0b0&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_5af38b70-3836-4284-8717-31919a286191
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Thu, 10 Jun 2021 00:22:32 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Thu, 10 Jun 2021 00:22:25 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Server
MT3 3759 5f8f15b master zrh-pixel-x25
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie
uuid=b72660c1-5b48-4d00-bd58-4280b2d3c0b0; domain=.mathtag.com; path=/; expires=Fri, 08-Jul-2022 00:22:32 GMT; SameSite=None; Secure
location
https://rtb.gumgum.com/usersync?b=mmh&i=b72660c1-5b48-4d00-bd58-4280b2d3c0b0&gdpr=0&gdpr_consent=
Expires
Thu, 10 Jun 2021 00:22:24 GMT
usersync
rtb.gumgum.com/ Frame E2C3
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YMFbSAABq73bxAA4
  • https://rtb.gumgum.com/usersync?b=atm&i=YMFbSAABq73bxAA4&gdpr=0&gdpr_consent=&_test=YMFbSAABq73bxAA4
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=atm&i=YMFbSAABq73bxAA4&gdpr=0&gdpr_consent=&_test=YMFbSAABq73bxAA4
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.41.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=atm&i=YMFbSAABq73bxAA4&gdpr=0&gdpr_consent=&_test=YMFbSAABq73bxAA4
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_5af38b70-3836-4284-8717-31919a286191
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Thu, 10 Jun 2021 00:22:32 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

server
Varnish
retry-after
0
location
https://rtb.gumgum.com/usersync?b=atm&i=YMFbSAABq73bxAA4&gdpr=0&gdpr_consent=&_test=YMFbSAABq73bxAA4
accept-ranges
bytes
date
Thu, 10 Jun 2021 00:22:32 GMT
via
1.1 varnish
x-served-by
cache-hhn4052-HHN
x-cache
HIT
x-cache-hits
0
x-timer
S1623284553.816219,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
pixel
cm.g.doubleclick.net/ Frame D3BB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV81YWYzOGI3MC0zODM2LTQyODQtODcxNy0zMTkxOWEyODYxOTE=&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV81YWYzOGI3MC0zODM2LTQyODQtODcxNy0zMTkxOWEyODYxOTE=&gdpr=0&gdpr_consent=&google_tc=
170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV81YWYzOGI3MC0zODM2LTQyODQtODcxNy0zMTkxOWEyODYxOTE=&gdpr=0&gdpr_consent=&google_tc=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

:method
GET
:authority
cm.g.doubleclick.net
:scheme
https
:path
/pixel?google_nid=gumgum_dbm&google_hm=ZV81YWYzOGI3MC0zODM2LTQyODQtODcxNy0zMTkxOWEyODYxOTE=&gdpr=0&gdpr_consent=&google_tc=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

content-type
image/png
date
Thu, 10 Jun 2021 00:22:32 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
server
HTTP server (unknown)
content-length
170
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV81YWYzOGI3MC0zODM2LTQyODQtODcxNy0zMTkxOWEyODYxOTE=&gdpr=0&gdpr_consent=&google_tc=
date
Thu, 10 Jun 2021 00:22:32 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
content-length
364
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 10-Jun-2021 00:37:32 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0AC0 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
adeacac4167dc188f54213893f0444ea5d60995143ad0552dcb4c383199a740b

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

last-modified
Tue, 01 Jun 2021 06:44:25 GMT
etag
"1300708-2080-5c3aeac410031"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
2586
content-type
text/html; charset=UTF-8
cache-control
max-age=40868
expires
Thu, 10 Jun 2021 11:43:44 GMT
date
Thu, 10 Jun 2021 00:22:36 GMT
vary
Accept-Encoding
/
ssc-cms.33across.com/ps/ Frame 5B00 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.172 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software
33XP001 /
Resource Hash

Request headers

:method
GET
:authority
ssc-cms.33across.com
:scheme
https
:path
/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

x-33x-status
200000000000000002020008
server
33XP001
date
Thu, 10 Jun 2021 00:22:36 GMT
usersync
rtb.gumgum.com/ Frame 7953
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=ttd&i=d2513907-50a7-4b1a-a831-996b2a9a1e2d&t=1625876552
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=ttd&i=d2513907-50a7-4b1a-a831-996b2a9a1e2d&t=1625876552
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.41.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=ttd&i=d2513907-50a7-4b1a-a831-996b2a9a1e2d&t=1625876552
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_5af38b70-3836-4284-8717-31919a286191
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Thu, 10 Jun 2021 00:22:32 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Thu, 10 Jun 2021 00:22:32 GMT
content-type
text/html
content-length
209
location
https://rtb.gumgum.com/usersync?b=ttd&i=d2513907-50a7-4b1a-a831-996b2a9a1e2d&t=1625876552
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
set-cookie
TDID=d2513907-50a7-4b1a-a831-996b2a9a1e2d; domain=.adsrvr.org; expires=Fri, 10-Jun-2022 00:22:32 GMT; path=/; secure; SameSite=None TDCPM=CAEYBSABKAIyCwjkmL6ikuzVORAFOAE.; domain=.adsrvr.org; expires=Fri, 10-Jun-2022 00:22:32 GMT; path=/; secure; SameSite=None
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
um
cs.emxdgt.com/ Frame 478F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

:method
GET
:authority
cs.emxdgt.com
:scheme
https
:path
/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

content-type
text/html
date
Thu, 10 Jun 2021 00:22:33 GMT
content-length
0
usersync
rtb.gumgum.com/ Frame B8B9
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://rtb.gumgum.com/usersync?b=sus&i=YMFbUMCo5sEAAAls5xYAAAAA
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=sus&i=YMFbUMCo5sEAAAls5xYAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.41.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=sus&i=YMFbUMCo5sEAAAls5xYAAAAA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
cs=true; loc=6w2LaLFVVEsKeEYDbKODy-cmQlLX826CTV8Ymt8iPk0IH9fAdwz9ELRbeFQtJW1PMyKQbd06DJpuPD5VDA-jgw; vst=e_9cfc47e5-d880-4d32-b76a-dcf8c5c95563
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Thu, 10 Jun 2021 00:22:40 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Server
nginx
Date
Thu, 10 Jun 2021 00:22:40 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
private
Location
https://rtb.gumgum.com/usersync?b=sus&i=YMFbUMCo5sEAAAls5xYAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Set-Cookie
SOC=YMFbUMCo5sEAAAls5xYAAAAA; path=/; expires=Sat, 10-Jun-23 00:22:40 GMT; domain=socdm.com; secure; SameSite=None
X-SO-Ads-Time
1
X-SO-HostName
a-ad40333.dc2p.scaleout.jp
X-SO-LB-Hostname
a-tgng40003.dc2p.scaleout.jp
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":17,"gdpr":false,"ipv4":"185.156.175.107","key":"YMFbUMCo5sEAAAls5xYAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40333"}
X-SO-Key
YMFbUMCo5sEAAAls5xYAAAAA
X-SO-IP
185.156.175.107
X-SO-Cluster-ID
17
X-SO-Upstream-ID
a-ad40333
cm
p.rfihub.com/ Frame 5BA4 		0
0
usersync
rtb.gumgum.com/ Frame E2B1
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://rtb.gumgum.com/usersync?b=rth&i=laNMGwN03LWN1DvJ87Kd&pi=gumgum
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=rth&i=laNMGwN03LWN1DvJ87Kd&pi=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.41.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=rth&i=laNMGwN03LWN1DvJ87Kd&pi=gumgum
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_5af38b70-3836-4284-8717-31919a286191
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Thu, 10 Jun 2021 00:22:32 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Thu, 10 Jun 2021 00:22:32 GMT Thu, 10 Jun 2021 00:22:32 GMT
location
https://rtb.gumgum.com/usersync?b=rth&i=laNMGwN03LWN1DvJ87Kd&pi=gumgum
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
0
integrator.js
adservice.google.ch/adsid/ 		107 B
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ch/adsid/integrator.js?domain=www.justjared.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 10 Jun 2021 00:22:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.justjared.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 10 Jun 2021 00:22:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		22 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=170702717969275&correlator=213450644188311&output=ldjh&impl=fifs&vrg=2021060301&ptt=17&gdpr=0&addtl_consent=1~&sc=0&sfv=1-0-38&ecs=20210610&iu_parts=21854935662%2CJustJared_Desktop_ROS%2CJustJared_ROS_HighImpact%2CJustJared_Home%2CJustJared_Home_Top_728x90%2CJustJared_Home_Top_Right_300x250_InnerRail&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F3%2F4%2C%2F0%2F3%2F5&prev_iu_szs=1x1%2C728x90%2C300x250&prev_scp=divID%3DhighImp%26amznbid%3D2%26amznp%3D2%7CdivID%3Dhome_Top_728x90%26amznbid%3D2%26amznp%3D2%7CdivID%3Dhome_Top_Right_300x250_InnerRail%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=skin_width%3Dyes%26width%3D1600&cookie_enabled=1&bc=23&abxe=1&lmt=1623284318&dt=1623284552739&dlt=1623284550544&idt=500&frm=20&biw=1600&bih=1200&oid=3&adxs=800%2C436%2C980&adys=0%2C351%2C503&adks=3666153669%2C1749475389%2C3019536337&ucis=1%7C2%7C3&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.justjared.com%2F&vis=1&scr_x=0&scr_y=0&psz=1600x10991%7C1000x164%7C300x298&msz=1600x1%7C1000x90%7C300x250&ga_vid=2019856573.1623284551&ga_sid=1623284553&ga_hid=2054784078&ga_fc=false&fws=0%2C0%2C4&ohw=0%2C0%2C300&btvi=0%7C0%7C0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
c2aee95bc086399f34d2f60ae04f5efd2a638ad35ac0fd4ce279e553fa0696f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:33 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6357
x-xss-protection
0
google-lineitem-id
5693190956,5348258567,5343754737
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138349959871,138308656157,138308702260
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://www.justjared.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame 3984 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvhoXRMhBBu-K-Qr-JZdo_RsXrtV-pwgBtOB_quf6HrCmn99hbkOJMa7uuGmDFpafdxh1wxX-pr-TMPl9ex7YwrsCbxQ0QkbA8dnbPBY3gkvON6dpoEbafnjOJmnji6osL9K-1NACILgZpP7Cum-tgp5Co0J59UDO587YwFKfjabTUKnp7nxjGy1hQluXLvq6EH2UVSXl0IEUGv4iXsyiC9tGpPpIJ-6Pk4LHvX16O816R1INOtuEif3VfXd-NTjhAuOX9M5KPIcc-qRQMjiJu1iruNVyiz9WAF-WO1K1B5YQG2f4_3gjNSBfT9DyHfDJAZocE6kQ-we2cgwWH1n5NlhWzHhyChjji4uXo&sig=Cg0ArKJSzOLTa5PxsV2wEAE&urlfix=1&adurl=
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 10 Jun 2021 00:22:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
JustJared_Floating.js
d2na2p72vtqyok.cloudfront.net/aniview-script/ Frame 3984 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2na2p72vtqyok.cloudfront.net/aniview-script/JustJared_Floating.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.84.186.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-186-116.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4dd992ebbb512edbbebaac41f045897500920d34679c12eb15e9949cfde0de44

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
8dlgS_eeIlcp6v31uv34gv6PRdrig_Cb
Via
1.1 51076e0d05d56160dd8ee5148f1f74d8.cloudfront.net (CloudFront)
Last-Modified
Mon, 14 Dec 2020 16:10:30 GMT
Server
AmazonS3
Age
17257
ETag
"f5be06aa5f520eb22cea4be86004cd91"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Date
Wed, 09 Jun 2021 19:34:57 GMT
X-Amz-Cf-Pop
CDG50-P1
Accept-Ranges
bytes
Content-Length
8927
X-Amz-Cf-Id
26aqUUO3EztBCwJO53cqwYdPlaHDuASEQp58bKVk72NX3wEVW6R52A==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3984 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2f28c37beb838d695f95710805308cfe7f1fcc286bd744ab0184a23a10d5a4ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:33 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1623066169988846"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37960
x-xss-protection
0
expires
Thu, 10 Jun 2021 00:22:33 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 927E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu6nhwD3_BvzQxiQdhxjDmhhinNM8sv10lEXWtUWAJiQyH42P8IfqQzq8gQRxNAO4RDAfwQgJRqje2s78k-SjqjZalj1bjezrHQ8-BcMwR-BjBZ1TxG5gpwSoLW3hCtYizk21gWVFmI0PYYTJe7R8qYldSds5TLWRert77vsNcR5RTlpadSn5CuIgvsyG7dXVo_QStAjkdzbij3L69ZB7tDn6pCqbSrFwkyaws15RKOjp4tteOg9TD6swtPpkWFuYAJavZi1u-F-sAIwmJYIN6NTiHWb-8PfSuxnIehAERYQypR_B5-HQ0vWSqm-zgmI4mw7bQJyTmf2llOiWfltN_JsH6grZp4kFYojcy1qcMWkBWbSXJNAF0041gBDe4PRze-&sig=Cg0ArKJSzPg1GPDnieNMEAE&urlfix=1&adurl=
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 10 Jun 2021 00:22:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
tags.js
tags.expo9.exponential.com/tags/JustJared1/ROS/ Frame 927E 		59 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tags.expo9.exponential.com/tags/JustJared1/ROS/tags.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js
Protocol
HTTP/1.1
Server
2606:4700::6812:417 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9054a0f7da37d8f7e12911a80a14f72463939cd06b4f566c56eeabfa7396e7cb

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:33 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
P3P
CP="NOI DEVo TAIa OUR BUS"
Connection
keep-alive
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length
14103
cf-request-id
0a94e5ae6c0000176e7700a000000001
X-Function
151
Last-Modified
Tue, 01 Jun 2021 04:13:17 GMT
Server
cloudflare
X-Reuse-Index
14
ETag
9057393045813653418
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=3600, private
CF-RAY
65ce722a4c4a176e-FRA
Expires
Thu, 10 Jun 2021 01:22:33 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 927E 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2f28c37beb838d695f95710805308cfe7f1fcc286bd744ab0184a23a10d5a4ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:33 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1623066169988846"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37960
x-xss-protection
0
expires
Thu, 10 Jun 2021 00:22:33 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 758E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstQ8stC-bJ1278OnbAB_KYJpKJrqvisNhhE8tqO2eTk3SWkmAwzLszewzqPfh5_B5-alU3yL-fbFdHTRTXFEy5-QVj5uX0vAEsAsO2XV4882B6SYy6baCfhu75eSUThrb8lkkHAoBtgJa_P8KJNiI6y69rLWBV1qagrJ8atSNi83IcVJk9tDmwTLQmE47oz8O4-AWUWeROVcKTKmbMCqAd8fsX37VzJk9jAr2uGWIniLI5Ee127XviEDfxt3CuVpT_uZn4yLAH8zGH1T_vOyTGQDCSvrGzWlnCwW8GDghQbcf1NwdmxE81a40aZr_gJ3l72JLFucghp5lh96-u9029O0E4wkFfmHI1nl4k3uWFqHFN0YRb5x59bmJbxenxBDvxO03XybnRhqdfGOYNd_Wkcjfs&sig=Cg0ArKJSzBj9kmuSGuKKEAE&urlfix=1&adurl=
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 10 Jun 2021 00:22:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
tags.js
tags.expo9.exponential.com/tags/JustJared1/Article/ Frame 758E 		59 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tags.expo9.exponential.com/tags/JustJared1/Article/tags.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js
Protocol
HTTP/1.1
Server
2606:4700::6812:417 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03222b73e6aaa024f8d68e53f54ce11b4c282e39f826b6fc47b757a8dd6e8931

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:33 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
P3P
CP="NOI DEVo TAIa OUR BUS"
Connection
keep-alive
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length
14108
cf-request-id
0a94e5ae6d00004a9d2f304000000001
X-Function
151
Last-Modified
Tue, 01 Jun 2021 04:13:17 GMT
Server
cloudflare
X-Reuse-Index
1
ETag
3128424992160507264
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=3600, private
CF-RAY
65ce722a4f454a9d-FRA
Expires
Thu, 10 Jun 2021 01:22:33 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 758E 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2f28c37beb838d695f95710805308cfe7f1fcc286bd744ab0184a23a10d5a4ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:33 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1623066169988846"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37960
x-xss-protection
0
expires
Thu, 10 Jun 2021 00:22:33 GMT
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d8c7ce12428be733a9213b2fecae66db6950a933c276d68bf7c8271829a627d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:33 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1623066164336645"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28149
x-xss-protection
0
expires
Thu, 10 Jun 2021 00:22:33 GMT
5348258567
dfp-gateway.s-onetag.com/1/21854935662/ 		116 B
586 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dfp-gateway.s-onetag.com/1/21854935662/5348258567
Requested by
Host: get.s-onetag.com
URL: http://get.s-onetag.com/7e8b2caf-3c72-4be6-9c44-36b91a473863/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.174.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-174-116.cdg50.r.cloudfront.net
Software
/
Resource Hash
ced8ffd5f64a8d4ada571057bd26b22fe590ae694f624b167e56d5294da8dc6d

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 14:55:59 GMT
via
1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront), 1.1 015720ab3b3cbbc6f2312b46993e4bb7.cloudfront.net (CloudFront)
age
33995
x-amzn-requestid
5e856244-1e81-48aa-bc94-496c2707b4b2
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400, public
x-amzn-trace-id
Root=1-60c0d67f-42d247f96045e88271ff2111;Sampled=0
x-amz-cf-pop
FRA50-C1, CDG50-P2
x-amz-apigw-id
AqZz5E2viYcF64Q=
content-length
116
x-amz-cf-id
2-VPDB_TmW9AIzS-WoeKR5eXRxzQWXPl6WGQ3wh0eeMtuuMYq1ut1w==
5343754737
dfp-gateway.s-onetag.com/1/21854935662/ 		116 B
588 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dfp-gateway.s-onetag.com/1/21854935662/5343754737
Requested by
Host: get.s-onetag.com
URL: http://get.s-onetag.com/7e8b2caf-3c72-4be6-9c44-36b91a473863/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.174.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-174-116.cdg50.r.cloudfront.net
Software
/
Resource Hash
ced8ffd5f64a8d4ada571057bd26b22fe590ae694f624b167e56d5294da8dc6d

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 05:22:40 GMT
via
1.1 22b9ddafebf39d72780d68dad970d218.cloudfront.net (CloudFront), 1.1 015720ab3b3cbbc6f2312b46993e4bb7.cloudfront.net (CloudFront)
age
68394
x-amzn-requestid
86bab815-4082-4350-b811-5f44d78ebdff
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400, public
x-amzn-trace-id
Root=1-60c05020-08c127fb655f31b501db1b49;Sampled=0
x-amz-cf-pop
FRA56-C2, CDG50-P2
x-amz-apigw-id
ApF1DEZHCYcFf9w=
content-length
116
x-amz-cf-id
7JZTXBHxrFjtWMYMHxLAx7tMrrDLnOHbzUd65iHu_JeUTVVNqsZWKQ==
truncated
/ Frame 3984 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
52ce5a7da55fcf76761b5e98ea2306407267971828dbf86c4fa39562b9fdc194

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
aniview.js
player.aniview.com/script/6.1/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/aniview.js
Requested by
Host: d2na2p72vtqyok.cloudfront.net
URL: https://d2na2p72vtqyok.cloudfront.net/aniview-script/JustJared_Floating.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:28a::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
5eb763740d8b0da04a2b24ae137d482593148ba1aa6110291309e57597d9e14d

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:33 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-Uy1Jt_orKb4mSPuxR7kzsN3PSypgsjeNruQ_tTWSr9ALAxd3S1f6tXpC3YyuM38Nzswraj_7Hue1SpqltmnWuI48h7F9A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
9068
last-modified
Wed, 09 Jun 2021 09:43:17 GMT
server
UploadServer
etag
"33df0638c48fa7a3e422cbc5f2ef14a6"
vary
Accept-Encoding
x-goog-hash
crc32c=Y7b4Kg==, md5=M98GOMSPp6PkIsvF8u8Upg==
content-language
en
access-control-allow-origin
*
x-goog-generation
1623231797360146
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
9068
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 10 Jun 2021 00:27:33 GMT
track
track1.aniview.com/ Frame 3984 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?pid=5d8ccec528a0617cae5a0755&cid=5e85c631d4f76c52fe4651f9&e=playerLoaded&cb=1623284553417
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.44.237.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-44-237-179.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:33 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
AVmanager.js
player.aniview.com/script/6.1/ Frame 7898 		338 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d8ccec528a0617cae5a0755
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/aniview.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:28a::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
afb24970f48d7aae6cc543dfed6a1a3df272e2dea2d013eea31110d83db82a19

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:33 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-Uzwup-dEXM4RLp0PRDTC4QItcRStLlLIfjSNTc8AJw9HxIEEfacPIBn0GpnHnPPzaI6C03yk5utYNuU6Gc-KVQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
97882
last-modified
Wed, 09 Jun 2021 09:42:50 GMT
server
UploadServer
etag
"aec4c9ea027060fcb58f41c810c0c693"
vary
Accept-Encoding
x-goog-hash
crc32c=prPvIw==, md5=rsTJ6gJwYPy1j0HIEMDGkw==
content-language
en
access-control-allow-origin
*
x-goog-generation
1623231770120475
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
97882
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 10 Jun 2021 00:27:33 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=www.justjared.com&sn=&ic=0&tgt=0&app=&wi=640&he=360&test=&apppkg=&fv=3&proto=http&pid=5d8ccec528a0617cae5a0755&cid=5e85c631d4f76c52fe4651f9&e=inventory&vi=100&cb=1623284553496
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.44.237.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-44-237-179.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:33 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
1260
check.analytics.rlcdn.com/check/ 		25 B
390 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://check.analytics.rlcdn.com/check/1260
Requested by
Host: ads.rubiconproject.com
URL: http://ads.rubiconproject.com/prebid/21666_JustJared.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.174.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-174-75.cdg50.r.cloudfront.net
Software
/
Resource Hash
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 10 Jun 2021 00:22:33 GMT
via
1.1 a5d054ec657be0f6c3a94aea7a055e24.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-P2
x-amzn-requestid
e0fbe0b0-8017-4dfc-94ef-ca92d6aeec7b
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-60c15b49-7e6e0cdd0691d70e4318de94;Sampled=0
x-amz-apigw-id
ArszhEijoAMF2Tw=
content-length
25
x-amz-cf-id
epFFCpMJh-bXhcEYauKZZ7mW_IAX05blj2lNOfkqDGxRwStzGkRmtQ==
g_pbto
1x1.a-mo.net/hbx/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1x1.a-mo.net/hbx/g_pbto?A=undefined&bid=undefined&a=undefined&cn=undefined&aud=undefined&ts=1623284553504&eid=62131d77b9aa5
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.196.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
MonetEngine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:34 GMT
cache-control
max-age=0, private, must-revalidate
server
MonetEngine
/
go1.aniview.com/api/adserver/tag/ 		0
0
truncated
/ 		480 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
lil+logo+blue.png
d2na2p72vtqyok.cloudfront.net/files/video/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2na2p72vtqyok.cloudfront.net/files/video/lil+logo+blue.png
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.84.186.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-186-116.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
181653a0bef6a09a09ddab1d7582cf0d8da54b1f13fc7061cd65ae9b335291c6

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
oqf.gn.sy_fEoBsOAhEmn65wP9bvmANe
Via
1.1 3f1a5dbb6451309426050e13abf469c6.cloudfront.net (CloudFront)
Last-Modified
Wed, 13 Nov 2019 19:28:50 GMT
Server
AmazonS3
Age
17283
ETag
"ba6f19d91cc6c63028c2783c93ee36bb"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Date
Wed, 09 Jun 2021 19:34:32 GMT
X-Amz-Cf-Pop
CDG50-P1
Accept-Ranges
bytes
Content-Length
3641
X-Amz-Cf-Id
QFcjqDVMXba198X2dBw0C8EVemVkSWMQ2KlEDj-6vkGbwlU57AtMzQ==
video_justjared.com_1.mp4
d2na2p72vtqyok.cloudfront.net/Aniview-Content/ 		5 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://d2na2p72vtqyok.cloudfront.net/Aniview-Content/video_justjared.com_1.mp4
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.84.186.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-186-116.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
http://www.justjared.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Date
Wed, 09 Jun 2021 21:53:09 GMT
Via
1.1 3f1a5dbb6451309426050e13abf469c6.cloudfront.net (CloudFront)
Last-Modified
Tue, 01 Jun 2021 14:38:39 GMT
Server
AmazonS3
Age
8966
ETag
"c5768270e2a20228a3be9d148888210b"
X-Cache
Hit from cloudfront
x-amz-version-id
Tt5ye13Qc_YbHCXxc_31b66.XcHgUN3W
Content-Range
bytes 0-5335238/5335239
Connection
keep-alive
X-Amz-Cf-Pop
CDG50-P1
Accept-Ranges
bytes
Content-Type
video/mp4
Content-Length
5335239
X-Amz-Cf-Id
e1gfpDz229zdxDvIlIGLAi7D1S4kaOwCsRqNVl1kDgw3ermykOK7iw==
displayAd.js
a.tribalfusion.com/ Frame 927E 		677 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://a.tribalfusion.com/displayAd.js?dver=0.9&th=8645007496
Requested by
Host: tags.expo9.exponential.com
URL: http://tags.expo9.exponential.com/tags/JustJared1/ROS/tags.js
Protocol
HTTP/1.1
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e1730f6e3c5de3802debd93767fdba6642db300c757fea46e667dd8915a1f54

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:33 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
P3P
CP="NOI DEVo TAIa OUR BUS"
Connection
keep-alive
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length
330
cf-request-id
0a94e5af3c0000d6b50aa8d000000001
X-Function
153
Last-Modified
Tue, 01 Jun 2021 04:13:16 GMT
Server
cloudflare
X-Reuse-Index
19
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private
CF-RAY
65ce722b9d77d6b5-FRA
Expires
Wed, 08 Sep 2021 00:22:33 GMT
1260
check.analytics.rlcdn.com/check/ 		25 B
390 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://check.analytics.rlcdn.com/check/1260
Requested by
Host: ads.rubiconproject.com
URL: http://ads.rubiconproject.com/prebid/21666_JustJared.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.174.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-174-75.cdg50.r.cloudfront.net
Software
/
Resource Hash
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 10 Jun 2021 00:22:33 GMT
via
1.1 a5d054ec657be0f6c3a94aea7a055e24.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-P2
x-amzn-requestid
d8440d92-f5e0-4f0c-b3ca-8d499abb1fcb
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-60c15b49-38d3eb4f260757563240c120;Sampled=0
x-amz-apigw-id
ArszjGLeIAMF9fg=
content-length
25
x-amz-cf-id
nlHY5yp3ZGx_uV63BgvLsPGIAdWijv9V4e-C2ScPCmtuESc_d1b0xw==
g_pbto
1x1.a-mo.net/hbx/ 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1x1.a-mo.net/hbx/g_pbto?A=undefined&bid=undefined&a=undefined&cn=undefined&aud=undefined&ts=1623284553525&eid=63cf2b84ee9f622
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.196.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
MonetEngine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:34 GMT
cache-control
max-age=0, private, must-revalidate
server
MonetEngine
1260
check.analytics.rlcdn.com/check/ 		25 B
392 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://check.analytics.rlcdn.com/check/1260
Requested by
Host: ads.rubiconproject.com
URL: http://ads.rubiconproject.com/prebid/21666_JustJared.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.174.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-174-75.cdg50.r.cloudfront.net
Software
/
Resource Hash
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 10 Jun 2021 00:22:33 GMT
via
1.1 a5d054ec657be0f6c3a94aea7a055e24.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-P2
x-amzn-requestid
86efc502-7679-4a62-af42-f2734936da47
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-60c15b49-29c0b1bf198699b919837a7e;Sampled=0
x-amz-apigw-id
ArszjEJpoAMFbKg=
content-length
25
x-amz-cf-id
iXKINb-_nYSEPgRwU27l7LFUxmLOG9Tk4WPinbvvZMTJzLonxFLVlQ==
g_pbto
1x1.a-mo.net/hbx/ 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1x1.a-mo.net/hbx/g_pbto?A=undefined&bid=undefined&a=undefined&cn=undefined&aud=undefined&ts=1623284553535&eid=64027053f3d258f
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.196.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
MonetEngine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:34 GMT
cache-control
max-age=0, private, must-revalidate
server
MonetEngine
pr
aax-eu.amazon-adsystem.com/s/v3/ Frame C277 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_gg_n-index_pm-db5_rbd_n-emx_n-acuityads_cnv_n-amobee_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-smaato_gg_n-index_pm-db5_rbd_n-emx_n-acuityads_cnv_n-amobee_sovrn_3lift&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.123.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
720f13b16a005bbfddea132ce695e546167d8ab16a88ff5b9ca661ef81740d75

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-smaato_gg_n-index_pm-db5_rbd_n-emx_n-acuityads_cnv_n-amobee_sovrn_3lift&dcc=t
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A_l68WkWykTAiqRVvH6O3QU; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-smaato_gg_n-index_pm-db5_rbd_n-emx_n-acuityads_cnv_n-amobee_sovrn_3lift&dcc=t

Response headers

Server
Server
Date
Thu, 10 Jun 2021 00:22:33 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
664
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip
truncated
/ 		331 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
ecm3
aax-eu.amazon-adsystem.com/s/ Frame C277
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com/s%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smaato.com&id=5afd5761cde011039857
43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smaato.com&id=5afd5761cde011039857
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_gg_n-index_pm-db5_rbd_n-emx_n-acuityads_cnv_n-amobee_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.123.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:33 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Thu, 10 Jun 2021 00:22:33 GMT
via
1.1 ee4db0d243ceb0d1993e5f46ad6c0f01.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
CDG50-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smaato.com&id=5afd5761cde011039857
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
J8_CiW7V6TB-u5rgeqoIg9RgKJC9zWYAC8gqU1Nzc5u1gXjtbueHNg==
ecm3
aax-eu.amazon-adsystem.com/s/ Frame C277
Redirect Chain
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dbrealtime.com%26id%3D%24UID&gdpr=0
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dbrealtime.com%26id%3D%24EMXUID
  • https://cs.emxdgt.com/umcheck?apnxid=7761284304466057866&redirect=https://aax-eu.amazon-adsystem.com/s/ecm3?ex=brealtime.com&id=$EMXUID
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=brealtime.com&uid=7761284304466057866brt44261623284553958665f1
43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=brealtime.com&uid=7761284304466057866brt44261623284553958665f1
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_gg_n-index_pm-db5_rbd_n-emx_n-acuityads_cnv_n-amobee_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.123.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:37 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=brealtime.com&uid=7761284304466057866brt44261623284553958665f1
date
Thu, 10 Jun 2021 00:22:36 GMT
content-length
0
content-type
text/html
amzns2s
rtb.gumgum.com/usync/ Frame A4F7 		2 KB
1018 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_gg_n-index_pm-db5_rbd_n-emx_n-acuityads_cnv_n-amobee_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.41.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6efde964cef044ecb200bd00d433e200456253510af7f4c5f52cc6515e4b7719

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_5af38b70-3836-4284-8717-31919a286191
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:33 GMT
content-type
text/html;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
etag
W/"03c71751c0a92fd43108eb0deaba49478"
timing-allow-origin
*
content-encoding
gzip
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 20A2 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_gg_n-index_pm-db5_rbd_n-emx_n-acuityads_cnv_n-amobee_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0227dda975a19f769cc8725f63e4c4762774afe3c364cfad1c8c05541ed54b1d

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YMFbSGKU0Ksl.eiRobrDDQAA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
39|241|230|45|221|81|88|191
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1831
Expires
Thu, 10 Jun 2021 00:22:33 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:33 GMT
Connection
keep-alive
Set-Cookie
CMID=YMFbSGKU0Ksl.eiRobrDDQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 10 Jun 2022 00:22:33 GMT CMPS=3202;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 08 Sep 2021 00:22:33 GMT CMPRO=1117;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 08 Sep 2021 00:22:33 GMT CMRUM3=e660c15b492760&bf60c15b4905a0&dd60c15b492760&2760c15b490b40&2d60c15b4905a0&f160c15b4905a0&5160c15b4905a0&5860c15b4905a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 10 Jun 2022 00:22:33 GMT CMST=YMFbSWDBW0kA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 11 Jun 2021 00:22:33 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D7D9 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_gg_n-index_pm-db5_rbd_n-emx_n-acuityads_cnv_n-amobee_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
adeacac4167dc188f54213893f0444ea5d60995143ad0552dcb4c383199a740b

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

last-modified
Tue, 01 Jun 2021 06:44:25 GMT
etag
"1300708-2080-5c3aeac410031"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
2586
content-type
text/html; charset=UTF-8
cache-control
max-age=40868
expires
Thu, 10 Jun 2021 11:43:44 GMT
date
Thu, 10 Jun 2021 00:22:36 GMT
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame D283 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_gg_n-index_pm-db5_rbd_n-emx_n-acuityads_cnv_n-amobee_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
rsid=1|AIfsdBUH+v3fWCPuzNowDE/csJlhKa2tlCBRUZWfOQpzq4eRUmvkSc3ya9WQi+HKKRWt2jyoYTD2eRvLWSDhFgX3ng06hUEE9RUpasHbexgivGKrYKdBNKOTT8+Kbwv/ANSf; ses15=; vis15=293666^1; ses10=; vis10=293666^1; khaos=KPQ5PKTL-V-4HSC; audit=1|naVuGyos1qojheJiu7KYlXp4/TMPY9XwzMb5byHS7FZAhKqwsAMp692KjpcTyb52dalcOrJi9dpo2B05UvZjL2UmrsSRQiLTsqlSNZOaaDQ=; uids=eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsicnRiaG91c2UiOnsidWlkIjoibGFOTUd3TjAzTFdOMUR2Sjg3S2QiLCJleHBpcmVzIjoiMjAyMS0wNi0yNFQwMDoyMjozMi41NTZaIn0sInJ1Ymljb24iOnsidWlkIjoiS1BRNVBLVEwtVi00SFNDIiwiZXhwaXJlcyI6IjIwMjEtMDYtMjRUMDA6MjI6MzIuNDE1WiJ9LCJndW1ndW0iOnsidWlkIjoiZV81YWYzOGI3MC0zODM2LTQyODQtODcxNy0zMTkxOWEyODYxOTEiLCJleHBpcmVzIjoiMjAyMS0wNi0yNFQwMDoyMjozMi43MTRaIn19LCJiZGF5IjoiMjAyMS0wNi0xMFQwMDoyMjozMi40MTVaIn0=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 10 Jun 2021 00:22:36 GMT
Connection
keep-alive
Vary
Accept-Encoding
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 6F7A
Redirect Chain
  • https://cs.admanmedia.com/sync/amazon?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dacuity.com%26id%3D%24UID&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=acuity.com&id=0c71ed9c9c68ee4f9bd9c101ca551552239b6451&gdpr=0
43 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=acuity.com&id=0c71ed9c9c68ee4f9bd9c101ca551552239b6451&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_gg_n-index_pm-db5_rbd_n-emx_n-acuityads_cnv_n-amobee_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.123.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Server
Date
Thu, 10 Jun 2021 00:22:49 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent

Redirect headers

Server
nginx
Date
Thu, 10 Jun 2021 00:22:49 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
admtr=0c71ed9c9c68ee4f9bd9c101ca551552239b6451; path=/; domain=.admanmedia.com; expires=Fri, 10 Jun 2022 00:22:49 GMT; max-age=31536000 ;SameSite=None; Secure
Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=acuity.com&id=0c71ed9c9c68ee4f9bd9c101ca551552239b6451&gdpr=0
current
amazon-tam-match.dotomi.com/match/bounce/ Frame A806 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_gg_n-index_pm-db5_rbd_n-emx_n-acuityads_cnv_n-amobee_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
amazon-tam-match.dotomi.com
:scheme
https
:path
/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
nginx
date
Thu, 10 Jun 2021 00:22:33 GMT
cache-control
no-cache, private, max-age=0, no-store
expires
0
pragma
no-cache
ecm3
aax-eu.amazon-adsystem.com/s/ Frame F439
Redirect Chain
  • https://ad.turn.com/r/cs?pid=64&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Damobee.com%26id%3D%23USER_ID%23
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=amobee.com&id=2390624913052329021
43 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=amobee.com&id=2390624913052329021
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_gg_n-index_pm-db5_rbd_n-emx_n-acuityads_cnv_n-amobee_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.123.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A_l68WkWykTAiqRVvH6O3QU; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Server
Date
Thu, 10 Jun 2021 00:22:33 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent

Redirect headers

p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma
no-cache
set-cookie
uid=2390624913052329021; Domain=.turn.com; Expires=Tue, 07-Dec-2021 00:22:33 GMT; Path=/; Secure; SameSite=None
location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=amobee.com&id=2390624913052329021
content-length
0
date
Thu, 10 Jun 2021 00:22:33 GMT
Cookie set amazon
ap.lijit.com/beacon/ Frame 3488
Redirect Chain
  • https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
  • https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_gg_n-index_pm-db5_rbd_n-emx_n-acuityads_cnv_n-amobee_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
2fe7d4c61b5ff8df86e2f196e838327ce1989b790dfd282b95ad5f76195455b4

Request headers

Host
ap.lijit.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ljt_reader=276ff8e138bba4aa5ae5ff82
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
nginx
Date
Thu, 10 Jun 2021 00:22:34 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Vary
Accept-Encoding
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie
ljtrtbexp=eJyrVjKxVLIyNDMyMbE0MTQ10VEyM0PlW6DxjYzR%2BBB5Y2Mjc3NTk1oAnA8QWw%3D%3D;Path=/;Domain=.lijit.com;Expires=Fri, 10-Jun-2022 00:22:34 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=276ff8e138bba4aa5ae5ff82;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
Content-Encoding
gzip
X-Sovrn-Pod
ad_ap1ams1

Redirect headers

Server
nginx
Date
Thu, 10 Jun 2021 00:22:34 GMT
Content-Length
0
Set-Cookie
ljt_reader=276ff8e138bba4aa5ae5ff82;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap1ams1
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 85F6
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=11905015314952651458
43 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=11905015314952651458
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_gg_n-index_pm-db5_rbd_n-emx_n-acuityads_cnv_n-amobee_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.123.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A_l68WkWykTAiqRVvH6O3QU; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Server
Date
Thu, 10 Jun 2021 00:22:33 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent

Redirect headers

date
Thu, 10 Jun 2021 00:22:33 GMT
content-length
0
location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=11905015314952651458
set-cookie
tluid=11905015314952651458; Max-Age=7776000; Expires=Wed, 08 Sep 2021 00:22:33 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cm
bidswitch-eu.splicky.com/ Frame A4F7
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_5af38b70-3836-4284-8717-31919a286191&gdpr=0&gdpr_consent=&us_privacy=
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=28089516-6d3a-4447-b279-e92369718e38
0
0
usersync
rtb.gumgum.com/ Frame A4F7
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=sta&i=0-4f726f1d-b263-4f7b-7a92-d1b0eef6745c$ip$185.156.175.107
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=sta&i=0-4f726f1d-b263-4f7b-7a92-d1b0eef6745c$ip$185.156.175.107
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.41.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:48 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=sta&i=0-4f726f1d-b263-4f7b-7a92-d1b0eef6745c$ip$185.156.175.107
Date
Thu, 10 Jun 2021 00:22:48 GMT
Connection
keep-alive
Content-Length
124
Content-Type
text/html; charset=utf-8
usersync
rtb.gumgum.com/ Frame A4F7
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%...
  • https://rtb.gumgum.com/usersync?b=vnt&i=fc3f1a55-c981-11eb-b51e-0b7b74916066
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=vnt&i=fc3f1a55-c981-11eb-b51e-0b7b74916066
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.41.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:48 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=vnt&i=fc3f1a55-c981-11eb-b51e-0b7b74916066
Date
Thu, 10 Jun 2021 00:22:48 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
fc3f1a56-c981-11eb-b51e-0b7b74916066
services
sync.technoratimedia.com/ Frame A4F7 		0
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
193.122.174.27 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:33 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
699844539
access-control-allow-origin
https://rtb.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame A4F7 		0
0
usersync
rtb.gumgum.com/ Frame A4F7
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_5af38b70-3836-4284-8717-31919a286191&gdpr=0&gdpr_consent=&us_privacy=
  • https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=0
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=0
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.41.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:45 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=0
Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:45 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
78
Content-Type
text/html; charset=utf-8
usersync
rtb.gumgum.com/ Frame A4F7
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://rtb.gumgum.com/usersync?b=idi&i=f0c200a6-600f-4ea8-afec-d51b7d80d7a2
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=idi&i=f0c200a6-600f-4ea8-afec-d51b7d80d7a2
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.41.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:34 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=idi&i=f0c200a6-600f-4ea8-afec-d51b7d80d7a2
date
Thu, 10 Jun 2021 00:22:33 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame A4F7 		43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=gg.com&id=e_5af38b70-3836-4284-8717-31919a286191
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.123.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:33 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D62D 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV81YWYzOGI3MC0zODM2LTQyODQtODcxNy0zMTkxOWEyODYxOTE=&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

:method
GET
:authority
cm.g.doubleclick.net
:scheme
https
:path
/pixel?google_nid=gumgum_dbm&google_hm=ZV81YWYzOGI3MC0zODM2LTQyODQtODcxNy0zMTkxOWEyODYxOTE=&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUk4kEGu2OYu93Z5ONX81IRXI5F4LFxAu_XJxc3kdx-iXvVo-qS36NwlGQzj5ws
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

content-type
image/png
date
Thu, 10 Jun 2021 00:22:33 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
server
HTTP server (unknown)
content-length
170
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame EEE1 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
adeacac4167dc188f54213893f0444ea5d60995143ad0552dcb4c383199a740b

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

last-modified
Tue, 01 Jun 2021 06:44:25 GMT
etag
"1300708-2080-5c3aeac410031"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
2586
content-type
text/html; charset=UTF-8
cache-control
max-age=40868
expires
Thu, 10 Jun 2021 11:43:44 GMT
date
Thu, 10 Jun 2021 00:22:36 GMT
vary
Accept-Encoding
/
ssc-cms.33across.com/ps/ Frame BB85 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.172 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software
33XP005 /
Resource Hash

Request headers

:method
GET
:authority
ssc-cms.33across.com
:scheme
https
:path
/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

x-33x-status
200000000000000002020008
server
33XP005
date
Thu, 10 Jun 2021 00:22:36 GMT
um
cs.emxdgt.com/ Frame 310F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

:method
GET
:authority
cs.emxdgt.com
:scheme
https
:path
/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

content-type
text/html
date
Thu, 10 Jun 2021 00:22:33 GMT
content-length
0
usersync
rtb.gumgum.com/ Frame E092
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://rtb.gumgum.com/usersync?b=sus&i=YMFbUMCo5sEAAAls504AAAAA
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=sus&i=YMFbUMCo5sEAAAls504AAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.41.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=sus&i=YMFbUMCo5sEAAAls504AAAAA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
cs=true; loc=6w2LaLFVVEsKeEYDbKODy-cmQlLX826CTV8Ymt8iPk0IH9fAdwz9ELRbeFQtJW1PMyKQbd06DJpuPD5VDA-jgw; vst=e_9cfc47e5-d880-4d32-b76a-dcf8c5c95563
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Thu, 10 Jun 2021 00:22:40 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Server
nginx
Date
Thu, 10 Jun 2021 00:22:40 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
private
Location
https://rtb.gumgum.com/usersync?b=sus&i=YMFbUMCo5sEAAAls504AAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Set-Cookie
SOC=YMFbUMCo5sEAAAls504AAAAA; path=/; expires=Sat, 10-Jun-23 00:22:40 GMT; domain=socdm.com; secure; SameSite=None
X-SO-Ads-Time
2
X-SO-HostName
a-ad40298.dc2p.scaleout.jp
X-SO-LB-Hostname
a-tgng40003.dc2p.scaleout.jp
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":14,"gdpr":false,"ipv4":"185.156.175.107","key":"YMFbUMCo5sEAAAls504AAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40298"}
X-SO-Key
YMFbUMCo5sEAAAls504AAAAA
X-SO-IP
185.156.175.107
X-SO-Cluster-ID
14
X-SO-Upstream-ID
a-ad40298
cm
p.rfihub.com/ Frame 9A12 		0
0
casale
match.adsrvr.org/track/cmf/ Frame 20A2 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YMFbSGKU0Ksl.eiRobrDDQAA
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:37 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame 20A2 		43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YMFbSGKU0Ksl-eiRobrDDQAABF0AAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:46 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 20A2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YMFbSGKU0Ksl-eiRobrDDQAABF0AAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEOWuD_KGZwqGHFpcTyVNtj4&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEOWuD_KGZwqGHFpcTyVNtj4&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:33 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Thu, 10 Jun 2021 00:22:33 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:33 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEOWuD_KGZwqGHFpcTyVNtj4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 20A2
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YMFbSGKU0Ksl.eiRobrDDQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHhPXQd2pOKdVH6pCJNSVpw&google_cver=1&google_hm=2
43 B
999 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHhPXQd2pOKdVH6pCJNSVpw&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:33 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 10 Jun 2021 00:22:33 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:33 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHhPXQd2pOKdVH6pCJNSVpw&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tpid=YMFbSGKU0Ksl.eiRobrDDQAA%261117
bcp.crwdcntrl.net/map/c=6725/tp=INDX/ Frame 20A2 		0
0
rum
dsum-sec.casalemedia.com/ Frame 20A2
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=X8pH7lyYEOZEmxLnD84Jul3LHL5EnxfmDclbhijA
43 B
1012 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=X8pH7lyYEOZEmxLnD84Jul3LHL5EnxfmDclbhijA
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:33 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 10 Jun 2021 00:22:33 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:33 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=X8pH7lyYEOZEmxLnD84Jul3LHL5EnxfmDclbhijA
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 20A2
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YMFbSAABq73bxAA4
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YMFbSAABq73bxAA4
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:46 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 10 Jun 2021 00:22:46 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:46 GMT
via
1.1 varnish
server
Varnish
x-timer
S1623284567.629080,VS0,VE0
x-served-by
cache-fra19169-FRA
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YMFbSAABq73bxAA4
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
index
dmp.brand-display.com/cm/api/ Frame 20A2 		0
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 20A2 		43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=index.com&id=YMFbSGKU0Ksl-eiRobrDDQAABF0AAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.123.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:33 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
j.ad
a.tribalfusion.com/ Frame 927E 		6 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://a.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=8645007496&tagKey=3706711333&site=justjared1&adSpace=ros&center=1&env=display&size=728x90&busted=1&url=http%3A%2F%2Fwww.justjared.com%2F&f=1&p=4474354&tKey=afmneMS6nmWW3VTFb52bAn1HnCQli9oR&a=1&adContainerId=richmedia_2&rnd=4482526
Requested by
Host: tags.expo9.exponential.com
URL: http://tags.expo9.exponential.com/tags/JustJared1/ROS/tags.js
Protocol
HTTP/1.1
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f61b94954d7412fb16b4df2d0296bfcd46546aab0bafa7ee3b400a105e931fef

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:33 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
P3P
CP="NOI DEVo TAIa OUR BUS"
Connection
keep-alive
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length
2689
cf-request-id
0a94e5b00d0000d6b51307d000000001
Pragma
no-cache
X-Function
101
Server
cloudflare
X-Reuse-Index
1
Vary
Accept-Encoding
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
private, no-cache, no-store, proxy-revalidate
CF-RAY
65ce722cee8bd6b5-FRA
Expires
0
view
securepubads.g.doubleclick.net/pcs/ Frame 3984 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvDQInY6XUAQQAIbx0KV-jEAJPOWcDWkRUDQScTDHk_Z9uVlAHrM8KhesU-ehPUGjAqLNfDOPrhOcyULAaFjileTBGdNNnVGKgFXa0TFfSd77TGzrUTp_z6yc5X4xINRYYFSX9n1lNKREROClv09bD-ilXuVx2MTtK3yOM9yXgEQn7KxJS_2hv6X-v5C9VohZI8i5ifuz_UH4ku5LK9o7yCVPeELJfON-W4Yv9iH_sZBoyh3dn7AWAPbmlS5oYz9kVDunHxWWi54geDIzCK_q0t6euTg8QuqbYQRTFniY6CTubFUVHhtAAB-m5nDtyJ_m1iOU4NSPrLa4FpM498wdH-VcyVg4aKSK-5x8cn-w&sig=Cg0ArKJSzLT25QKsdJudEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 10 Jun 2021 00:22:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 10 Jun 2021 00:22:33 GMT
Cookie set p.media
a.tribalfusion.com/ Frame E180 		440 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://a.tribalfusion.com/p.media?clickID=anmTw7Rr6oPHvdWVM22rToodItXTXn3d3ZdQVFZc4mQZamdApTHJ6YrnkXUbjXTeNRUJEWFJYVdYWmUYvPFjs1EMt5aFe4q3PmqMKXFUcWHJVoAnBnGrqmWnE2qZbg5tiN5PjFnbbG0VMS1cYV1cjypabQ5UUPWUFBVP31QTb1ScUMQdUNYtZbuWPvM3VQWYrZbKVmPt2AB8PPBA3dMq0tBApd2o363y5FnQqZcLLfX&mediaDataID=4056396&mediaName=frame.html
Requested by
Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=8645007496&tagKey=3706711333&site=justjared1&adSpace=ros&center=1&env=display&size=728x90&busted=1&url=http%3A%2F%2Fwww.justjared.com%2F&f=1&p=4474354&tKey=afmneMS6nmWW3VTFb52bAn1HnCQli9oR&a=1&adContainerId=richmedia_2&rnd=4482526
Protocol
HTTP/1.1
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03ce331da06be9af85d81ad9b9524c9d1cf2c2f2229eb9e319d53a82ff1b368b

Request headers

Host
a.tribalfusion.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://www.justjared.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.justjared.com/

Response headers

Date
Thu, 10 Jun 2021 00:22:34 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DEVo TAIa OUR BUS"
X-Function
102
X-Reuse-Index
22
Pragma
no-cache
Cache-Control
private, no-cache, no-store, proxy-revalidate
Set-Cookie
ANON_ID=aDnpe3rwZayqQXwrUPWGw1ZbUaTLR1G3q6UmTPfuXKM1R2QS4NZaeT0; path=/; domain=.tribalfusion.com; expires=Wed, 08-Sep-2021 00:22:34 GMT; SameSite=None; Secure;
Vary
Accept-Encoding
Expires
0
set-cookie
ANON_ID_old=aDnpe3rwZayqQXwrUPWGw1ZbUaTLR1G3q6UmTPfuXKM1R2QS4NZaeT0; path=/; domain=.tribalfusion.com; expires=Wed, 08-Sep-2021 00:22:34 GMT;
CF-Cache-Status
DYNAMIC
cf-request-id
0a94e5b0cc0000d6b50d2f4000000001
Server
cloudflare
CF-RAY
65ce722e1fb2d6b5-FRA
Content-Encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Cookie set p.media
a.tribalfusion.com/ Frame B33F 		522 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://a.tribalfusion.com/p.media?clickID=aomTw7T6Mu4sY3XUrZcU66p2PrbPmjD3HrO0HnCndEv36YV5cr7UsQjVcBiP6YnUWFTWbr03rZauWTbxVEQdSTvZcScBZcPbExRH7kVcbP2FTrodiOXqXw3HMFPsrH2mUHotZaOTHQf0rMd1UF91E6mPUUCWUQ5WdMXnbjqQFrq1E3y5EUl2aURnEBAXUf6TdMQoAUZapVjmotUD2qMg3WmN3AvGprv7Xrr7tqmH7N&mediaDataID=5436426&mediaName=frame.html
Requested by
Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=8645007496&tagKey=3706711333&site=justjared1&adSpace=ros&center=1&env=display&size=728x90&busted=1&url=http%3A%2F%2Fwww.justjared.com%2F&f=1&p=4474354&tKey=afmneMS6nmWW3VTFb52bAn1HnCQli9oR&a=1&adContainerId=richmedia_2&rnd=4482526
Protocol
HTTP/1.1
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee50d0b272120afdf86764b6dbdce40d5eebaaa5044f36be7924b95a83ad3649

Request headers

Host
a.tribalfusion.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://www.justjared.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.justjared.com/

Response headers

Date
Thu, 10 Jun 2021 00:22:34 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DEVo TAIa OUR BUS"
X-Function
102
X-Reuse-Index
8
Pragma
no-cache
Cache-Control
private, no-cache, no-store, proxy-revalidate
Set-Cookie
ANON_ID=aDnpe3rwZayqQXwrUPWGw1ZbUaTLR1G3q6UmTPfuXKM1R2QS4NZaeT0; path=/; domain=.tribalfusion.com; expires=Wed, 08-Sep-2021 00:22:34 GMT; SameSite=None; Secure;
Vary
Accept-Encoding
Expires
0
set-cookie
ANON_ID_old=aDnpe3rwZayqQXwrUPWGw1ZbUaTLR1G3q6UmTPfuXKM1R2QS4NZaeT0; path=/; domain=.tribalfusion.com; expires=Wed, 08-Sep-2021 00:22:34 GMT;
CF-Cache-Status
DYNAMIC
cf-request-id
0a94e5b0d40000175e3f394000000001
Server
cloudflare
CF-RAY
65ce722e28b0175e-FRA
Content-Encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Cookie set p.media
a.tribalfusion.com/ Frame FD4F 		500 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://a.tribalfusion.com/p.media?clickID=apmTw7oTbD1rZb9UdJSnAQIpGUupt7C3Tr73dAy5A7ZbprMLXVnQXs3V1GFOpab33bFUTUvEWPnTPajSQsUrStjN1HfqVmYn3GBWYbZbZaVmXq2PUeQP7G2Wvm1dBLpdAo5mU05cjeVs3aUc78SmQOWWYRWrj22retVaQsWEJbSTYFSGQJRrZavSdjdVVYR5b6oodIo0aav2WYFPsFH4PJHmdXyVWZbZcXVrUt12ZatH&mediaDataID=6807466&mediaName=frame.html
Requested by
Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=8645007496&tagKey=3706711333&site=justjared1&adSpace=ros&center=1&env=display&size=728x90&busted=1&url=http%3A%2F%2Fwww.justjared.com%2F&f=1&p=4474354&tKey=afmneMS6nmWW3VTFb52bAn1HnCQli9oR&a=1&adContainerId=richmedia_2&rnd=4482526
Protocol
HTTP/1.1
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ebf8c889620effeddc8a3758961a2e15c5ece40f7e930eaa67095cfd3d43117

Request headers

Host
a.tribalfusion.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://www.justjared.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.justjared.com/

Response headers

Date
Thu, 10 Jun 2021 00:22:34 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DEVo TAIa OUR BUS"
X-Function
102
X-Reuse-Index
6
Pragma
no-cache
Cache-Control
private, no-cache, no-store, proxy-revalidate
Set-Cookie
ANON_ID=ainpe3t3ern6AxvVBRAv9BXHa2Ul8hxAFd2m2C4MmZb10va4NZajZaU; path=/; domain=.tribalfusion.com; expires=Wed, 08-Sep-2021 00:22:34 GMT; SameSite=None; Secure;
Vary
Accept-Encoding
Expires
0
set-cookie
ANON_ID_old=ainpe3t3ern6AxvVBRAv9BXHa2Ul8hxAFd2m2C4MmZb10va4NZajZaU; path=/; domain=.tribalfusion.com; expires=Wed, 08-Sep-2021 00:22:34 GMT;
CF-Cache-Status
DYNAMIC
cf-request-id
0a94e5b0d500004a5666933000000001
Server
cloudflare
CF-RAY
65ce722e2e5b4a56-FRA
Content-Encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Cookie set p.media
a.tribalfusion.com/ Frame 02CC 		399 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://a.tribalfusion.com/p.media?clickID=aqmTw7PHvdUVMV2Umsotus0qXO4tQBQVZbZa46vFodAtVWJaXrnbXFB91aIpPUUZcUbB0TdB3mbBxPrMyYT3q3Tjl4Tn4mEBKXbUhTtMWoA3ZdpGvwptMB5qMj2Hmr3AbGnbnHXVfX1sQ5XGbnmqjS5bYSTF7CVPU1QTY4PsZbtStZbr1dvpT6Qp3srXYFnBUPip2PnbRmnA2dnr1dnLnH2o36BY3snZdTUUVq6JEl0&mediaDataID=7665496&mediaName=frame.html
Requested by
Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=8645007496&tagKey=3706711333&site=justjared1&adSpace=ros&center=1&env=display&size=728x90&busted=1&url=http%3A%2F%2Fwww.justjared.com%2F&f=1&p=4474354&tKey=afmneMS6nmWW3VTFb52bAn1HnCQli9oR&a=1&adContainerId=richmedia_2&rnd=4482526
Protocol
HTTP/1.1
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a9937c6565c5ac4c13501e4dfdfb028b7f93bfebf5f320058724c5d19e2263f

Request headers

Host
a.tribalfusion.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://www.justjared.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.justjared.com/

Response headers

Date
Thu, 10 Jun 2021 00:22:34 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DEVo TAIa OUR BUS"
X-Function
102
X-Reuse-Index
17
Pragma
no-cache
Cache-Control
private, no-cache, no-store, proxy-revalidate
Set-Cookie
ANON_ID=a5npe3sjyDymTFMcEJZbfwF2saNQk8MN73oymrA2la5UIYH4NZaiDZb; path=/; domain=.tribalfusion.com; expires=Wed, 08-Sep-2021 00:22:34 GMT; SameSite=None; Secure;
Vary
Accept-Encoding
Expires
0
set-cookie
ANON_ID_old=a5npe3sjyDymTFMcEJZbfwF2saNQk8MN73oymrA2la5UIYH4NZaiDZb; path=/; domain=.tribalfusion.com; expires=Wed, 08-Sep-2021 00:22:34 GMT;
CF-Cache-Status
DYNAMIC
cf-request-id
0a94e5b0d500002b12a0aa8000000001
Server
cloudflare
CF-RAY
65ce722e2b0a2b12-FRA
Content-Encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Cookie set p.media
a.tribalfusion.com/ Frame 58AC 		507 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://a.tribalfusion.com/p.media?clickID=armTw74sY40UUKV6ys4Av7R6nA3tnr1dvAntim56YR3srbTsQcVsb8SPvyWWY4UbMY5rToWaMvVqBjQEYZbQVfJPFerRW3kVsb35r6qodAn0qmp3WrEPsJF5AJZamdEyTHFeXrfi1FZbgXaeMSF3AWb32TtY1nbbqQFJnXTFs3TZba4q7YoTJI1FJ7WWFUn6fIpG3tmWbD3qnh2HAr56vGprbE0GrOYUYjvto2Jw&mediaDataID=8039566&mediaName=frame.html
Requested by
Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=8645007496&tagKey=3706711333&site=justjared1&adSpace=ros&center=1&env=display&size=728x90&busted=1&url=http%3A%2F%2Fwww.justjared.com%2F&f=1&p=4474354&tKey=afmneMS6nmWW3VTFb52bAn1HnCQli9oR&a=1&adContainerId=richmedia_2&rnd=4482526
Protocol
HTTP/1.1
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39a2f1f6f32cae16ff5f42922319ccabd7f6c2103fae4ac3e9ee080d86c2b9f6

Request headers

Host
a.tribalfusion.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://www.justjared.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.justjared.com/

Response headers

Date
Thu, 10 Jun 2021 00:22:34 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DEVo TAIa OUR BUS"
X-Function
102
X-Reuse-Index
1
Pragma
no-cache
Cache-Control
private, no-cache, no-store, proxy-revalidate
Set-Cookie
ANON_ID=apnpe3RkP6M6eCnq6odZbdvOUZaJsyKdrRYEQoTFSwedMvvO4NZa9Kd; path=/; domain=.tribalfusion.com; expires=Wed, 08-Sep-2021 00:22:34 GMT; SameSite=None; Secure; ANON_ID_old=apnpe3RkP6M6eCnq6odZbdvOUZaJsyKdrRYEQoTFSwedMvvO4NZa9Kd; path=/; domain=.tribalfusion.com; expires=Wed, 08-Sep-2021 00:22:34 GMT;
Vary
Accept-Encoding
Expires
0
CF-Cache-Status
DYNAMIC
cf-request-id
0a94e5b0d900004db801806000000001
Server
cloudflare
CF-RAY
65ce722e28d94db8-FRA
Content-Encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Cookie set p.media
a.tribalfusion.com/ Frame 7719 		411 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://a.tribalfusion.com/p.media?clickID=asmTw71rZb8WHbSn67KnGrpmH3G5Trf2HIN5PJEnrMZd0GnUYs331V7nmTFP5bY5VrnHUPf4PTrQQGFOQdZbMYtBpVPrO2cMWYUZbBUAir2PvcR6bK2WFp0tvJmW2v363Y5cvfTsJlUsfhPPYoTHQPWF755bZaqVaYsWEr6PEBZdQVJCPbuoPHUiVsrP5FupnHqs0qTN4tfFQsJG5AvZaoHXyVWQh0brLYcFXsPCYuK&mediaDataID=6347136&mediaName=frame.html
Requested by
Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=8645007496&tagKey=3706711333&site=justjared1&adSpace=ros&center=1&env=display&size=728x90&busted=1&url=http%3A%2F%2Fwww.justjared.com%2F&f=1&p=4474354&tKey=afmneMS6nmWW3VTFb52bAn1HnCQli9oR&a=1&adContainerId=richmedia_2&rnd=4482526
Protocol
HTTP/1.1
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75620f0ba09738161676e992fa799aebf1ad97407f2d4b49613cf48fcf9b0e19

Request headers

Host
a.tribalfusion.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://www.justjared.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.justjared.com/

Response headers

Date
Thu, 10 Jun 2021 00:22:34 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DEVo TAIa OUR BUS"
X-Function
102
X-Reuse-Index
2
Pragma
no-cache
Cache-Control
private, no-cache, no-store, proxy-revalidate
Set-Cookie
ANON_ID=aanpe3x2eNNSE0UdaqKXLaXV2MSxCwuRnq39fG3ZbETWxbD4NZa5Zaq; path=/; domain=.tribalfusion.com; expires=Wed, 08-Sep-2021 00:22:34 GMT; SameSite=None; Secure;
Vary
Accept-Encoding
Expires
0
set-cookie
ANON_ID_old=aanpe3x2eNNSE0UdaqKXLaXV2MSxCwuRnq39fG3ZbETWxbD4NZa5Zaq; path=/; domain=.tribalfusion.com; expires=Wed, 08-Sep-2021 00:22:34 GMT;
CF-Cache-Status
DYNAMIC
cf-request-id
0a94e5b0da00004e68d0342000000001
Server
cloudflare
CF-RAY
65ce722e2e194e68-FRA
Content-Encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Cookie set p.media
a.tribalfusion.com/ Frame DF73 		457 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://a.tribalfusion.com/p.media?clickID=atmTw7UVMT2FunmHAMYT6w4drEPsBA2AnHoteNTWJ60bn7YFBe1qiMSbrDWb3PVHJ4obYnPFbNYaZbN5EZbi2aYYmajEYbfhWWM0nmfZcpGUqmHnJ3a3e3Wet4mvZbprvEXVMYYsFTXVjupTb42rQQTrjBUAnXQTQ4PsnoPdUOYt7uVmbu4srUXrMJTm2o5mZb7R6BH4HBr0dMKmWiv5ABY3sjgVcUIWU7YmAmwed&mediaDataID=2713736&mediaName=frame.html
Requested by
Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=8645007496&tagKey=3706711333&site=justjared1&adSpace=ros&center=1&env=display&size=728x90&busted=1&url=http%3A%2F%2Fwww.justjared.com%2F&f=1&p=4474354&tKey=afmneMS6nmWW3VTFb52bAn1HnCQli9oR&a=1&adContainerId=richmedia_2&rnd=4482526
Protocol
HTTP/1.1
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
198745a1e8c714850d87cbb59efa7858216537ab97735ec5442ed10c3ed4fee6

Request headers

Host
a.tribalfusion.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://www.justjared.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.justjared.com/

Response headers

Date
Thu, 10 Jun 2021 00:22:34 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DEVo TAIa OUR BUS"
X-Function
102
X-Reuse-Index
22
Pragma
no-cache
Cache-Control
private, no-cache, no-store, proxy-revalidate
Set-Cookie
ANON_ID=ajnpe3OleqoPZabppyNHJhf5r6ZcUZas1p7j30bBIPZaPqTYQu4NZaVre; path=/; domain=.tribalfusion.com; expires=Wed, 08-Sep-2021 00:22:34 GMT; SameSite=None; Secure;
Vary
Accept-Encoding
Expires
0
set-cookie
ANON_ID_old=ajnpe3OleqoPZabppyNHJhf5r6ZcUZas1p7j30bBIPZaPqTYQu4NZaVre; path=/; domain=.tribalfusion.com; expires=Wed, 08-Sep-2021 00:22:34 GMT;
CF-Cache-Status
DYNAMIC
cf-request-id
0a94e5b1800000d6b5040c6000000001
Server
cloudflare
CF-RAY
65ce722f38dad6b5-FRA
Content-Encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Cookie set p.media
a.tribalfusion.com/ Frame 153B 		473 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://a.tribalfusion.com/p.media?clickID=aumTw70UUIVmqn2AU7P6jD4Wvo1WrKmdao5mn15sr7VcQ8WsbfSA3oTdvSWF7S3r2nUabpVEYlQqJHSGJKRrAoRtn6WG3T4r6vnWqm0q2M4dMZdPsfG4PrLpWXtVWZbhXrMjYFY7Xq6qPbUZbTrU4THUXorBtQFBnXTvp4EUk2avRmEMD1r7fTdFPmm7Jmc7pmHUE5TBh3HZaq4mJZbnUbE0Gf01cYp0rbKtUAuAt&mediaDataID=6530936&mediaName=frame.html
Requested by
Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=8645007496&tagKey=3706711333&site=justjared1&adSpace=ros&center=1&env=display&size=728x90&busted=1&url=http%3A%2F%2Fwww.justjared.com%2F&f=1&p=4474354&tKey=afmneMS6nmWW3VTFb52bAn1HnCQli9oR&a=1&adContainerId=richmedia_2&rnd=4482526
Protocol
HTTP/1.1
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fdcf154302a87b6f9cf33033bf07c3c3fc8238794eae4f5faaa478fd23f277a

Request headers

Host
a.tribalfusion.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://www.justjared.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.justjared.com/

Response headers

Date
Thu, 10 Jun 2021 00:22:34 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DEVo TAIa OUR BUS"
X-Function
102
X-Reuse-Index
1
Pragma
no-cache
Cache-Control
private, no-cache, no-store, proxy-revalidate
Set-Cookie
ANON_ID=afnpe3mge0nousnG6wKeRAYdAKRlgBvCU65Srv2ZdfX4LMW4NZaVgK; path=/; domain=.tribalfusion.com; expires=Wed, 08-Sep-2021 00:22:34 GMT; SameSite=None; Secure; ANON_ID_old=afnpe3mge0nousnG6wKeRAYdAKRlgBvCU65Srv2ZdfX4LMW4NZaVgK; path=/; domain=.tribalfusion.com; expires=Wed, 08-Sep-2021 00:22:34 GMT;
Vary
Accept-Encoding
Expires
0
CF-Cache-Status
DYNAMIC
cf-request-id
0a94e5b18000002b12ad80d000000001
Server
cloudflare
CF-RAY
65ce722f3c2c2b12-FRA
Content-Encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Cookie set p.media
a.tribalfusion.com/ Frame 307A 		579 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://a.tribalfusion.com/p.media?clickID=avmTw7WHbSoAnKpVrsmWbA5Evi5dep4ABGnbUGXGnQ1c3Y0V7wmE742UvRTrjZbWP73RTj1Qs3MQW3t1d7mT63u2GQYXFrITPiu56ZbdR6JE4WUO1d3Kmtem4PBR3sngTs3kWsM6PAQxWdY3TUf35UAtUqMrWEM6PEMKRGQIRr6vRW7dUVQ55bXqnHZaMYTew4dYCSVvG4ArZbpWetTtQh0bfk1UFG0WeGq8wobC&mediaDataID=6546596&mediaName=frame.html
Requested by
Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=8645007496&tagKey=3706711333&site=justjared1&adSpace=ros&center=1&env=display&size=728x90&busted=1&url=http%3A%2F%2Fwww.justjared.com%2F&f=1&p=4474354&tKey=afmneMS6nmWW3VTFb52bAn1HnCQli9oR&a=1&adContainerId=richmedia_2&rnd=4482526
Protocol
HTTP/1.1
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10eb6332f4978a4ee7ef166e0062d9cf47d49e7e106f4e2bce42e383e7d5a1b7

Request headers

Host
a.tribalfusion.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://www.justjared.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.justjared.com/

Response headers

Date
Thu, 10 Jun 2021 00:22:34 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DEVo TAIa OUR BUS"
X-Function
102
X-Reuse-Index
1
Pragma
no-cache
Cache-Control
private, no-cache, no-store, proxy-revalidate
Set-Cookie
ANON_ID=a3npe3M0inx9PBmUTHAhp02DeBQ2cpM9frQ6uD1ZcyX0XUT4NZa5qC; path=/; domain=.tribalfusion.com; expires=Wed, 08-Sep-2021 00:22:34 GMT; SameSite=None; Secure;
Vary
Accept-Encoding
Expires
0
set-cookie
ANON_ID_old=a3npe3M0inx9PBmUTHAhp02DeBQ2cpM9frQ6uD1ZcyX0XUT4NZa5qC; path=/; domain=.tribalfusion.com; expires=Wed, 08-Sep-2021 00:22:34 GMT;
CF-Cache-Status
DYNAMIC
cf-request-id
0a94e5b1e000004a567f2d2000000001
Server
cloudflare
CF-RAY
65ce722fc8ac4a56-FRA
Content-Encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
728x90.jpg
cdnx.tribalfusion.com/media/10042196/ Frame 927E 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdnx.tribalfusion.com/media/10042196/728x90.jpg
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eadea86431f8599b51b8f9c5fa3b5ac4fefb7e9d6bb0c9fe2280900d86d89d47

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:33 GMT
CF-Cache-Status
HIT
Age
61366
P3P
CP="NOI DEVo TAIa OUR BUS"
Connection
keep-alive
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length
18625
cf-request-id
0a94e5b0e20000c277b79f0000000001
X-Function
301
Last-Modified
Mon, 31 May 2021 12:44:21 GMT
Server
cloudflare
ETag
1622465061
Vary
Accept-Encoding
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Origin
*
Cf-Bgj
h2pri
Cache-Control
public
Accept-Ranges
bytes
CF-RAY
65ce722e3cf1c277-FRA
Expires
Tue, 31 Dec 2030 00:00:00 GMT
B25815549.304512015;dc_pre=CJGHkZrmi_ECFTXXEQgdG9QMuw;dc_trk_aid=497111762;dc_trk_cid=149936816;ord=500371489;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=...
ad.doubleclick.net/ddm/trackimp/N1153793.3739983VDX.TV/ Frame 927E
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N1153793.3739983VDX.TV/B25815549.304512015;dc_trk_aid=497111762;dc_trk_cid=149936816;ord=500371489;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;g...
  • https://ad.doubleclick.net/ddm/trackimp/N1153793.3739983VDX.TV/B25815549.304512015;dc_pre=CJGHkZrmi_ECFTXXEQgdG9QMuw;dc_trk_aid=497111762;dc_trk_cid=149936816;ord=500371489;dc_lat=;dc_rdid=;tag_for...
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N1153793.3739983VDX.TV/B25815549.304512015;dc_pre=CJGHkZrmi_ECFTXXEQgdG9QMuw;dc_trk_aid=497111762;dc_trk_cid=149936816;ord=500371489;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:34 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
location
https://ad.doubleclick.net/ddm/trackimp/N1153793.3739983VDX.TV/B25815549.304512015;dc_pre=CJGHkZrmi_ECFTXXEQgdG9QMuw;dc_trk_aid=497111762;dc_trk_cid=149936816;ord=500371489;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_impression.gif
beacon.krxd.net/ Frame 927E 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/ad_impression.gif?confid=uoj57punt&campaignid=25815549&advertiserid=9642282&placementid=304512015&adid=497111762&creativeid=149936816&siteid=6596925
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.36.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-36-200.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:35 GMT
cache-control
private, no-cache, no-store
x-request-time
D=50 t=1623284555
x-served-by
beacon-n019-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
impression_pixel
t.myvisualiq.net/ul_cb/ Frame 927E
Redirect Chain
  • https://t.myvisualiq.net/impression_pixel?r=500371489&et=i&ago=212&ao=993&aca=25815549&si=6596925&ci=149936816&pi=304512015&ad=497111762&advt=9642282&chnl=-7&vndr=115&sz=9675&u={AuctionID};&viq_did...
  • https://t.myvisualiq.net/ul_cb/impression_pixel?r=500371489&et=i&ago=212&ao=993&aca=25815549&si=6596925&ci=149936816&pi=304512015&ad=497111762&advt=9642282&chnl=-7&vndr=115&sz=9675&u={AuctionID};&v...
43 B
577 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.myvisualiq.net/ul_cb/impression_pixel?r=500371489&et=i&ago=212&ao=993&aca=25815549&si=6596925&ci=149936816&pi=304512015&ad=497111762&advt=9642282&chnl=-7&vndr=115&sz=9675&u={AuctionID};&viq_did=%pdevice=!;&pt=I
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.68.251 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:34 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://t.myvisualiq.net/ul_cb/impression_pixel?r=500371489&et=i&ago=212&ao=993&aca=25815549&si=6596925&ci=149936816&pi=304512015&ad=497111762&advt=9642282&chnl=-7&vndr=115&sz=9675&u={AuctionID};&viq_did=%pdevice=!;&pt=I
Date
Thu, 10 Jun 2021 00:22:34 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
visit.jpg
tps.doubleverify.com/ Frame 927E 		305 B
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tps.doubleverify.com/visit.jpg?ctx=3758893&cmp=25815549&sid=6596925&plc=304512015&adsrv=1&btreg=&btadsrv=&crt=&tagtype=&dvtagver=6.1.img&
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.24 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
a78f3c394abdb5185b2a1235457e0e9a50b97625ef7c01a276a0aef6c5dd87fb

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:34 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
max-age=0
Content-Length
142
Expires
6/9/2021 12:22:35 AM
truncated
/ Frame 927E 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
688b9a81997c0b9b2f47f30f4cb93c8eae78107d089650e79f284a331468df90

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
displayAd.js
a.tribalfusion.com/ Frame 758E 		680 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://a.tribalfusion.com/displayAd.js?dver=0.9&th=8645007496
Requested by
Host: tags.expo9.exponential.com
URL: http://tags.expo9.exponential.com/tags/JustJared1/Article/tags.js
Protocol
HTTP/1.1
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a2214181039daf9d64f6d6d384829027ee15c0fe26f2545c23a7cc1e66f4604

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:34 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
P3P
CP="NOI DEVo TAIa OUR BUS"
Connection
keep-alive
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length
331
cf-request-id
0a94e5b1e20000175e3cbef000000001
X-Function
153
Last-Modified
Tue, 01 Jun 2021 04:13:16 GMT
Server
cloudflare
X-Reuse-Index
6
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private
CF-RAY
65ce722fda30175e-FRA
Expires
Wed, 08 Sep 2021 00:22:34 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 927E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstnWa1FD6TWJYhso85-hpPlQgaIu6wOj0RqRjeM9dIuF3-yuYRN5QC9hHEAQ5ISHGuJVyTdKZKq0COrtg_sGBsoby04tzhsqmkWjdAx4oOCUl6LWf1uxEK3aROHTn2jyFlq1Nx2ePEkrRazPuuuLDf2De4JAbclyO1kR_w2mVfiKFvif8CRJUu3bG0FkvS_BGZ1SWyEqy-rUUY9MGlwzwVku4gwoyULLM3QLIFbs2qlKXCArHmiKcbcHzhNnEfhbiCgfa8wyGgT2T_y6KEeM7MM_k3ZGEF0SmHwBc3GzKuOOznHp3LqFgHS7U6zXTOpzrZ-KfDPda7FHSlZeGmsDqmruSAb0PGmHg&sig=Cg0ArKJSzFupNqaTS41iEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 10 Jun 2021 00:22:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 10 Jun 2021 00:22:34 GMT
integrator.js
adservice.google.ch/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ch/adsid/integrator.js?domain=www.justjared.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 10 Jun 2021 00:22:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.justjared.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 10 Jun 2021 00:22:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		7 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=170702717969275&correlator=927061881128385&output=ldjh&impl=fifs&vrg=2021060301&ptt=17&gdpr=0&addtl_consent=1~&sc=0&sfv=1-0-38&ecs=20210610&iu_parts=21854935662%2CJustJared_Home%2CJustJared_Home_Mid_Right_300xFlex_InnerRail&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600&prev_scp=divID%3Dhome_Mid_Right_300xFlex_InnerRail%26amznbid%3D2%26amznp%3D2%26reloaded%3Dload1&eri=1&cust_params=skin_width%3Dyes%26width%3D1600&cookie=ID%3Dfb18708d144b5179%3AT%3D1623284552%3AS%3DALNI_MZsEEPtn-39LZN61dLhDS_dE-1nMw&bc=23&abxe=1&lmt=1623284318&dt=1623284554032&dlt=1623284550544&idt=500&frm=20&biw=1600&bih=1200&oid=3&adxs=980&adys=1275&adks=2990797554&ucis=4&ifi=4&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.justjared.com%2F&vis=1&scr_x=0&scr_y=0&psz=300x680&msz=300x600&psts=AGkb-H9QvxGTDttUGy86DDdHKmCYdM6OtoOSpCmjfRajzYUSNsK8zwp9i4dWAqNtgKetgYmj1_G1t88Rgf79dxBhisjMiA%2CAGkb-H-YUO-zqQ887gbzOA6UFPpMyUwK91kgzGvj4Amyuk3GgloWRauThUEXnijGlkg6rdpX9XQjNpOz9Fy5Cprt70rEFQ%2CAGkb-H_oX82wGL1rAisutlyEaI_CH2JlhGZBujCKDE7EJx1vUT7B07yI5PaZHL5_9U-Y6vO4lAV7w37l_mgWZJEcWNNMDg&ga_vid=2019856573.1623284551&ga_sid=1623284553&ga_hid=2054784078&ga_fc=false&fws=4&ohw=300&btvi=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
49e327757815dbf393efb44776ae9942d9d90b8c801768483aa8f595ec875378
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:34 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4055
x-xss-protection
0
google-lineitem-id
5347961182
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138308656187
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://www.justjared.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		10 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=170702717969275&correlator=1522774951178398&output=ldjh&impl=fifs&vrg=2021060301&ptt=17&gdpr=0&addtl_consent=1~&sc=0&sfv=1-0-38&ecs=20210610&iu_parts=21854935662%2CJustJared_Home%2CJustJared_Home_InContent1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&prev_scp=divID%3Dhome_InContent1%26amznbid%3D2%26amznp%3D2%26reloaded%3Dload1&eri=1&cust_params=skin_width%3Dyes%26width%3D1600&cookie=ID%3Dfb18708d144b5179%3AT%3D1623284552%3AS%3DALNI_MZsEEPtn-39LZN61dLhDS_dE-1nMw&bc=23&abxe=1&lmt=1623284318&dt=1623284554046&dlt=1623284550544&idt=500&frm=20&biw=1600&bih=1200&oid=3&adxs=469&adys=1437&adks=2713229645&ucis=5&ifi=5&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.justjared.com%2F&vis=1&scr_x=0&scr_y=0&psz=610x10097&msz=610x330&psts=AGkb-H9QvxGTDttUGy86DDdHKmCYdM6OtoOSpCmjfRajzYUSNsK8zwp9i4dWAqNtgKetgYmj1_G1t88Rgf79dxBhisjMiA%2CAGkb-H-YUO-zqQ887gbzOA6UFPpMyUwK91kgzGvj4Amyuk3GgloWRauThUEXnijGlkg6rdpX9XQjNpOz9Fy5Cprt70rEFQ%2CAGkb-H_oX82wGL1rAisutlyEaI_CH2JlhGZBujCKDE7EJx1vUT7B07yI5PaZHL5_9U-Y6vO4lAV7w37l_mgWZJEcWNNMDg&ga_vid=2019856573.1623284551&ga_sid=1623284553&ga_hid=2054784078&ga_fc=false&fws=0&ohw=0&btvi=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
2730c5c36ad203407cf1083655cdda0ab2c9a8cfb9e3a8363687b444f25011e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:34 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4620
x-xss-protection
0
google-lineitem-id
5709375297
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138352161892
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://www.justjared.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
beacon.min.js
static.cloudflareinsights.com/ Frame E180 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=anmTw7Rr6oPHvdWVM22rToodItXTXn3d3ZdQVFZc4mQZamdApTHJ6YrnkXUbjXTeNRUJEWFJYVdYWmUYvPFjs1EMt5aFe4q3PmqMKXFUcWHJVoAnBnGrqmWnE2qZbg5tiN5PjFnbbG0VMS1cYV1cjypabQ5UUPWUFBVP31QTb1ScUMQdUNYtZbuWPvM3VQWYrZbKVmPt2AB8PPBA3dMq0tBApd2o363y5FnQqZcLLfX&mediaDataID=4056396&mediaName=frame.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299

Request headers

Referer
http://a.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:34 GMT
content-encoding
gzip
last-modified
Fri, 28 May 2021 17:24:20 GMT
server
cloudflare
etag
W/"5753bdd2-d310-49fa-bd2b-065a8e512116"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
65ce722f4a1d3233-FRA
cf-request-id
0a94e5b19200003233b02df000000001
i.match
s.tribalfusion.com/z/ Frame E180
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=exp&google_cm&google_sc&google_ula=2786954&google_hm=18072662182946732675
  • https://a.tribalfusion.com/i.match?p=b6&u=adx&google_gid=CAESEPufMOzq1XtewYLe3Ou4nQw&google_cver=1&google_ula=2786954,0
  • https://s.tribalfusion.com/z/i.match?p=b6&u=adx&google_gid=CAESEPufMOzq1XtewYLe3Ou4nQw&google_cver=1&google_ula=2786954,0
43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=adx&google_gid=CAESEPufMOzq1XtewYLe3Ou4nQw&google_cver=1&google_ula=2786954,0
Requested by
Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=anmTw7Rr6oPHvdWVM22rToodItXTXn3d3ZdQVFZc4mQZamdApTHJ6YrnkXUbjXTeNRUJEWFJYVdYWmUYvPFjs1EMt5aFe4q3PmqMKXFUcWHJVoAnBnGrqmWnE2qZbg5tiN5PjFnbbG0VMS1cYV1cjypabQ5UUPWUFBVP31QTb1ScUMQdUNYtZbuWPvM3VQWYrZbKVmPt2AB8PPBA3dMq0tBApd2o363y5FnQqZcLLfX&mediaDataID=4056396&mediaName=frame.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
http://a.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:34 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
65ce72309b822b35-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
43
cf-request-id
0a94e5b25e00002b352a868000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:34 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
94
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
65ce722f89f42b35-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://s.tribalfusion.com/z/i.match?p=b6&u=adx&google_gid=CAESEPufMOzq1XtewYLe3Ou4nQw&google_cver=1&google_ula=2786954,0
cache-control
no-cache, private
content-type
text/html
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a94e5b1b100002b35bb110000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT
beacon.min.js
static.cloudflareinsights.com/ Frame 02CC 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=aqmTw7PHvdUVMV2Umsotus0qXO4tQBQVZbZa46vFodAtVWJaXrnbXFB91aIpPUUZcUbB0TdB3mbBxPrMyYT3q3Tjl4Tn4mEBKXbUhTtMWoA3ZdpGvwptMB5qMj2Hmr3AbGnbnHXVfX1sQ5XGbnmqjS5bYSTF7CVPU1QTY4PsZbtStZbr1dvpT6Qp3srXYFnBUPip2PnbRmnA2dnr1dnLnH2o36BY3snZdTUUVq6JEl0&mediaDataID=7665496&mediaName=frame.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299

Request headers

Referer
http://a.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:34 GMT
content-encoding
gzip
last-modified
Fri, 28 May 2021 17:24:20 GMT
server
cloudflare
etag
W/"5753bdd2-d310-49fa-bd2b-065a8e512116"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
65ce722f5a1e3233-FRA
cf-request-id
0a94e5b19200003233d5146000000001
i.match
s.tribalfusion.com/z/ Frame 02CC
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212295768&_puid=18072662182946732675
  • https://a.tribalfusion.com/i.match?p=b23&u=164900603813000002667
  • https://s.tribalfusion.com/z/i.match?p=b23&u=164900603813000002667
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b23&u=164900603813000002667
Requested by
Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=aqmTw7PHvdUVMV2Umsotus0qXO4tQBQVZbZa46vFodAtVWJaXrnbXFB91aIpPUUZcUbB0TdB3mbBxPrMyYT3q3Tjl4Tn4mEBKXbUhTtMWoA3ZdpGvwptMB5qMj2Hmr3AbGnbnHXVfX1sQ5XGbnmqjS5bYSTF7CVPU1QTY4PsZbtStZbr1dvpT6Qp3srXYFnBUPip2PnbRmnA2dnr1dnLnH2o36BY3snZdTUUVq6JEl0&mediaDataID=7665496&mediaName=frame.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
http://a.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:34 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
65ce7230fbff2b35-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
43
cf-request-id
0a94e5b29b00002b351b38c000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:34 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
4084
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
65ce722fda8f2b35-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://s.tribalfusion.com/z/i.match?p=b23&u=164900603813000002667
cache-control
no-cache, private
content-type
text/html
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a94e5b1e800002b35ef9b0000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT
beacon.min.js
static.cloudflareinsights.com/ Frame FD4F 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=apmTw7oTbD1rZb9UdJSnAQIpGUupt7C3Tr73dAy5A7ZbprMLXVnQXs3V1GFOpab33bFUTUvEWPnTPajSQsUrStjN1HfqVmYn3GBWYbZbZaVmXq2PUeQP7G2Wvm1dBLpdAo5mU05cjeVs3aUc78SmQOWWYRWrj22retVaQsWEJbSTYFSGQJRrZavSdjdVVYR5b6oodIo0aav2WYFPsFH4PJHmdXyVWZbZcXVrUt12ZatH&mediaDataID=6807466&mediaName=frame.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299

Request headers

Referer
http://a.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:34 GMT
content-encoding
gzip
last-modified
Fri, 28 May 2021 17:24:20 GMT
server
cloudflare
etag
W/"5753bdd2-d310-49fa-bd2b-065a8e512116"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
65ce722fdaa83233-FRA
cf-request-id
0a94e5b1e500003233e9183000000001
usermatch.gif
beacon.krxd.net/ Frame FD4F
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b22&u=18072662182946732675&redirect=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dexponential%26partner_uid%3D%24TF_USER_ID_ENC%24
  • https://s.tribalfusion.com/z/i.match?p=b22&u=18072662182946732675&redirect=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dexponential%26partner_uid%3D%24TF_USER_ID_ENC%24
  • https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662182944508513
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662182944508513
Requested by
Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=apmTw7oTbD1rZb9UdJSnAQIpGUupt7C3Tr73dAy5A7ZbprMLXVnQXs3V1GFOpab33bFUTUvEWPnTPajSQsUrStjN1HfqVmYn3GBWYbZbZaVmXq2PUeQP7G2Wvm1dBLpdAo5mU05cjeVs3aUc78SmQOWWYRWrj22retVaQsWEJbSTYFSGQJRrZavSdjdVVYR5b6oodIo0aav2WYFPsFH4PJHmdXyVWZbZcXVrUt12ZatH&mediaDataID=6807466&mediaName=frame.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.36.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-36-200.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://a.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:35 GMT
cache-control
private, no-cache, no-store
x-request-time
D=39 t=1623284555
x-served-by
beacon-n009-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:34 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
5
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
65ce72310c0b2b35-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662182944508513
cache-control
no-cache, private
content-type
text/html
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a94e5b2a100002b352a86b000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT
beacon.min.js
static.cloudflareinsights.com/ Frame B33F 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=aomTw7T6Mu4sY3XUrZcU66p2PrbPmjD3HrO0HnCndEv36YV5cr7UsQjVcBiP6YnUWFTWbr03rZauWTbxVEQdSTvZcScBZcPbExRH7kVcbP2FTrodiOXqXw3HMFPsrH2mUHotZaOTHQf0rMd1UF91E6mPUUCWUQ5WdMXnbjqQFrq1E3y5EUl2aURnEBAXUf6TdMQoAUZapVjmotUD2qMg3WmN3AvGprv7Xrr7tqmH7N&mediaDataID=5436426&mediaName=frame.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299

Request headers

Referer
http://a.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:34 GMT
content-encoding
gzip
last-modified
Fri, 28 May 2021 17:24:20 GMT
server
cloudflare
etag
W/"5753bdd2-d310-49fa-bd2b-065a8e512116"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
65ce722fdaae3233-FRA
cf-request-id
0a94e5b1e900003233aa1c3000000001
tap.php
pixel.rubiconproject.com/ Frame B33F
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b10&u=18072662182946732675&redirect=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180
  • https://s.tribalfusion.com/z/i.match?p=b10&u=18072662182946732675&redirect=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180
  • https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662182946826614&expires=180
42 B
690 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662182946826614&expires=180
Requested by
Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=aomTw7T6Mu4sY3XUrZcU66p2PrbPmjD3HrO0HnCndEv36YV5cr7UsQjVcBiP6YnUWFTWbr03rZauWTbxVEQdSTvZcScBZcPbExRH7kVcbP2FTrodiOXqXw3HMFPsrH2mUHotZaOTHQf0rMd1UF91E6mPUUCWUQ5WdMXnbjqQFrq1E3y5EUl2aURnEBAXUf6TdMQoAUZapVjmotUD2qMg3WmN3AvGprv7Xrr7tqmH7N&mediaDataID=5436426&mediaName=frame.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
http://a.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:34 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
344
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
65ce7230fbfc2b35-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662182946826614&expires=180
cache-control
no-cache, private
content-type
text/html
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a94e5b29b00002b35fbb55000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT
beacon.min.js
static.cloudflareinsights.com/ Frame 7719 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=asmTw71rZb8WHbSn67KnGrpmH3G5Trf2HIN5PJEnrMZd0GnUYs331V7nmTFP5bY5VrnHUPf4PTrQQGFOQdZbMYtBpVPrO2cMWYUZbBUAir2PvcR6bK2WFp0tvJmW2v363Y5cvfTsJlUsfhPPYoTHQPWF755bZaqVaYsWEr6PEBZdQVJCPbuoPHUiVsrP5FupnHqs0qTN4tfFQsJG5AvZaoHXyVWQh0brLYcFXsPCYuK&mediaDataID=6347136&mediaName=frame.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299

Request headers

Referer
http://a.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:34 GMT
content-encoding
gzip
last-modified
Fri, 28 May 2021 17:24:20 GMT
server
cloudflare
etag
W/"5753bdd2-d310-49fa-bd2b-065a8e512116"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
65ce722ffad43233-FRA
cf-request-id
0a94e5b1f700003233dba05000000001
i.match
a.tribalfusion.com/ Frame 7719
Redirect Chain
  • https://pixel.advertising.com/ups/57628/sync?uid=18072662182946732675&_origin=1&redir=true
  • https://pixel.advertising.com/ups/57628/sync?uid=18072662182946732675&_origin=1&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662182946732675&_origin=1&redir=true&apid=UPf3c79711-c981-11eb-8a62-023b6a5161f8
  • https://a.tribalfusion.com/i.match?p=b17&u=UPf3c79711-c981-11eb-8a62-023b6a5161f8
43 B
723 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b17&u=UPf3c79711-c981-11eb-8a62-023b6a5161f8
Requested by
Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=asmTw71rZb8WHbSn67KnGrpmH3G5Trf2HIN5PJEnrMZd0GnUYs331V7nmTFP5bY5VrnHUPf4PTrQQGFOQdZbMYtBpVPrO2cMWYUZbBUAir2PvcR6bK2WFp0tvJmW2v363Y5cvfTsJlUsfhPPYoTHQPWF755bZaqVaYsWEr6PEBZdQVJCPbuoPHUiVsrP5FupnHqs0qTN4tfFQsJG5AvZaoHXyVWQh0brLYcFXsPCYuK&mediaDataID=6347136&mediaName=frame.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
http://a.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:34 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
65ce72310cbd073e-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
43
cf-request-id
0a94e5b2a70000073e7c913000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Thu, 10 Jun 2021 00:22:34 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://a.tribalfusion.com/i.match?p=b17&u=UPf3c79711-c981-11eb-8a62-023b6a5161f8
Connection
keep-alive
Content-Length
0
beacon.min.js
static.cloudflareinsights.com/ Frame 58AC 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=armTw74sY40UUKV6ys4Av7R6nA3tnr1dvAntim56YR3srbTsQcVsb8SPvyWWY4UbMY5rToWaMvVqBjQEYZbQVfJPFerRW3kVsb35r6qodAn0qmp3WrEPsJF5AJZamdEyTHFeXrfi1FZbgXaeMSF3AWb32TtY1nbbqQFJnXTFs3TZba4q7YoTJI1FJ7WWFUn6fIpG3tmWbD3qnh2HAr56vGprbE0GrOYUYjvto2Jw&mediaDataID=8039566&mediaName=frame.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299

Request headers

Referer
http://a.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:34 GMT
content-encoding
gzip
last-modified
Fri, 28 May 2021 17:24:20 GMT
server
cloudflare
etag
W/"5753bdd2-d310-49fa-bd2b-065a8e512116"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
65ce72302b0b3233-FRA
cf-request-id
0a94e5b21d00003233c436c000000001
dspreply
public-prod-dspcookiematching.dmxleo.com/ Frame 58AC
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b24&u=18072662182946732675&redirect=https%3A%2F%2Fpublic-prod-dspcookiematching.dmxleo.com%2Fdspreply%3FdspId%3D15%26dspUserId%3D%24TF_USER_ID_ENC%24
  • https://s.tribalfusion.com/z/i.match?p=b24&u=18072662182946732675&redirect=https%3A%2F%2Fpublic-prod-dspcookiematching.dmxleo.com%2Fdspreply%3FdspId%3D15%26dspUserId%3D%24TF_USER_ID_ENC%24
  • https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662182944329157
0
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662182944329157
Requested by
Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=armTw74sY40UUKV6ys4Av7R6nA3tnr1dvAntim56YR3srbTsQcVsb8SPvyWWY4UbMY5rToWaMvVqBjQEYZbQVfJPFerRW3kVsb35r6qodAn0qmp3WrEPsJF5AJZamdEyTHFeXrfi1FZbgXaeMSF3AWb32TtY1nbbqQFJnXTFs3TZba4q7YoTJI1FJ7WWFUn6fIpG3tmWbD3qnh2HAr56vGprbE0GrOYUYjvto2Jw&mediaDataID=8039566&mediaName=frame.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.25.144 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
144.25.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://a.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:34 GMT
via
1.1 google
alt-svc
clear
content-length
0

Redirect headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:34 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
472
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
65ce72313c622b35-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662182944329157
cache-control
no-cache, private
content-type
text/html
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a94e5b2c800002b35fe2a3000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C77F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsur9kLoRr-laqiisyPqIel3Yx54xzyFCyzPdesmazFveH88qiJlogZUpUK0eC8eUNiUuZ44gERDnngyfpwCjZf0MvG54OM4hp2otYJfN4VxDk_FdKsIkYyJbwJNz4b2JS8t80DBwJRcG9bEZCt2Pxq2RafdUlcDJrEBBytO969-OEihYfvxlbf867jmO6zolDR53n5z4nRsvUkzzyBeqUcZUWLA281lYS8GiaJk3nMoVjI64PnvFXgp07m-ArFjrWM5mXXvXht3zWG9vW9DNcEdUzIxfaVfw7pzj3vcKIx1pE2Uhw07qB_zgpAtPhnJPhG96Cv9hQsvNP2ozuxMyywIYH-8stBbYtAfy6jiycf_sy1r-yBomiVVhMlLLMSnqQXiuI9bfAJtptB726SzPwXczu3Ha5zzYJY&sig=Cg0ArKJSzCx6NXQlb30VEAE&urlfix=1&adurl=
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 10 Jun 2021 00:22:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
tags.js
tags.expo9.exponential.com/tags/JustJared1/FlexHome/ Frame C77F 		59 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tags.expo9.exponential.com/tags/JustJared1/FlexHome/tags.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js
Protocol
HTTP/1.1
Server
2606:4700::6812:417 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4aad772c25f048a20f838024ad793352624f5d64ff8d92d24f8d3e58f3e4683

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:34 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
P3P
CP="NOI DEVo TAIa OUR BUS"
Connection
keep-alive
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length
14112
cf-request-id
0a94e5b28400004a9d1c9a2000000001
X-Function
151
Last-Modified
Tue, 01 Jun 2021 04:13:17 GMT
Server
cloudflare
X-Reuse-Index
2
ETag
3157879084785276625
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=3600, private
CF-RAY
65ce7230dec24a9d-FRA
Expires
Thu, 10 Jun 2021 01:22:34 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C77F 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2f28c37beb838d695f95710805308cfe7f1fcc286bd744ab0184a23a10d5a4ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:34 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1623066169988846"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37960
x-xss-protection
0
expires
Thu, 10 Jun 2021 00:22:34 GMT
5347961182
dfp-gateway.s-onetag.com/1/21854935662/ 		116 B
587 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dfp-gateway.s-onetag.com/1/21854935662/5347961182
Requested by
Host: get.s-onetag.com
URL: http://get.s-onetag.com/7e8b2caf-3c72-4be6-9c44-36b91a473863/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.174.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-174-116.cdg50.r.cloudfront.net
Software
/
Resource Hash
ced8ffd5f64a8d4ada571057bd26b22fe590ae694f624b167e56d5294da8dc6d

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 05:57:31 GMT
via
1.1 ef4ff53b101ef123a46ec560b6c94cb8.cloudfront.net (CloudFront), 1.1 015720ab3b3cbbc6f2312b46993e4bb7.cloudfront.net (CloudFront)
age
66303
x-amzn-requestid
c49b7f4a-1cd1-4e17-bfd6-16c226059078
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400, public
x-amzn-trace-id
Root=1-60c0584b-4a4aeab9436b93fd22a9295d;Sampled=0
x-amz-cf-pop
FRA56-C2, CDG50-P2
x-amz-apigw-id
ApK74GaSCYcF-9A=
content-length
116
x-amz-cf-id
j41MWx8_pQIPUvwbd52nR4ELQt6BUOZqQCkDQC3yoxKLPxmrX5cTrA==
event
prebid-a.rubiconproject.com/ 		0
0
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Server
18.157.108.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
http://www.justjared.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 10 Jun 2021 00:22:41 GMT
content-length
0
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
access-control-allow-origin
*
access-control-allow-methods
POST
access-control-allow-headers
content-type
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Server
18.157.108.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
http://www.justjared.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 10 Jun 2021 00:22:41 GMT
content-length
0
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
access-control-allow-origin
*
access-control-allow-methods
POST
access-control-allow-headers
content-type
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
view
securepubads.g.doubleclick.net/pcs/ Frame 9F27 		0
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9F27 		0
0
5709375297
dfp-gateway.s-onetag.com/1/21854935662/ 		116 B
587 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dfp-gateway.s-onetag.com/1/21854935662/5709375297
Requested by
Host: get.s-onetag.com
URL: http://get.s-onetag.com/7e8b2caf-3c72-4be6-9c44-36b91a473863/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.174.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-174-116.cdg50.r.cloudfront.net
Software
/
Resource Hash
357b7a8c6a18c7e4a61f550857c7664a144588923da63b8bb98cfe6f4c50c375

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 04:07:58 GMT
via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront), 1.1 015720ab3b3cbbc6f2312b46993e4bb7.cloudfront.net (CloudFront)
age
72876
x-amzn-requestid
b9542d8b-23cf-4c1c-91a5-870dc659018d
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400, public
x-amzn-trace-id
Root=1-60c03e9e-386e534b7df2037f40fc69d8;Sampled=0
x-amz-cf-pop
FRA50-C1, CDG50-P2
x-amz-apigw-id
Ao64vEyJiYcFjqw=
content-length
116
x-amz-cf-id
gZT8ji7O8IWXzGxJGvoHS-bENTyXLYbE1Va8GIx4I2Bty1EARW8wnw==
event
prebid-a.rubiconproject.com/ 		0
0
2cdf4c71-ad6c-487e-b43a-8f1af912284a.js
d3lcz8vpax4lo2.cloudfront.net/ads-code/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://d3lcz8vpax4lo2.cloudfront.net/ads-code/2cdf4c71-ad6c-487e-b43a-8f1af912284a.js
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
2600:9000:218c:d200:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d4dbdcbe094e30b86787917637b30973c02cf2ef25d575c040dc72f3b9ee7829

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
p81uQrZu9kEDGHllCnrSnPorWgrQeM.5
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Wed, 09 Jun 2021 18:58:07 GMT
Server
AmazonS3
X-Amz-Cf-Pop
CDG50-P1
ETag
W/"30512214b45d195fc4b635bafadd8b62"
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 9c8fea304cc4dc64f018a09a43cea24b.cloudfront.net (CloudFront)
Cache-Control
max-age=60
Date
Thu, 10 Jun 2021 00:22:34 GMT
Connection
keep-alive
X-Amz-Cf-Id
AfTJj9EwdNgw8xxhazVxyO-OBj_zAmyOMvMNxHilTinw4sgqmBtnpw==
j.ad
a.tribalfusion.com/ Frame 758E 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://a.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=8645007496&tagKey=3706711333&site=justjared1&adSpace=article&center=1&env=display&size=300x250&busted=1&url=http%3A%2F%2Fwww.justjared.com%2F&f=1&p=4474354&tKey=ahmneMSUMZdWbYXWHQXnrZbo2cfFQliGlZc&a=3&adContainerId=richmedia_4&rnd=4481530
Requested by
Host: tags.expo9.exponential.com
URL: http://tags.expo9.exponential.com/tags/JustJared1/Article/tags.js
Protocol
HTTP/1.1
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4628b6ab214412067e28526e84a0908da3243cc69654d9a51c296a26bf43aa8

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:34 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
P3P
CP="NOI DEVo TAIa OUR BUS"
Connection
keep-alive
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length
1599
cf-request-id
0a94e5b2990000d6b50d306000000001
Pragma
no-cache
X-Function
101
Server
cloudflare
X-Reuse-Index
3
Vary
Accept-Encoding
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
private, no-cache, no-store, proxy-revalidate
CF-RAY
65ce7230fa5ed6b5-FRA
Expires
0
beacon.min.js
static.cloudflareinsights.com/ Frame DF73 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=atmTw7UVMT2FunmHAMYT6w4drEPsBA2AnHoteNTWJ60bn7YFBe1qiMSbrDWb3PVHJ4obYnPFbNYaZbN5EZbi2aYYmajEYbfhWWM0nmfZcpGUqmHnJ3a3e3Wet4mvZbprvEXVMYYsFTXVjupTb42rQQTrjBUAnXQTQ4PsnoPdUOYt7uVmbu4srUXrMJTm2o5mZb7R6BH4HBr0dMKmWiv5ABY3sjgVcUIWU7YmAmwed&mediaDataID=2713736&mediaName=frame.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299

Request headers

Referer
http://a.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:34 GMT
content-encoding
gzip
last-modified
Fri, 28 May 2021 17:24:20 GMT
server
cloudflare
etag
W/"5753bdd2-d310-49fa-bd2b-065a8e512116"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
65ce7230fba33233-FRA
cf-request-id
0a94e5b29c00003233e8179000000001
i.match
a.tribalfusion.com/ Frame DF73
Redirect Chain
  • https://tags.bluekai.com/site/4229?id=18072662182946732675&redir=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db3%26u%3D%24_BK_UUID
  • https://a.tribalfusion.com/i.match?p=b3&u=Q0C2vy9999emuXaQ
43 B
751 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b3&u=Q0C2vy9999emuXaQ
Requested by
Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=atmTw7UVMT2FunmHAMYT6w4drEPsBA2AnHoteNTWJ60bn7YFBe1qiMSbrDWb3PVHJ4obYnPFbNYaZbN5EZbi2aYYmajEYbfhWWM0nmfZcpGUqmHnJ3a3e3Wet4mvZbprvEXVMYYsFTXVjupTb42rQQTrjBUAnXQTQ4PsnoPdUOYt7uVmbu4srUXrMJTm2o5mZb7R6BH4HBr0dMKmWiv5ABY3sjgVcUIWU7YmAmwed&mediaDataID=2713736&mediaName=frame.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
http://a.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:35 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
65ce72389efb073e-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
43
cf-request-id
0a94e5b7600000073ee483b000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://a.tribalfusion.com/i.match?p=b3&u=Q0C2vy9999emuXaQ
Date
Thu, 10 Jun 2021 00:22:35 GMT
Connection
keep-alive
Content-Length
0
BK-Server
16c0
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
beacon.min.js
static.cloudflareinsights.com/ Frame 307A 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=avmTw7WHbSoAnKpVrsmWbA5Evi5dep4ABGnbUGXGnQ1c3Y0V7wmE742UvRTrjZbWP73RTj1Qs3MQW3t1d7mT63u2GQYXFrITPiu56ZbdR6JE4WUO1d3Kmtem4PBR3sngTs3kWsM6PAQxWdY3TUf35UAtUqMrWEM6PEMKRGQIRr6vRW7dUVQ55bXqnHZaMYTew4dYCSVvG4ArZbpWetTtQh0bfk1UFG0WeGq8wobC&mediaDataID=6546596&mediaName=frame.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299

Request headers

Referer
http://a.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:34 GMT
content-encoding
gzip
last-modified
Fri, 28 May 2021 17:24:20 GMT
server
cloudflare
etag
W/"5753bdd2-d310-49fa-bd2b-065a8e512116"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
65ce72312bcf3233-FRA
cf-request-id
0a94e5b2b600003233c4a87000000001
sd
us-u.openx.net/w/1.0/ Frame 307A
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%2...
  • https://a.tribalfusion.com/i.match?p=b12&redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=ac9b9233-0007-4413-985d-3df64c8f0cce
  • https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662182946879246
43 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662182946879246
Requested by
Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=avmTw7WHbSoAnKpVrsmWbA5Evi5dep4ABGnbUGXGnQ1c3Y0V7wmE742UvRTrjZbWP73RTj1Qs3MQW3t1d7mT63u2GQYXFrITPiu56ZbdR6JE4WUO1d3Kmtem4PBR3sngTs3kWsM6PAQxWdY3TUf35UAtUqMrWEM6PEMKRGQIRr6vRW7dUVQ55bXqnHZaMYTew4dYCSVvG4ArZbpWetTtQh0bfk1UFG0WeGq8wobC&mediaDataID=6546596&mediaName=frame.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.208.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
http://a.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:34 GMT
via
1.1 google
server
OXGW/16.208.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:34 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
1343
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
65ce72319d91073e-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662182946879246
cache-control
no-cache, private
content-type
text/html
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a94e5b2fb0000073ef3b27000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT
beacon.min.js
static.cloudflareinsights.com/ Frame 153B 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=aumTw70UUIVmqn2AU7P6jD4Wvo1WrKmdao5mn15sr7VcQ8WsbfSA3oTdvSWF7S3r2nUabpVEYlQqJHSGJKRrAoRtn6WG3T4r6vnWqm0q2M4dMZdPsfG4PrLpWXtVWZbhXrMjYFY7Xq6qPbUZbTrU4THUXorBtQFBnXTvp4EUk2avRmEMD1r7fTdFPmm7Jmc7pmHUE5TBh3HZaq4mJZbnUbE0Gf01cYp0rbKtUAuAt&mediaDataID=6530936&mediaName=frame.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299

Request headers

Referer
http://a.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:34 GMT
content-encoding
gzip
last-modified
Fri, 28 May 2021 17:24:20 GMT
server
cloudflare
etag
W/"5753bdd2-d310-49fa-bd2b-065a8e512116"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
65ce72312bd13233-FRA
cf-request-id
0a94e5b2b900003233df828000000001
i.match
a.tribalfusion.com/ Frame 153B
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=131&external_user_id=18072662182946732675&cb=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db20%26u%3D
  • https://a.tribalfusion.com/i.match?p=b20&u=YMFbSGKU0Ksl.eiRobrDDQAA
43 B
692 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b20&u=YMFbSGKU0Ksl.eiRobrDDQAA
Requested by
Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=aumTw70UUIVmqn2AU7P6jD4Wvo1WrKmdao5mn15sr7VcQ8WsbfSA3oTdvSWF7S3r2nUabpVEYlQqJHSGJKRrAoRtn6WG3T4r6vnWqm0q2M4dMZdPsfG4PrLpWXtVWZbhXrMjYFY7Xq6qPbUZbTrU4THUXorBtQFBnXTvp4EUk2avRmEMD1r7fTdFPmm7Jmc7pmHUE5TBh3HZaq4mJZbnUbE0Gf01cYp0rbKtUAuAt&mediaDataID=6530936&mediaName=frame.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
http://a.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:34 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
65ce72316d5f073e-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
43
cf-request-id
0a94e5b2e30000073ea1a45000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:34 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://a.tribalfusion.com/i.match?p=b20&u=YMFbSGKU0Ksl.eiRobrDDQAA
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
255
Expires
Thu, 10 Jun 2021 00:22:34 GMT
0d973e93-712c-4a2e-965d-e8d79c298b38.js
d3lcz8vpax4lo2.cloudfront.net/header-tags/2cdf4c71-ad6c-487e-b43a-8f1af912284a/ 		383 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://d3lcz8vpax4lo2.cloudfront.net/header-tags/2cdf4c71-ad6c-487e-b43a-8f1af912284a/0d973e93-712c-4a2e-965d-e8d79c298b38.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: http://d3lcz8vpax4lo2.cloudfront.net/ads-code/2cdf4c71-ad6c-487e-b43a-8f1af912284a.js
Protocol
HTTP/1.1
Server
2600:9000:218c:d200:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d283fd53639dba4a2b284ccb118167072b939560a747ef179a5f93279ec4260a

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
hOA6._zm3pn1aXiUqdftYNudjaCYi.A2
Content-Encoding
gzip
ETag
W/"955bf29ef81565b3ef15d61295fafa29"
Age
32
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Wed, 09 Jun 2021 18:58:07 GMT
Server
AmazonS3
Date
Thu, 10 Jun 2021 00:22:03 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 9c8fea304cc4dc64f018a09a43cea24b.cloudfront.net (CloudFront)
Cache-Control
max-age=60
X-Amz-Cf-Pop
CDG50-P1
X-Amz-Cf-Id
vxWL2v77IWqzgFW6fSCTHr0jngPcHZanQ4hAGpvlx5t2mKgmO59f8A==
/
geoip.insticator.com/json/ 		229 B
416 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.insticator.com/json/
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: http://d3lcz8vpax4lo2.cloudfront.net/header-tags/2cdf4c71-ad6c-487e-b43a-8f1af912284a/0d973e93-712c-4a2e-965d-e8d79c298b38.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.185.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
7bef61f69be3c640d404e119c56ba80044049b57343bd73ee855bd013c33c642

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
http://www.justjared.com
date
Thu, 10 Jun 2021 00:22:36 GMT
access-control-allow-credentials
true
x-database-date
Wed, 09 Jun 2021 04:59:19 GMT
content-length
229
vary
Origin
content-type
application/json
usertracking
b2c.insticator.com/v3/pages/ Frame 8025 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b2c.insticator.com/v3/pages/usertracking
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: http://d3lcz8vpax4lo2.cloudfront.net/header-tags/2cdf4c71-ad6c-487e-b43a-8f1af912284a/0d973e93-712c-4a2e-965d-e8d79c298b38.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.185.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
984bca55409990098cf74adc47ed650c3d22c68900739950bd14c04c9d45f8f7

Request headers

:method
GET
:authority
b2c.insticator.com
:scheme
https
:path
/v3/pages/usertracking
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.justjared.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.justjared.com/

Response headers

date
Thu, 10 Jun 2021 00:22:35 GMT
content-type
text/html; charset=UTF-8
content-length
2821
etag
76108511-12c7-4a14-a2f2-97ca1fa8df3c
vary
Accept-Encoding,Origin
pragma
max-age=3600
cache-control
max-age=3600
content-encoding
gzip
pwt.js
ads.pubmatic.com/AdServer/js/pwt/95054/2912/ 		175 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ads.pubmatic.com/AdServer/js/pwt/95054/2912/pwt.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: http://d3lcz8vpax4lo2.cloudfront.net/header-tags/2cdf4c71-ad6c-487e-b43a-8f1af912284a/0d973e93-712c-4a2e-965d-e8d79c298b38.js
Protocol
HTTP/1.1
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
05de65bf444ae8b3ec5193542daa17d1a70b079e38c5cf83953d8d9594f920b9

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:37 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Jun 2021 19:21:20 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1121321-2ba76-5c431f23e6f2e"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
public, max-age=137306
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
57007
Expires
Fri, 11 Jun 2021 14:31:03 GMT
config.js
confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/ 		96 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: http://d3lcz8vpax4lo2.cloudfront.net/header-tags/2cdf4c71-ad6c-487e-b43a-8f1af912284a/0d973e93-712c-4a2e-965d-e8d79c298b38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fc1341fdff2e16e13e656d5c06d22406cab87b5e3043bc625db9952afc04f7dd

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:50 GMT
Content-Encoding
gzip
Age
3290
X-Cache
HIT
Connection
keep-alive
Content-Length
22520
x-amz-id-2
pU0/0MxnhGzQfq9yvqw6dIejcto95PL+u1HVKVN1VoO3Rf22vPUqX7e6t6mVvQCOWq40D/0Obx0=
X-Served-By
cache-hhn4057-HHN
Last-Modified
Wed, 09 Jun 2021 22:59:36 GMT
Server
AmazonS3
X-Timer
S1623284570.054454,VS0,VE0
ETag
"ab161ba49ef81067eb3a3c428e09e308"
x-amz-request-id
Y9SJKHTYC40FGGGA
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
72
config
c.amazon-adsystem.com/cdn/prod/ 		382 B
658 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=70fb13d1-ab65-42ac-a7ca-0b4e680d5c92&u=http%3A%2F%2Fwww.justjared.com%2F
Requested by
Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.200.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-200-121.cdg50.r.cloudfront.net
Software
Server /
Resource Hash
30333fcd41679759e25fefcc761f4e98e3ea023dce3eb36b86a15cb1cd90aba7

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 17:56:42 GMT
content-encoding
gzip
server
Server
age
23155
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
http://www.justjared.com
cache-control
max-age=86087, s-maxage=86400
access-control-allow-credentials
true
x-amz-cf-pop
CDG50-P2
content-length
265
via
1.1 31a1ed822e5cb0d9c8c86a015f42b7bf.cloudfront.net (CloudFront)
x-amz-cf-id
XeiQNlLdK7s7UHPF9jCGzsEXsCfj7DsM-cfASe90GxiI5cx3NUsGLg==
rum
a.tribalfusion.com/cdn-cgi/ Frame E180 		0
480 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://a.tribalfusion.com/cdn-cgi/rum?req_id=65ce722e1fb2d6b5
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js
Protocol
HTTP/1.1
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://a.tribalfusion.com/p.media?clickID=anmTw7Rr6oPHvdWVM22rToodItXTXn3d3ZdQVFZc4mQZamdApTHJ6YrnkXUbjXTeNRUJEWFJYVdYWmUYvPFjs1EMt5aFe4q3PmqMKXFUcWHJVoAnBnGrqmWnE2qZbg5tiN5PjFnbbG0VMS1cYV1cjypabQ5UUPWUFBVP31QTb1ScUMQdUNYtZbuWPvM3VQWYrZbKVmPt2AB8PPBA3dMq0tBApd2o363y5FnQqZcLLfX&mediaDataID=4056396&mediaName=frame.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json

Response headers

Date
Thu, 10 Jun 2021 00:22:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cloudflare
X-Frame-Options
DENY
access-control-allow-methods
POST,OPTIONS
Content-Type
text/plain
access-control-allow-origin
http://a.tribalfusion.com
access-control-max-age
86400
Transfer-Encoding
chunked
Connection
keep-alive
access-control-allow-credentials
true
CF-RAY
65ce7231df1c2b12-FRA
vary
Origin
displayAd.js
a.tribalfusion.com/ Frame C77F 		678 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://a.tribalfusion.com/displayAd.js?dver=0.9&th=8645007496
Requested by
Host: tags.expo9.exponential.com
URL: http://tags.expo9.exponential.com/tags/JustJared1/FlexHome/tags.js
Protocol
HTTP/1.1
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27bb6dfb9f15f7f2b1282311eb59214790162803b2c7e9c6a7f24d7835ea36f9

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:34 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
P3P
CP="NOI DEVo TAIa OUR BUS"
Connection
keep-alive
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length
329
cf-request-id
0a94e5b34300002b1203941000000001
X-Function
153
Last-Modified
Tue, 01 Jun 2021 04:13:16 GMT
Server
cloudflare
X-Reuse-Index
27
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private
CF-RAY
65ce72320f3c2b12-FRA
Expires
Wed, 08 Sep 2021 00:22:34 GMT
Cookie set p.media
a.tribalfusion.com/ Frame 8A2C 		477 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://a.tribalfusion.com/p.media?clickID=ammTw72avYoTbAXUZbcWWfQoA7ImsQopHQJ3TM93ter3A7JnbMIXcn0XcvXXsbonavW5FZbVVU7ZcW6fVPTMYScrsQHFv1t7sTPbn3GB00UvZbVmqw56nhPAfJ3dZbqXW3AntIn5mB13cv9VcUjVGflP6YMWdUQTbJ52r6tVajpTTQlQEBZcQVbCRb6sPtjbVsbV2F2soturXETv3WUEQcrZa2mJHmdEYTaZbPyyA9Tg&mediaDataID=9148826&mediaName=frame.html
Requested by
Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=8645007496&tagKey=3706711333&site=justjared1&adSpace=article&center=1&env=display&size=300x250&busted=1&url=http%3A%2F%2Fwww.justjared.com%2F&f=1&p=4474354&tKey=ahmneMSUMZdWbYXWHQXnrZbo2cfFQliGlZc&a=3&adContainerId=richmedia_4&rnd=4481530
Protocol
HTTP/1.1
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2eee82dbc12dbb2736176fd340330e17ae82e29c665dca251d27598c4447e53

Request headers

Host
a.tribalfusion.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://www.justjared.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.justjared.com/

Response headers

Date
Thu, 10 Jun 2021 00:22:34 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DEVo TAIa OUR BUS"
X-Function
102
X-Reuse-Index
25
Pragma
no-cache
Cache-Control
private, no-cache, no-store, proxy-revalidate
Set-Cookie
ANON_ID=awnpe3yOZbSToJTyHrYLght5UXO0Lgf0nZaYXRrPT5uZdUYFX4NZaQ7p; path=/; domain=.tribalfusion.com; expires=Wed, 08-Sep-2021 00:22:34 GMT; SameSite=None; Secure;
Vary
Accept-Encoding
Expires
0
set-cookie
ANON_ID_old=awnpe3yOZbSToJTyHrYLght5UXO0Lgf0nZaYXRrPT5uZdUYFX4NZaQ7p; path=/; domain=.tribalfusion.com; expires=Wed, 08-Sep-2021 00:22:34 GMT;
CF-Cache-Status
DYNAMIC
cf-request-id
0a94e5b3490000d6b56da5c000000001
Server
cloudflare
CF-RAY
65ce72320b57d6b5-FRA
Content-Encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Cookie set p.media
a.tribalfusion.com/ Frame 52FD 		645 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://a.tribalfusion.com/p.media?clickID=anmTw7Rr6oPHvcWGQV5b2oodAyYTyy3W3ZdQVFZc4mQZamdApTHJdXFnkXUbjXTeNRrJEWFJYVdYWmUYvPFjs1EMt5aFe4av2oEMKXFUcWHJVoAnBmsMqpWQA2qZbg5tiN5PjFnbbG0VMS1cYV1cjypabQ5UUPWUFBVP31QTb1ScUMQdUNYtZbuWAUv4cn0YrZbKVmPt2AB8PPBA3dMq0tBApd2o363y5FnQpmFBjU&mediaDataID=6719746&mediaName=frame.html
Requested by
Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=8645007496&tagKey=3706711333&site=justjared1&adSpace=article&center=1&env=display&size=300x250&busted=1&url=http%3A%2F%2Fwww.justjared.com%2F&f=1&p=4474354&tKey=ahmneMSUMZdWbYXWHQXnrZbo2cfFQliGlZc&a=3&adContainerId=richmedia_4&rnd=4481530
Protocol
HTTP/1.1
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e781beabe50c0ae2715a94f66b19d89cef82ef08a4523946f12cdabe434ae4de

Request headers

Host
a.tribalfusion.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://www.justjared.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.justjared.com/

Response headers

Date
Thu, 10 Jun 2021 00:22:34 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DEVo TAIa OUR BUS"
X-Function
102
X-Reuse-Index
2
Pragma
no-cache
Cache-Control
private, no-cache, no-store, proxy-revalidate
Set-Cookie
ANON_ID=a5npe3sjyDymTFMcEJZbfwF2saNQk8MN73oymrA2la5UIYH4NZaiDZb; path=/; domain=.tribalfusion.com; expires=Wed, 08-Sep-2021 00:22:34 GMT; SameSite=None; Secure;
Vary
Accept-Encoding
Expires
0
set-cookie
ANON_ID_old=a5npe3sjyDymTFMcEJZbfwF2saNQk8MN73oymrA2la5UIYH4NZaiDZb; path=/; domain=.tribalfusion.com; expires=Wed, 08-Sep-2021 00:22:34 GMT;
CF-Cache-Status
DYNAMIC
cf-request-id
0a94e5b34900004a56b0b35000000001
Server
cloudflare
CF-RAY
65ce72320bc44a56-FRA
Content-Encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Cookie set p.media
a.tribalfusion.com/ Frame 2C92 		919 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://a.tribalfusion.com/p.media?clickID=aomTw7T6Mu4sY5XbBBTmap2PrdPP7G4drO0HnCndEv36YV5crcTGQjVcBiP6YnUWFTWbr03rZauWTbxVEQdSTvZcScBZcPr6qRt7kVcbP2FTrodiOXq2N2HjHPsrH2mUHotZaOTHQf0rMd1UF91E6mPUUCWUQ5WdMXnbjqQFrq1E3y5EUl2aURnEfDXrF9TdMQoAUZapVjmotUD2qMg3WmN3AvGprv7Xrr7pM5wrX&mediaDataID=5207316&mediaName=frame.html
Requested by
Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=8645007496&tagKey=3706711333&site=justjared1&adSpace=article&center=1&env=display&size=300x250&busted=1&url=http%3A%2F%2Fwww.justjared.com%2F&f=1&p=4474354&tKey=ahmneMSUMZdWbYXWHQXnrZbo2cfFQliGlZc&a=3&adContainerId=richmedia_4&rnd=4481530
Protocol
HTTP/1.1
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
064da82acd8872a2cc29ecdb3e5256d446b780a1b88f4d0d2e5cafab1cecaaa8

Request headers

Host
a.tribalfusion.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://www.justjared.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.justjared.com/

Response headers

Date
Thu, 10 Jun 2021 00:22:34 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DEVo TAIa OUR BUS"
X-Function
102
X-Reuse-Index
2
Pragma
no-cache
Cache-Control
private, no-cache, no-store, proxy-revalidate
Set-Cookie
ANON_ID=aunpe3wl6hmbQQw9PCHjpoRE6Za4i8kYnIWSbb8SZayLXgUV4NZahhZc; path=/; domain=.tribalfusion.com; expires=Wed, 08-Sep-2021 00:22:34 GMT; SameSite=None; Secure;
Vary
Accept-Encoding
Expires
0
set-cookie
ANON_ID_old=aunpe3wl6hmbQQw9PCHjpoRE6Za4i8kYnIWSbb8SZayLXgUV4NZahhZc; path=/; domain=.tribalfusion.com; expires=Wed, 08-Sep-2021 00:22:34 GMT;
CF-Cache-Status
DYNAMIC
cf-request-id
0a94e5b34a0000175ee937f000000001
Server
cloudflare
CF-RAY
65ce72321c4c175e-FRA
Content-Encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
300X250.jpg
cdnx.tribalfusion.com/media/10040096/ Frame 758E 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdnx.tribalfusion.com/media/10040096/300X250.jpg
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5bec43970e646e700bd0c887bc37944087479b629969427f9fe2916bf5b5754

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:34 GMT
CF-Cache-Status
HIT
Age
59938
P3P
CP="NOI DEVo TAIa OUR BUS"
Connection
keep-alive
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length
30191
cf-request-id
0a94e5b3600000c277ef12c000000001
X-Function
301
Last-Modified
Fri, 28 May 2021 14:30:31 GMT
Server
cloudflare
ETag
1622212231
Vary
Accept-Encoding
Content-Type
image/jpeg; charset=utf-8
Access-Control-Allow-Origin
*
Cf-Bgj
h2pri
Cache-Control
public
Accept-Ranges
bytes
CF-RAY
65ce723238b6c277-FRA
Expires
Tue, 31 Dec 2030 00:00:00 GMT
B25944579.304320042;dc_pre=CNGLkZrmi_ECFYTnuwgdJcIHwA;dc_trk_aid=496913219;dc_trk_cid=151507519;ord=500373157;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=...
ad.doubleclick.net/ddm/trackimp/N1153793.3739983VDX.TV/ Frame 758E
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N1153793.3739983VDX.TV/B25944579.304320042;dc_trk_aid=496913219;dc_trk_cid=151507519;ord=500373157;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;g...
  • https://ad.doubleclick.net/ddm/trackimp/N1153793.3739983VDX.TV/B25944579.304320042;dc_pre=CNGLkZrmi_ECFYTnuwgdJcIHwA;dc_trk_aid=496913219;dc_trk_cid=151507519;ord=500373157;dc_lat=;dc_rdid=;tag_for...
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N1153793.3739983VDX.TV/B25944579.304320042;dc_pre=CNGLkZrmi_ECFYTnuwgdJcIHwA;dc_trk_aid=496913219;dc_trk_cid=151507519;ord=500373157;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:34 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
location
https://ad.doubleclick.net/ddm/trackimp/N1153793.3739983VDX.TV/B25944579.304320042;dc_pre=CNGLkZrmi_ECFYTnuwgdJcIHwA;dc_trk_aid=496913219;dc_trk_cid=151507519;ord=500373157;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_impression.gif
beacon.krxd.net/ Frame 758E 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/ad_impression.gif?confid=uoj57punt&campaignid=25944579&advertiserid=9642282&placementid=304320042&adid=496913219&creativeid=151507519&siteid=6596925
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.36.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-36-200.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:35 GMT
cache-control
private, no-cache, no-store
x-request-time
D=113 t=1623284555
x-served-by
beacon-n008-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
impression_pixel
t.myvisualiq.net/ Frame 758E 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.myvisualiq.net/impression_pixel?r=500373157&et=i&ago=212&ao=993&aca=25944579&si=6596925&ci=151507519&pi=304320042&ad=496913219&advt=9642282&chnl=-7&vndr=115&sz=9675&u={AuctionID};&viq_did=%pdevice=!;&pt=I
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.68.251 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:34 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Content-Length
43
Content-Type
image/gif
visit.jpg
tps.doubleverify.com/ Frame 758E 		305 B
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tps.doubleverify.com/visit.jpg?ctx=3758893&cmp=25944579&sid=6596925&plc=304320042&adsrv=1&btreg=&btadsrv=&crt=&tagtype=&dvtagver=6.1.img&
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.24 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
a78f3c394abdb5185b2a1235457e0e9a50b97625ef7c01a276a0aef6c5dd87fb

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:34 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
max-age=0
Content-Length
142
Expires
6/9/2021 12:22:35 AM
truncated
/ Frame 758E 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e6b9a3ebab04f35aa5b3532b44b1d4aba5659fb6cf39a4c1c3008c8f70fe7598

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
rum
a.tribalfusion.com/cdn-cgi/ Frame 7719 		0
480 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://a.tribalfusion.com/cdn-cgi/rum?req_id=65ce722e2e194e68
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js
Protocol
HTTP/1.1
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://a.tribalfusion.com/p.media?clickID=asmTw71rZb8WHbSn67KnGrpmH3G5Trf2HIN5PJEnrMZd0GnUYs331V7nmTFP5bY5VrnHUPf4PTrQQGFOQdZbMYtBpVPrO2cMWYUZbBUAir2PvcR6bK2WFp0tvJmW2v363Y5cvfTsJlUsfhPPYoTHQPWF755bZaqVaYsWEr6PEBZdQVJCPbuoPHUiVsrP5FupnHqs0qTN4tfFQsJG5AvZaoHXyVWQh0brLYcFXsPCYuK&mediaDataID=6347136&mediaName=frame.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json

Response headers

Date
Thu, 10 Jun 2021 00:22:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cloudflare
X-Frame-Options
DENY
access-control-allow-methods
POST,OPTIONS
Content-Type
text/plain
access-control-allow-origin
http://a.tribalfusion.com
access-control-max-age
86400
Transfer-Encoding
chunked
Connection
keep-alive
access-control-allow-credentials
true
CF-RAY
65ce72323e5b4db8-FRA
vary
Origin
rum
a.tribalfusion.com/cdn-cgi/ Frame 02CC 		0
480 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://a.tribalfusion.com/cdn-cgi/rum?req_id=65ce722e2b0a2b12
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js
Protocol
HTTP/1.1
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://a.tribalfusion.com/p.media?clickID=aqmTw7PHvdUVMV2Umsotus0qXO4tQBQVZbZa46vFodAtVWJaXrnbXFB91aIpPUUZcUbB0TdB3mbBxPrMyYT3q3Tjl4Tn4mEBKXbUhTtMWoA3ZdpGvwptMB5qMj2Hmr3AbGnbnHXVfX1sQ5XGbnmqjS5bYSTF7CVPU1QTY4PsZbtStZbr1dvpT6Qp3srXYFnBUPip2PnbRmnA2dnr1dnLnH2o36BY3snZdTUUVq6JEl0&mediaDataID=7665496&mediaName=frame.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json

Response headers

Date
Thu, 10 Jun 2021 00:22:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cloudflare
X-Frame-Options
DENY
access-control-allow-methods
POST,OPTIONS
Content-Type
text/plain
access-control-allow-origin
http://a.tribalfusion.com
access-control-max-age
86400
Transfer-Encoding
chunked
Connection
keep-alive
access-control-allow-credentials
true
CF-RAY
65ce72323bfe4e68-FRA
vary
Origin
view
securepubads.g.doubleclick.net/pcs/ Frame 758E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstAOmiaNqvyY7Sjdn92j_CEha2uiMTFlidL589TGbxSq8_0MAyv_5XqKvbQs8-A7sdNfbJg_-vANhhSmNjbczxp13fNmTwStZdayF8mlumTq_Pco0TtMW3uhMzY8wOveo2Fj234d-p8nJfXxyv-971ZC2mAq59-rS1mUnuOzcfXN3UNBOM78vhI0OLJtN2ShIyw2nOtL-fs1_JlZjHHVUtQ3oNwHSgEl9FMc9qDbPu8SliRyr8F1WN2Eor4jTSPIGUDK7GB3rqs9aZz0TVWvDFsefBNLW325nINlHT5eNZVW-BvZoTinmDWmqJ4IJloS_QjRVxj1EFKx6WuhNUvYWewFFzlPq7ZwSdQzsbGG5B0pXdMJG9dmf3Y&sig=Cg0ArKJSzEurprebPh37EAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 10 Jun 2021 00:22:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 10 Jun 2021 00:22:34 GMT
rum
a.tribalfusion.com/cdn-cgi/ Frame 153B 		0
480 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://a.tribalfusion.com/cdn-cgi/rum?req_id=65ce722f3c2c2b12
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js
Protocol
HTTP/1.1
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://a.tribalfusion.com/p.media?clickID=aumTw70UUIVmqn2AU7P6jD4Wvo1WrKmdao5mn15sr7VcQ8WsbfSA3oTdvSWF7S3r2nUabpVEYlQqJHSGJKRrAoRtn6WG3T4r6vnWqm0q2M4dMZdPsfG4PrLpWXtVWZbhXrMjYFY7Xq6qPbUZbTrU4THUXorBtQFBnXTvp4EUk2avRmEMD1r7fTdFPmm7Jmc7pmHUE5TBh3HZaq4mJZbnUbE0Gf01cYp0rbKtUAuAt&mediaDataID=6530936&mediaName=frame.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json

Response headers

Date
Thu, 10 Jun 2021 00:22:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cloudflare
X-Frame-Options
DENY
access-control-allow-methods
POST,OPTIONS
Content-Type
text/plain
access-control-allow-origin
http://a.tribalfusion.com
access-control-max-age
86400
Transfer-Encoding
chunked
Connection
keep-alive
access-control-allow-credentials
true
CF-RAY
65ce72328ca24e68-FRA
vary
Origin
rum
a.tribalfusion.com/cdn-cgi/ Frame 307A 		0
480 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://a.tribalfusion.com/cdn-cgi/rum?req_id=65ce722fc8ac4a56
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js
Protocol
HTTP/1.1
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://a.tribalfusion.com/p.media?clickID=avmTw7WHbSoAnKpVrsmWbA5Evi5dep4ABGnbUGXGnQ1c3Y0V7wmE742UvRTrjZbWP73RTj1Qs3MQW3t1d7mT63u2GQYXFrITPiu56ZbdR6JE4WUO1d3Kmtem4PBR3sngTs3kWsM6PAQxWdY3TUf35UAtUqMrWEM6PEMKRGQIRr6vRW7dUVQ55bXqnHZaMYTew4dYCSVvG4ArZbpWetTtQh0bfk1UFG0WeGq8wobC&mediaDataID=6546596&mediaName=frame.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json

Response headers

Date
Thu, 10 Jun 2021 00:22:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cloudflare
X-Frame-Options
DENY
access-control-allow-methods
POST,OPTIONS
Content-Type
text/plain
access-control-allow-origin
http://a.tribalfusion.com
access-control-max-age
86400
Transfer-Encoding
chunked
Connection
keep-alive
access-control-allow-credentials
true
CF-RAY
65ce7232dcfe4e68-FRA
vary
Origin
j.ad
a.tribalfusion.com/ Frame C77F 		652 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://a.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=8645007496&tagKey=3706711333&site=justjared1&adSpace=flexhome&center=1&env=display&size=300x250,300x600,160x600&busted=1&url=http%3A%2F%2Fwww.justjared.com%2F&f=1&p=4474354&tKey=apmneMnaJK1FZb8TtbWnArIMrMBQliPGO&a=5&adContainerId=richmedia_6&rnd=4482935
Requested by
Host: tags.expo9.exponential.com
URL: http://tags.expo9.exponential.com/tags/JustJared1/FlexHome/tags.js
Protocol
HTTP/1.1
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f38cb3352201a843dc2646083934f8c2bccb8d9bcb151d4f0fb8e1333bb0156

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:34 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
P3P
CP="NOI DEVo TAIa OUR BUS"
Connection
keep-alive
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length
368
cf-request-id
0a94e5b3ec00002b12ad82c000000001
Pragma
no-cache
X-Function
101
Server
cloudflare
X-Reuse-Index
41
Vary
Accept-Encoding
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
private, no-cache, no-store, proxy-revalidate
CF-RAY
65ce723318852b12-FRA
Expires
0
beacon.min.js
static.cloudflareinsights.com/ Frame 52FD 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=anmTw7Rr6oPHvcWGQV5b2oodAyYTyy3W3ZdQVFZc4mQZamdApTHJdXFnkXUbjXTeNRrJEWFJYVdYWmUYvPFjs1EMt5aFe4av2oEMKXFUcWHJVoAnBmsMqpWQA2qZbg5tiN5PjFnbbG0VMS1cYV1cjypabQ5UUPWUFBVP31QTb1ScUMQdUNYtZbuWAUv4cn0YrZbKVmPt2AB8PPBA3dMq0tBApd2o363y5FnQpmFBjU&mediaDataID=6719746&mediaName=frame.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299

Request headers

Referer
http://a.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:34 GMT
content-encoding
gzip
last-modified
Fri, 28 May 2021 17:24:20 GMT
server
cloudflare
etag
W/"5753bdd2-d310-49fa-bd2b-065a8e512116"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
65ce72332d9d3233-FRA
cf-request-id
0a94e5b3f600003233002c1000000001
i.match
a.tribalfusion.com/ Frame 52FD
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D180726621829...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D180726621829...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw&piggybackCookie=18072662182946732675&r=https%3A//a.tribalfusion.com/i.match%3Fp%3Db11%26u%3D%24%7BPUBMATIC_U...
  • https://a.tribalfusion.com/i.match?p=b11&u=243001C2-55CB-49FA-8475-D0132988CDB5
43 B
782 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b11&u=243001C2-55CB-49FA-8475-D0132988CDB5
Requested by
Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=anmTw7Rr6oPHvcWGQV5b2oodAyYTyy3W3ZdQVFZc4mQZamdApTHJdXFnkXUbjXTeNRrJEWFJYVdYWmUYvPFjs1EMt5aFe4av2oEMKXFUcWHJVoAnBmsMqpWQA2qZbg5tiN5PjFnbbG0VMS1cYV1cjypabQ5UUPWUFBVP31QTb1ScUMQdUNYtZbuWAUv4cn0YrZbKVmPt2AB8PPBA3dMq0tBApd2o363y5FnQpmFBjU&mediaDataID=6719746&mediaName=frame.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
http://a.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:36 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
65ce723e4f81073e-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
43
cf-request-id
0a94e5baea0000073ea1ac2000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://a.tribalfusion.com/i.match?p=b11&u=243001C2-55CB-49FA-8475-D0132988CDB5
date
Thu, 10 Jun 2021 00:22:36 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug013:0:346
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
beacon.min.js
static.cloudflareinsights.com/ Frame 8A2C 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=ammTw72avYoTbAXUZbcWWfQoA7ImsQopHQJ3TM93ter3A7JnbMIXcn0XcvXXsbonavW5FZbVVU7ZcW6fVPTMYScrsQHFv1t7sTPbn3GB00UvZbVmqw56nhPAfJ3dZbqXW3AntIn5mB13cv9VcUjVGflP6YMWdUQTbJ52r6tVajpTTQlQEBZcQVbCRb6sPtjbVsbV2F2soturXETv3WUEQcrZa2mJHmdEYTaZbPyyA9Tg&mediaDataID=9148826&mediaName=frame.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299

Request headers

Referer
http://a.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:34 GMT
content-encoding
gzip
last-modified
Fri, 28 May 2021 17:24:20 GMT
server
cloudflare
etag
W/"5753bdd2-d310-49fa-bd2b-065a8e512116"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
65ce72332da83233-FRA
cf-request-id
0a94e5b3fb00003233b8000000000001
i.match
a.tribalfusion.com/ Frame 8A2C
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8731&uid=18072662182946732675&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db19%26u%3D$SPOTX_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=8731&uid=18072662182946732675&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db19%26u%3D$SPOTX_USER_ID&__user_check__=1&sync_id=f41743a1-c981-11e...
  • https://a.tribalfusion.com/i.match?p=b19&u=f4174368-c981-11eb-ae84-194044dd0506
43 B
719 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b19&u=f4174368-c981-11eb-ae84-194044dd0506
Requested by
Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=ammTw72avYoTbAXUZbcWWfQoA7ImsQopHQJ3TM93ter3A7JnbMIXcn0XcvXXsbonavW5FZbVVU7ZcW6fVPTMYScrsQHFv1t7sTPbn3GB00UvZbVmqw56nhPAfJ3dZbqXW3AntIn5mB13cv9VcUjVGflP6YMWdUQTbJ52r6tVajpTTQlQEBZcQVbCRb6sPtjbVsbV2F2soturXETv3WUEQcrZa2mJHmdEYTaZbPyyA9Tg&mediaDataID=9148826&mediaName=frame.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
http://a.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:35 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
65ce7233c8ba073e-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
43
cf-request-id
0a94e5b4600000073ef6af6000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Thu, 10 Jun 2021 00:22:34 GMT
Server
nginx
Location
https://a.tribalfusion.com/i.match?p=b19&u=f4174368-c981-11eb-ae84-194044dd0506
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
100
Connection
keep-alive
Content-Length
43
hmac-sha1.js
cdnx.tribalfusion.com/media/5207316/ Frame 2C92 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdnx.tribalfusion.com/media/5207316/hmac-sha1.js
Requested by
Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=aomTw7T6Mu4sY5XbBBTmap2PrdPP7G4drO0HnCndEv36YV5crcTGQjVcBiP6YnUWFTWbr03rZauWTbxVEQdSTvZcScBZcPr6qRt7kVcbP2FTrodiOXq2N2HjHPsrH2mUHotZaOTHQf0rMd1UF91E6mPUUCWUQ5WdMXnbjqQFrq1E3y5EUl2aURnEfDXrF9TdMQoAUZapVjmotUD2qMg3WmN3AvGprv7Xrr7pM5wrX&mediaDataID=5207316&mediaName=frame.html
Protocol
HTTP/1.1
Server
2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
373015d4e34dbf73ecb406228a102a191bf689ab1531ad0afa629e97b6a4a7bd

Request headers

Referer
http://a.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:34 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Age
44192
Transfer-Encoding
chunked
P3P
CP="NOI DEVo TAIa OUR BUS"
Connection
keep-alive
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a94e5b4000000c277bb994000000001
X-Function
301
Last-Modified
Thu, 08 Feb 2018 21:10:28 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
application/x-javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public
CF-RAY
65ce723339f6c277-FRA
Expires
Tue, 31 Dec 2030 00:00:00 GMT
beacon.min.js
static.cloudflareinsights.com/ Frame 2C92 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=aomTw7T6Mu4sY5XbBBTmap2PrdPP7G4drO0HnCndEv36YV5crcTGQjVcBiP6YnUWFTWbr03rZauWTbxVEQdSTvZcScBZcPr6qRt7kVcbP2FTrodiOXq2N2HjHPsrH2mUHotZaOTHQf0rMd1UF91E6mPUUCWUQ5WdMXnbjqQFrq1E3y5EUl2aURnEfDXrF9TdMQoAUZapVjmotUD2qMg3WmN3AvGprv7Xrr7pM5wrX&mediaDataID=5207316&mediaName=frame.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299

Request headers

Referer
http://a.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:34 GMT
content-encoding
gzip
last-modified
Fri, 28 May 2021 17:24:20 GMT
server
cloudflare
etag
W/"5753bdd2-d310-49fa-bd2b-065a8e512116"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
65ce72333db73233-FRA
cf-request-id
0a94e5b40000003233f6884000000001
v1
ads.yahoo.com/cms/ Frame 2C92 		0
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10001105643&eid=18072662182946732675&sigv=1&esig=2~2026977ebb2b5dc8d5979cd342f9eb48888a9770
Requested by
Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/p.media?clickID=aomTw7T6Mu4sY5XbBBTmap2PrdPP7G4drO0HnCndEv36YV5crcTGQjVcBiP6YnUWFTWbr03rZauWTbxVEQdSTvZcScBZcPr6qRt7kVcbP2FTrodiOXq2N2HjHPsrH2mUHotZaOTHQf0rMd1UF91E6mPUUCWUQ5WdMXnbjqQFrq1E3y5EUl2aURnEfDXrF9TdMQoAUZapVjmotUD2qMg3WmN3AvGprv7Xrr7pM5wrX&mediaDataID=5207316&mediaName=frame.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://a.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:34 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 3488 		43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=276ff8e138bba4aa5ae5ff82&ex=sovrn.com&gdpr=0&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.123.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:34 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame 3488
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?st=bidswitch&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D79%26user_id%3D_wfivefivec_%26expires%3D30%26ssp%3Dfmx%26bsw_param%3D28089516-6d3a-4447-b279-e92369718e38
  • https://pm.w55c.net/ping_match.gif?scc=1&st=bidswitch&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D79%26user_id%3D_wfivefivec_%26expires%3D30%26ssp%3Dfmx%26bsw_param%3D28089516-6d3a-4447-b279-e9236...
  • https://x.bidswitch.net/sync?dsp_id=79&user_id=286l9JDr1LR8sY5&expires=30&ssp=fmx&bsw_param=28089516-6d3a-4447-b279-e92369718e38
  • https://ce.lijit.com/merge?pid=26&3pid=28089516-6d3a-4447-b279-e92369718e38
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=26&3pid=28089516-6d3a-4447-b279-e92369718e38
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:36 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
//ce.lijit.com/merge?pid=26&3pid=28089516-6d3a-4447-b279-e92369718e38
date
Thu, 10 Jun 2021 00:22:36 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
merge
ce.lijit.com/ Frame 3488
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=86&3pid=laNMGwN03LWN1DvJ87Kd&pi=sovrn&gdpr_consent=&gdpr=0
43 B
854 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=86&3pid=laNMGwN03LWN1DvJ87Kd&pi=sovrn&gdpr_consent=&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:35 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=86&3pid=laNMGwN03LWN1DvJ87Kd&pi=sovrn&gdpr_consent=&gdpr=0
pragma
no-cache
date
Thu, 10 Jun 2021 00:22:35 GMT, Thu, 10 Jun 2021 00:22:35 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame 3488
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=27&uid=276ff8e138bba4aa5ae5ff82&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=66&3pid=584457098739
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=66&3pid=584457098739
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:41 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://ce.lijit.com/merge?pid=66&3pid=584457098739
merge
ce.lijit.com/ Frame 3488
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=49&3pid=7UuxSOkeBCcM&ev=1&pid=558511&gdpr_consent=&gdpr=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=49&3pid=7UuxSOkeBCcM&ev=1&pid=558511&gdpr_consent=&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:36 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://ce.lijit.com/merge?pid=49&3pid=7UuxSOkeBCcM&ev=1&pid=558511&gdpr_consent=&gdpr=0
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-8474b759f8-xrp6v
expires
-1
pixel
cm.g.doubleclick.net/ Frame 3488
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=Mjc2ZmY4ZTEzOGJiYTRhYTVhZTVmZjgy&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=Mjc2ZmY4ZTEzOGJiYTRhYTVhZTVmZjgy&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 10 Jun 2021 00:22:34 GMT
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=Mjc2ZmY4ZTEzOGJiYTRhYTVhZTVmZjgy&gdpr=0
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
rum
a.tribalfusion.com/cdn-cgi/ Frame 2C92 		0
480 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://a.tribalfusion.com/cdn-cgi/rum?req_id=65ce72321c4c175e
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js
Protocol
HTTP/1.1
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://a.tribalfusion.com/p.media?clickID=aomTw7T6Mu4sY5XbBBTmap2PrdPP7G4drO0HnCndEv36YV5crcTGQjVcBiP6YnUWFTWbr03rZauWTbxVEQdSTvZcScBZcPr6qRt7kVcbP2FTrodiOXq2N2HjHPsrH2mUHotZaOTHQf0rMd1UF91E6mPUUCWUQ5WdMXnbjqQFrq1E3y5EUl2aURnEfDXrF9TdMQoAUZapVjmotUD2qMg3WmN3AvGprv7Xrr7pM5wrX&mediaDataID=5207316&mediaName=frame.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json

Response headers

Date
Thu, 10 Jun 2021 00:22:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cloudflare
X-Frame-Options
DENY
access-control-allow-methods
POST,OPTIONS
Content-Type
text/plain
access-control-allow-origin
http://a.tribalfusion.com
access-control-max-age
86400
Transfer-Encoding
chunked
Connection
keep-alive
access-control-allow-credentials
true
CF-RAY
65ce72338dce175e-FRA
vary
Origin
activeview
pagead2.googlesyndication.com/pcs/ Frame 3984 		42 B
501 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst2rsJ0qdNQ5lvI_D56z1b35s4s1kzVRajiWoKDpeQh0c8oQ2kcMU3ezad-2xyJmk3ZVUQG5M9eR5aS0DmnNcoHXnbCzspG4lmPaAWHds0&sig=Cg0ArKJSzGcf0XyrgGXSEAE&id=lidar2&mcvt=1000&p=0,800,1,801&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210607&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=3666153669&rs=4&met=ce&la=0&cr=0&osd=1&vs=4&eosm=0&rst=1623284553318&dlt=0&rpt=158&isd=0&msd=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame C77F 		61 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: a.tribalfusion.com
URL: http://a.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=8645007496&tagKey=3706711333&site=justjared1&adSpace=flexhome&center=1&env=display&size=300x250,300x600,160x600&busted=1&url=http%3A%2F%2Fwww.justjared.com%2F&f=1&p=4474354&tKey=apmneMnaJK1FZb8TtbWnArIMrMBQliPGO&a=5&adContainerId=richmedia_6&rnd=4482935
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
5df98d6a35cd7c205ae498e037904234a71c88620b39747b947a7766f762317c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"898 / 44 of 1000 / last-modified: 1623280302"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21282
x-xss-protection
0
expires
Thu, 10 Jun 2021 00:22:34 GMT
truncated
/ Frame C77F 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f69882d53f5ac02ebcc9cec889cb442ffd54a1253137b976c241bf272369aec0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
rum
a.tribalfusion.com/cdn-cgi/ Frame 58AC 		0
480 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://a.tribalfusion.com/cdn-cgi/rum?req_id=65ce722e28d94db8
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js
Protocol
HTTP/1.1
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://a.tribalfusion.com/p.media?clickID=armTw74sY40UUKV6ys4Av7R6nA3tnr1dvAntim56YR3srbTsQcVsb8SPvyWWY4UbMY5rToWaMvVqBjQEYZbQVfJPFerRW3kVsb35r6qodAn0qmp3WrEPsJF5AJZamdEyTHFeXrfi1FZbgXaeMSF3AWb32TtY1nbbqQFJnXTFs3TZba4q7YoTJI1FJ7WWFUn6fIpG3tmWbD3qnh2HAr56vGprbE0GrOYUYjvto2Jw&mediaDataID=8039566&mediaName=frame.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json

Response headers

Date
Thu, 10 Jun 2021 00:22:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cloudflare
X-Frame-Options
DENY
access-control-allow-methods
POST,OPTIONS
Content-Type
text/plain
access-control-allow-origin
http://a.tribalfusion.com
access-control-max-age
86400
Transfer-Encoding
chunked
Connection
keep-alive
access-control-allow-credentials
true
CF-RAY
65ce72344a922b12-FRA
vary
Origin
pubads_impl_2021060301.js
securepubads.g.doubleclick.net/gpt/ Frame C77F 		312 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
d0b3850a417ef733c6acaff02a3311c7ce9a5b7ee55d2cd76d8c7f1f661bcb20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 03 Jun 2021 08:37:25 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112073
x-xss-protection
0
expires
Thu, 10 Jun 2021 00:22:34 GMT
truncated
/ 		395 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		492 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95d3073105313580bb2f7f8ee61573268617bdf05317eb91df7d442e24491eb4

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
0eb717a5-edb3-4ba3-8a50-e9f78184d544.js
d3lcz8vpax4lo2.cloudfront.net/embed-code/ Frame EAC2 		353 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3lcz8vpax4lo2.cloudfront.net/embed-code/0eb717a5-edb3-4ba3-8a50-e9f78184d544.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: http://d3lcz8vpax4lo2.cloudfront.net/ads-code/2cdf4c71-ad6c-487e-b43a-8f1af912284a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218c:d200:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
433d5c6da53723f67e11e99c8482d2dd1a5a9a2dd944a4386fcdfb83699553d7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
wvQbZqvM_NMynAWQvq7npCF5Qet4TlE4
content-encoding
gzip
last-modified
Tue, 08 Jun 2021 21:51:22 GMT
server
AmazonS3
x-amz-cf-pop
CDG50-P1
etag
W/"8a630ffdbd0ea7cc3f02c2b1ba586653"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 3f1a5dbb6451309426050e13abf469c6.cloudfront.net (CloudFront)
cache-control
max-age=3600,public
date
Thu, 10 Jun 2021 00:22:35 GMT
x-amz-cf-id
2zV1oLxBzwaVUBCfDHZhD1A8p4qoCW_kOppnkcKqxuWKSRjBgEQzwg==
activeview
pagead2.googlesyndication.com/pcs/ Frame 927E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvGDIR4xGlh-pVXDIS824xlXWynVR8sCH69ViVWSib5V5JrWzvFM0NRv2eoIq1eztko8tJv1Pg64VvsHs9Csjj8zoIV75GTlJ2LxikEia4&sig=Cg0ArKJSzKyyKgR99vw1EAE&id=lidar2&mcvt=1000&p=351,436,463,1164&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20210607&bin=7&avms=nio&bs=1600,1200&mc=0.8&app=0&itpl=19&adk=1749475389&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&eosm=0&rst=1623284553320&dlt=0&rpt=648&isd=0&msd=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C77F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstegpMEnbltJMc0ofdGUr6iP8mUoLTrpbh3_rCIjGrgQWGakOB7xwws1XzaYmG3KgypeU5GlcjbO8uiLUNm3QwUgFF3nBGTXA7ZPsgggOz2bv-Be5ff0F41-Ktyk4-N-ck_ec-GFB1eD7jLQgGn9mZ6hfS_cay1S3NR8NlBL0w-WLLmO9OZlFESNPJih4vOzGtps62wtFBeqHYhgAcAiJ9aYsYtey6eXjpNkPnEuc4-9oa4eSinLyeV5PVMFhKSzG-KHo_9D__ZNpmZDOFiBsnA7ZyWkmVxVjbZyiyS_MRr0ocV-XZKljBZ1Z0QMO2mTdrzaXeb683ejAV5SmQlqJi-6ya_Fm1Vu9hiXAlL-KpMIZ-obfYYaHF6RwdImISy&sig=Cg0ArKJSzBUEKqTLPYQeEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 10 Jun 2021 00:22:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 10 Jun 2021 00:22:35 GMT
rum
a.tribalfusion.com/cdn-cgi/ Frame 8A2C 		0
480 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://a.tribalfusion.com/cdn-cgi/rum?req_id=65ce72320b57d6b5
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js
Protocol
HTTP/1.1
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://a.tribalfusion.com/p.media?clickID=ammTw72avYoTbAXUZbcWWfQoA7ImsQopHQJ3TM93ter3A7JnbMIXcn0XcvXXsbonavW5FZbVVU7ZcW6fVPTMYScrsQHFv1t7sTPbn3GB00UvZbVmqw56nhPAfJ3dZbqXW3AntIn5mB13cv9VcUjVGflP6YMWdUQTbJ52r6tVajpTTQlQEBZcQVbCRb6sPtjbVsbV2F2soturXETv3WUEQcrZa2mJHmdEYTaZbPyyA9Tg&mediaDataID=9148826&mediaName=frame.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json

Response headers

Date
Thu, 10 Jun 2021 00:22:35 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cloudflare
X-Frame-Options
DENY
access-control-allow-methods
POST,OPTIONS
Content-Type
text/plain
access-control-allow-origin
http://a.tribalfusion.com
access-control-max-age
86400
Transfer-Encoding
chunked
Connection
keep-alive
access-control-allow-credentials
true
CF-RAY
65ce7234eb4d2b12-FRA
vary
Origin
instBid-3.27.1-no-userID.js
df80k0z3fi8zg.cloudfront.net/files/ 		310 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/instBid-3.27.1-no-userID.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: http://d3lcz8vpax4lo2.cloudfront.net/header-tags/2cdf4c71-ad6c-487e-b43a-8f1af912284a/0d973e93-712c-4a2e-965d-e8d79c298b38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218c:be00:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b1903d716f202ad14f158840dd6e4ef52958acd379830dbda3adce9d356aa05e

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
nrwy7HBN2I4SzvIEPS5AQHi5g8N_8CkU
content-encoding
gzip
last-modified
Wed, 12 May 2021 20:00:54 GMT
server
AmazonS3
age
37038
etag
W/"3da0a624d5597f63294d6a2863aaa8a8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 dcff20cbe7f6611a8c32722d5b502d44.cloudfront.net (CloudFront)
date
Wed, 09 Jun 2021 14:05:20 GMT
x-amz-cf-pop
CDG50-P1
x-amz-cf-id
2NQQzZPtjmkCKGyJ0CxbNCMFB-YjRQW4744ZhmZeVN-ZmdRIz8GTDQ==
css
fonts.googleapis.com/ Frame EAC2 		4 KB
976 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Work+Sans:400,500,600,700&display=swap
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ff8f564d49e32a39c6caf2dade2e669daaf3a0a608bcba426ef88eeb10d215d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 09 Jun 2021 23:07:25 GMT
server
ESF
date
Thu, 10 Jun 2021 00:22:35 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 10 Jun 2021 00:22:35 GMT
all.css
use.fontawesome.com/releases/v5.5.0/css/ Frame EAC2 		50 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.5.0/css/all.css
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:35 GMT
content-encoding
gzip
last-modified
Fri, 02 Nov 2018 15:16:46 GMT
server
NetDNA-cache/2.2
etag
W/"1cc6c92172d124fbd305ba3d8e263333"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
event
event.insticator.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_embed-loaded
Protocol
H2
Server
3.216.185.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
http://www.justjared.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 10 Jun 2021 00:22:35 GMT
content-length
0
vary
Origin
access-control-max-age
3600
access-control-allow-origin
http://www.justjared.com
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-credentials
true
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=2054784078&t=pageview&_s=1&dl=http%3A%2F%2Fwww.justjared.com%2F&dp=%2F2cdf4c71-ad6c-487e-b43a-8f1af912284a&ul=en-us&de=UTF-8&dt=Celebrity%20Gossip%20and%20Entertainment%20News%20%7C%20Just%20Jared&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAAC~&jid=286231654&gjid=173339607&cid=2019856573.1623284551&tid=UA-123718506-11&_gid=632642634.1623284551&_r=1&_slc=1&z=161537061
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://www.justjared.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
geoip.insticator.com/json/ Frame EAC2 		229 B
415 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.insticator.com/json/
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/0eb717a5-edb3-4ba3-8a50-e9f78184d544.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.185.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
7bef61f69be3c640d404e119c56ba80044049b57343bd73ee855bd013c33c642

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
http://www.justjared.com
date
Thu, 10 Jun 2021 00:22:36 GMT
access-control-allow-credentials
true
x-database-date
Wed, 09 Jun 2021 21:14:14 GMT
content-length
229
vary
Origin
content-type
application/json
event
event.insticator.com/v1/ Frame EAC2 		0
121 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_embed-loaded
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/0eb717a5-edb3-4ba3-8a50-e9f78184d544.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.185.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
http://www.justjared.com
date
Thu, 10 Jun 2021 00:22:35 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
logo-insticator-light-opt.png
df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/ Frame EAC2 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/logo-insticator-light-opt.png
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218c:be00:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b943ac9eb37bac5937d3fdec8a4295e7e330f8c1ff4b481fb2810d3ae4bca8dd

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
LybvWmHpQaY5Dv6QaV2YBIQ2Sd9s.sSg
via
1.1 dcff20cbe7f6611a8c32722d5b502d44.cloudfront.net (CloudFront)
last-modified
Fri, 23 Oct 2020 18:52:01 GMT
server
AmazonS3
age
39748
etag
"b5cc01468ea9b242e6354798d28874df"
x-cache
Hit from cloudfront
content-type
image/png
date
Wed, 09 Jun 2021 13:20:08 GMT
x-amz-cf-pop
CDG50-P1
accept-ranges
bytes
content-length
2129
x-amz-cf-id
DciAFVLn5-3BKqDZnDWDfpJ9WhkM-PaGX3-ZKnhPY111T3TQ_N9z3g==
icon-check.png
df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/ Frame EAC2 		649 B
1008 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/icon-check.png
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218c:be00:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
151c4c52c25dd28c33321aaaeabe879c4814087d4eaf7545d93f5d81d4d1c4f3

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
hmsI6iaZVJVbWmWfdDEj8IUq8AjvoEjw
via
1.1 dcff20cbe7f6611a8c32722d5b502d44.cloudfront.net (CloudFront)
last-modified
Fri, 04 May 2018 18:57:56 GMT
server
AmazonS3
age
37037
etag
"b673377b664a0b33454c267d911fcfc1"
x-cache
Hit from cloudfront
content-type
image/png
date
Wed, 09 Jun 2021 14:05:19 GMT
x-amz-cf-pop
CDG50-P1
accept-ranges
bytes
content-length
649
x-amz-cf-id
ZmeU1tLA2jBF99vNwsGeoexQEYIN48OQqBQSMi06FzK7sku6qi7VHA==
graphic-ooc-opt.png
df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/ Frame EAC2 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/graphic-ooc-opt.png
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218c:be00:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
695ce10188e5306fcbf679b7cc125b6eac681d124a85a5908bbd8d0079a47e9a

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
GZ0IFDbK8RIsE9458iK2I_SZ3u3QhPXn
via
1.1 dcff20cbe7f6611a8c32722d5b502d44.cloudfront.net (CloudFront)
last-modified
Fri, 23 Oct 2020 18:52:01 GMT
server
AmazonS3
age
39146
etag
"3b5c1361f893cc23b07c2f3cc48cee32"
x-cache
Hit from cloudfront
content-type
image/png
date
Wed, 09 Jun 2021 13:30:10 GMT
x-amz-cf-pop
CDG50-P1
accept-ranges
bytes
content-length
4833
x-amz-cf-id
cbNLbEIH7sOryrbW9y8UiyGU4QIDP5PwLvhY4a-kukZ7dbEmT3iLIQ==
new
g2.gumgum.com/assets/ 		235 B
541 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/assets/new?assets=%7B%22v%22%3A%221.1%22%2C%22pv%22%3A%22780445db-dceb-4033-8860-91a57133dbdc%22%2C%22r%22%3A%223.82.11%22%2C%22t%22%3A%22jstjared%22%2C%22rf%22%3A%22%22%2C%22fs%22%3Afalse%2C%22ce%22%3Atrue%2C%22p%22%3A%22http%3A%2F%2Fwww.justjared.com%2F%22%2C%22a%22%3A%5B%7B%22i%22%3A1%2C%22u%22%3A%22http%3A%2F%2Fcdn02.cdn.justjared.com%2Fwp-content%2Fuploads%2Fheadlines%2F2021%2F06%2Flittle-big-town-step-out-for-the-cmt-awards.jpg%22%2C%22w%22%3A300%2C%22h%22%3A300%2C%22x%22%3A324%2C%22y%22%3A594%2C%22lt%22%3A%22none%22%2C%22af%22%3Atrue%2C%22prefetch%22%3Atrue%2C%22ia%22%3A%22Little%20Big%20Town%20Hits%20the%20Red%20Carpet%20at%20CMT%20Music%20Awards%202021%22%7D%5D%2C%22ac%22%3A%7B%7D%2C%22vp%22%3A%7B%22ii%22%3Afalse%2C%22w%22%3A1600%2C%22h%22%3A1200%7D%2C%22sc%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22d%22%3A1%7D%2C%22tr%22%3A0.4%2C%22ogu%22%3A%22http%3A%2F%2Fwww.justjared.com%22%7D&bf=9817fedb5be462d49a60039995f085b2f602fcc6&lt=1623284555340&to=-120&gdprApplies=0&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A2%2C%22ren%22%3A2%2C%22fc%22%3A0%2C%22ctx%22%3A%5B2%5D%2C%22jsv%22%3A%223.82.11%22%2C%22pbv%22%3A%220.0.0%22%7D&ns=10035
Requested by
Host: js.gumgum.com
URL: https://js.gumgum.com/services.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
3ba5427a680a411847777c424d62ced3acccd3444cc24cf4427ed1b55b08b36c

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 10 Jun 2021 00:22:35 GMT
content-encoding
gzip
server
nginx
etag
W/"08a09bf3638133b80963d515874ac4825"
p3p
CP="This is not a P3P policy"
access-control-allow-origin
http://www.justjared.com
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
new
g2.gumgum.com/assets/ 		235 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/assets/new?assets=%7B%22v%22%3A%221.1%22%2C%22pv%22%3A%22780445db-dceb-4033-8860-91a57133dbdc%22%2C%22r%22%3A%223.82.11%22%2C%22t%22%3A%22jstjared%22%2C%22rf%22%3A%22%22%2C%22fs%22%3Afalse%2C%22ce%22%3Atrue%2C%22p%22%3A%22http%3A%2F%2Fwww.justjared.com%2F%22%2C%22a%22%3A%5B%7B%22i%22%3A2%2C%22u%22%3A%22http%3A%2F%2Fcdn01.cdn.justjared.com%2Fwp-content%2Fuploads%2Fheadlines%2F2021%2F06%2Fmickey-guyton-gladys-knight-cmt-awards-red-carpet.jpg%22%2C%22w%22%3A300%2C%22h%22%3A300%2C%22x%22%3A324%2C%22y%22%3A2236%2C%22lt%22%3A%22none%22%2C%22af%22%3Afalse%2C%22prefetch%22%3Atrue%2C%22ia%22%3A%22Mickey%20Guyton%20Lights%20Up%20CMT%20Awards%202021%20Red%20Carpet%20With%20Gladys%20Knight%22%7D%5D%2C%22ac%22%3A%7B%7D%2C%22vp%22%3A%7B%22ii%22%3Afalse%2C%22w%22%3A1600%2C%22h%22%3A1200%7D%2C%22sc%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22d%22%3A1%7D%2C%22tr%22%3A0.4%2C%22ogu%22%3A%22http%3A%2F%2Fwww.justjared.com%22%7D&bf=9817fedb5be462d49a60039995f085b2f602fcc6&lt=1623284555341&to=-120&gdprApplies=0&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A2%2C%22ren%22%3A2%2C%22fc%22%3A0%2C%22ctx%22%3A%5B2%5D%2C%22jsv%22%3A%223.82.11%22%2C%22pbv%22%3A%220.0.0%22%7D&ns=10035
Requested by
Host: js.gumgum.com
URL: https://js.gumgum.com/services.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
0deed1eabc971c7f3736e1c893fff7f5a74d77e54afce1e63265d8fe692faee0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 10 Jun 2021 00:22:35 GMT
content-encoding
gzip
server
nginx
etag
W/"0619dc14c7a08daeb0e1626b382d17164"
p3p
CP="This is not a P3P policy"
access-control-allow-origin
http://www.justjared.com
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
p
sb.scorecardresearch.com/ 		64 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=8&c2=15039634&c3=1&c4=jstjared&c7=http%3A%2F%2Fwww.justjared.com%2F&c8=Celebrity%20Gossip%20and%20Entertainment%20News%20%7C%20Just%20Jared&c9=&cv=2.0&cj=1&ns__t=1623284555337
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.174.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-174-113.cdg50.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:36 GMT
via
1.1 3927bf0011a2eb853e62f4b12f7ba87f.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-P2
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
leW-wpBLIdm9dF1Ql_YNoJIJuakSeuQ35Ac8wIDUMReFbz-7c0mI-w==
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-123718506-11&cid=2019856573.1623284551&jid=286231654&gjid=173339607&_gid=632642634.1623284551&_u=aEDAAUABAAAAAC~&z=2023712455
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 10 Jun 2021 00:22:35 GMT
content-type
text/plain
access-control-allow-origin
http://www.justjared.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
insticator
prebid.technoratimedia.com/openrtb/bids/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid.technoratimedia.com/openrtb/bids/insticator?src=prebid_prebid_3.27.1
Protocol
H2
Server
150.136.25.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
http://www.justjared.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Thu, 10 Jun 2021 00:22:42 GMT
access-control-allow-headers
content-type
access-control-allow-origin
http://www.justjared.com
access-control-allow-credentials
true
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
7704357
age
0
via
1.1 varnish
translator
hbopenbid.pubmatic.com/ 		0
117 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instBid-3.27.1-no-userID.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://www.justjared.com
date
Thu, 10 Jun 2021 00:22:35 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		248 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instBid-3.27.1-no-userID.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
230f68ea264e64019c582d4e9f21195606ef0e5fe2f55bda216d75d368a2851d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:37 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.46:80
AN-X-Request-Uuid
a94f4656-fe2f-4d37-8770-9d3eb397fa88
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://www.justjared.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
248
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		349 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17062&site_id=153530&zone_id=729094%3B771342&size_id=15&rp_schain=1.0,1!insticator.com,bd45a367-d5fa-4207-9aec-1acba8ec52eb,1,,,&rf=http%3A%2F%2Fwww.justjared.com%2F&tk_flint=pbjs_lite_v3.27.1&x_source.tid=5fa94e08-7414-418a-aa1e-b8b5063facc6%3B108251b0-b1ab-4e86-8e4f-a1b0c98e7457&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=2&rand=0.8855223210573759
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instBid-3.27.1-no-userID.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.31 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
1fbe70181b89fe91061faebdb0e6be654cb398642e859c006e6642b27ca24905

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:35 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
http://www.justjared.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
349
Expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
dmx.districtm.io/b/ 		0
0
prebid
ib.adnxs.com/ut/v3/ 		19 B
876 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instBid-3.27.1-no-userID.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:37 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.123:80
AN-X-Request-Uuid
7c123982-c670-467d-962f-bdb63563916a
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://www.justjared.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
insticator
prebid.technoratimedia.com/openrtb/bids/ 		0
0
cygnus
htlb.casalemedia.com/ 		0
0
trinity.json
apex.go.sonobi.com/ 		543 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22234a0fe8ebb1923%22%3A%2259426f787ebe1e9e70c9%7C300x250%22%2C%22241db2bc2ad835f%22%3A%2285a034148190101f18fb%7C300x250%22%7D&ref=http%3A%2F%2Fwww.justjared.com%2F&s=7401c95f-0583-4dd2-a43d-a43d10c38f0f&pv=2895c0ef-7676-478b-b89b-d563cc394caa&vp=desktop&lib_name=prebid&lib_v=3.27.1&us=3&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22insticator.com%22%2C%22sid%22%3A%22bd45a367-d5fa-4207-9aec-1acba8ec52eb%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instBid-3.27.1-no-userID.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
e1e18913c0bfd43458de7afbc1e1b5dad05ceb719f831c5e6b01352c1a753fe1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:36 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-132
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
http://www.justjared.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
376
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
arj
insticator-d.openx.net/w/1.0/ 		173 B
418 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://insticator-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Fwww.justjared.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.2&dddid=da0a3162-10d0-46a3-af82-3c14dddc5d29%2C3e9e5da4-2900-4397-be1f-dfa47a800b96&nocache=1623284555383&schain=1.0%2C1!insticator.com%2Cbd45a367-d5fa-4207-9aec-1acba8ec52eb%2C1%2C%2C%2C&aus=300x250%7C300x250&divIds=div-insticator-ad-1%2Cdiv-insticator-ad-2&auid=540836002%2C540836002
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instBid-3.27.1-no-userID.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.208.0 /
Resource Hash
b4945da99b055e70afdb05fb9a3aa304058fda95b7998a1934c35dea4171419e

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:35 GMT
content-encoding
gzip
server
OXGW/16.208.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
http://www.justjared.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
876 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instBid-3.27.1-no-userID.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:37 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.222.228:80
AN-X-Request-Uuid
56423a04-982e-4c98-a4b3-03aa3c9e031a
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://www.justjared.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
header
hb.aralego.com/ 		0
0
header
hb.aralego.com/ 		0
0
hb
ssc.33across.com/api/v1/ 		0
0
hb
ssc.33across.com/api/v1/ 		0
0
/
hb.emxdgt.com/ 		0
0
imp
g2.gumgum.com/hbid/ 		437 B
702 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=18035&pi=3&schain=1.0%2C1!insticator.com%2Cbd45a367-d5fa-4207-9aec-1acba8ec52eb%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=http%3A%2F%2Fwww.justjared.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%223.27.1%22%7D&ogu=http%3A%2F%2Fwww.justjared.com&ns=10035
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instBid-3.27.1-no-userID.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cc0cf471d51fc2e0718ac3d31ab0c1d87aef59b57a6ac44859a2e8cd393ded28

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:35 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
http://www.justjared.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
imp
g2.gumgum.com/hbid/ 		437 B
702 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=18036&pi=3&schain=1.0%2C1!insticator.com%2Cbd45a367-d5fa-4207-9aec-1acba8ec52eb%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=http%3A%2F%2Fwww.justjared.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%223.27.1%22%7D&ogu=http%3A%2F%2Fwww.justjared.com&ns=10035
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instBid-3.27.1-no-userID.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6d0198699889967159b2072c7d455ce65720f2443d5bf5b4a95483792c75cbf8

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:35 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
http://www.justjared.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
mvo
tag.1rx.io/rmp/213651/0/ 		0
0
bid
c.amazon-adsystem.com/e/dtb/ 		138 B
516 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fwww.justjared.com%2F&pid=Noctodig35rQd&cb=4&ws=1600x1200&v=7.66.00&t=3000&slots=%5B%7B%22sd%22%3A%226%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F27794161%2Fjustjared.com_Web_300x250_1%22%7D%2C%7B%22sd%22%3A%227%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F27794161%2Fjustjared.com_Web_300x250_2%22%7D%5D&cfgv=0&schain=1.0%2C1!insticator.com%2Cbd45a367-d5fa-4207-9aec-1acba8ec52eb%2C1%2C%2C%2C&pubid=70fb13d1-ab65-42ac-a7ca-0b4e680d5c92&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.200.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-200-121.cdg50.r.cloudfront.net
Software
Server /
Resource Hash
78642e87f45f1ada5ef49b6a4b15991a30469af14dd93d4948bc6d1bf2d249bf

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:37 GMT
content-encoding
gzip
server
Server
x-amz-cf-pop
CDG50-P2
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
http://www.justjared.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
139
via
1.1 31a1ed822e5cb0d9c8c86a015f42b7bf.cloudfront.net (CloudFront)
x-amz-cf-id
JO8_d-4sNYyWbSASj7Z8lu2NwQy11OJ7hXOzzrtvc7i5kXpf9o3NYA==
pixel.gif
dh014lg6uwepv.cloudfront.net/ 		35 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dh014lg6uwepv.cloudfront.net/pixel.gif?timestamp=1623284555358&site_uuid=2cdf4c71-ad6c-487e-b43a-8f1af912284a&hostname=www.justjared.com&ad_unit=justjared.com_Web_300x250_1&impression_type=il&device=desktop&country_code=UNKNOWN
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:6c00:1a:5302:20c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:36 GMT
via
1.1 d55780b776b171387055eca956ae29a9.cloudfront.net (CloudFront)
last-modified
Tue, 10 Sep 2019 16:08:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"28d6814f309ea289f847c69cf91194c6"
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
35
x-amz-cf-id
dlZ5PW-FcIIjI1ny_wYmg_vEngWFj8O2ucYEeYDnEGwiTvr1KWYTrQ==
pixel.gif
dh014lg6uwepv.cloudfront.net/ 		35 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dh014lg6uwepv.cloudfront.net/pixel.gif?timestamp=1623284555358&site_uuid=2cdf4c71-ad6c-487e-b43a-8f1af912284a&hostname=www.justjared.com&ad_unit=justjared.com_Web_300x250_2&impression_type=il&device=desktop&country_code=UNKNOWN
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:6c00:1a:5302:20c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:36 GMT
via
1.1 d55780b776b171387055eca956ae29a9.cloudfront.net (CloudFront)
last-modified
Tue, 10 Sep 2019 16:08:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"28d6814f309ea289f847c69cf91194c6"
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
35
x-amz-cf-id
ngCwLyn5o0vCqRILgGagJvDUl_pD-1DhbQ0I-M00Ult4Di9jNaUl7A==
QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v9/ Frame EAC2 		54 KB
55 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v9/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Work+Sans:400,500,600,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a4918ffe64106f49bc51cc7105702b64ddeb8a72bd89e5b2d242e7682b7d691
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://www.justjared.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 08:02:36 GMT
x-content-type-options
nosniff
age
145199
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55340
x-xss-protection
0
last-modified
Thu, 28 Jan 2021 21:40:26 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jun 2022 08:02:36 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-123718506-11&cid=2019856573.1623284551&jid=286231654&_u=aEDAAUABAAAAAC~&z=554423719
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-123718506-11&cid=2019856573.1623284551&jid=286231654&_u=aEDAAUABAAAAAC~&z=554423719
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
quant.js
edge.quantserve.com/ Frame D737 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://edge.quantserve.com/quant.js
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:35 GMT
Content-Encoding
gzip
Etag
"WhyxmPkT7L77qVDcrjxwGw=="
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
private, max-age=604800
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Accept-Ranges
bytes
Expires
Thu, 17 Jun 2021 00:22:35 GMT
logging
ie-lb.gumgum.com/assets/imp/ 		35 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ie-lb.gumgum.com/assets/imp/logging?reqId=848cb236-44d7-41cb-8be7-25ce23c821ad&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A2%2C%22ren%22%3A2%2C%22fc%22%3A0%2C%22ctx%22%3A%5B2%5D%2C%22jsv%22%3A%223.82.11%22%2C%22pbv%22%3A%220.0.0%22%7D&ns=10035
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:35 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0
rules-p-00TsOkvHvnsZU.js
rules.quantcount.com/ Frame D737
Redirect Chain
  • http://rules.quantcount.com/rules-p-00TsOkvHvnsZU.js
  • https://rules.quantcount.com/rules-p-00TsOkvHvnsZU.js
3 B
426 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-00TsOkvHvnsZU.js
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218d:600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 21:36:47 GMT
via
1.1 24e6529ea30fbe719bde2164c1fe9238.cloudfront.net (CloudFront)
age
9949
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
3
last-modified
Sat, 04 Mar 2017 19:30:30 GMT
server
AmazonS3
etag
"8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
CDG50-P2
accept-ranges
bytes
x-amz-cf-id
snlmRMi1ltPCbN0mmZPbH-MnUKJLSYeRlV9m350bmWtz9AwuI3iNGg==

Redirect headers

Date
Thu, 10 Jun 2021 00:22:35 GMT
Via
1.1 f4582372b9151740be645b6db921848f.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
CDG50-P2
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://rules.quantcount.com/rules-p-00TsOkvHvnsZU.js
Connection
keep-alive
Content-Length
183
X-Amz-Cf-Id
5nkHFfp5NrIeuchlo2UmtCjiYzg_36-0P-c2P7Wmd5mte08Bua5BgQ==
ibs:dpid=483047&dpuuid=ID5-ZHMO07tTqx4uh3NMXsYgMN1YKtDBm4Za5JEsHI6akw&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F349%2F1%2F9.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr...
dpm.demdex.net/
Redirect Chain
  • https://id5-sync.com/s/441/9.gif?puid=e_9cfc47e5-d880-4d32-b76a-dcf8c5c95563&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/441/441/9/1.gif?puid=e_9cfc47e5-d880-4d32-b76a-dcf8c5c95563&gdpr=1&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO07tTqx4uh3NMXsYgMN1YKtDBm4Za5JEsHI6akw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F8%2F2.gif%3Fpuid%3D...
  • https://id5-sync.com/cq/441/124/8/2.gif?puid=f0c200a6-600f-4ea8-afec-d51b7d80d7a2&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/7/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/7/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/441/19/7/3.gif?puid=e531f6244b4306da9a81f2b632d62d5c&gdpr=1&gdpr_consent=
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F101%2F6%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F101%2F6%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/441/101/6/4.gif?puid=ae96d8df-dd82-41a7-9c09-d368d40f5de2&gdpr=1&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F5%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_con...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F5%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gd...
  • https://id5-sync.com/c/441/108/5/5.gif?puid=d9b2ee22-bd4e-44cc-8d37-5bb8ea643263&gdpr=1&gdpr_consent=
  • https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F4%2F6.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F4%2F6.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/441/146/4/6.gif?puid=0b002104-6c20-4d93-a3fa-bf91feb3dacd&gdpr=1&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=463291&dpuuid=ID5-ZHMO07tTqx4uh3NMXsYgMN1YKtDBm4Za5JEsHI6akw&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F160%2F3%2F7.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr...
  • https://id5-sync.com/c/441/160/3/7.gif?puid=64758246895708994823274547570088186167&gdpr=1&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=494279&dpuuid=ID5-ZHMO07tTqx4uh3NMXsYgMN1YKtDBm4Za5JEsHI6akw&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F340%2F2%2F8.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr...
  • https://id5-sync.com/c/441/340/2/8.gif?puid=64758246895708994823274547570088186167&gdpr=1&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=483047&dpuuid=ID5-ZHMO07tTqx4uh3NMXsYgMN1YKtDBm4Za5JEsHI6akw&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F349%2F1%2F9.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr...
0
0
integrator.js
adservice.google.ch/adsid/ Frame C77F 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ch/adsid/integrator.js?domain=www.justjared.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 10 Jun 2021 00:22:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame C77F 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.justjared.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 10 Jun 2021 00:22:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame C77F 		66 KB
23 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2993960314587184&correlator=4148843554533371&output=ldjh&impl=fif&eid=31060784%2C31061040%2C31061357%2C31061004%2C31061149&vrg=2021060301&ptt=17&gdpr=0&addtl_consent=1~&sc=0&sfv=1-0-38&ecs=20210610&iu_parts=21854935662%2CJustJared_ROS_300xFlex_TF_Passback&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1%7C300x600%7C336x280%7C160x600%7C300x250&eri=4&cookie=ID%3Dfb18708d144b5179%3AT%3D1623284552%3AS%3DALNI_MZsEEPtn-39LZN61dLhDS_dE-1nMw&cdm=www.justjared.com&bc=23&abxe=1&dt=1623284555499&dlt=1623284554363&idt=623&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=600&oid=3&adxs=1130&adys=1275&adks=3793563704&ucis=i5ew6mstr43y&ifi=1&ifk=224420473&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=justjared.com&loc=http%3A%2F%2Fwww.justjared.com%2F&top=www.justjared.com&vis=1&scr_x=0&scr_y=0&psz=300x1&msz=300x1&ga_vid=2019856573.1623284551&ga_sid=1623284556&ga_hid=2110308909&ga_fc=true&fws=256&ohw=0&btvi=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
0d99e1e91e57c018b5bd96d7b049f15b275dfb4edd1476098f062adfd00dc32f
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4820968453026349056/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4820968453026349056/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CI2atprmi_ECFSDCEQgddCICQw&gqi=&layout=/sadbundle/%24csp%253Der3%24/4820968453026349056/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4820968453026349056/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4820968453026349056/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CI2atprmi_ECFSDCEQgddCICQw&gqi=&layout=/sadbundle/%24csp%253Der3%24/4820968453026349056/index.html
content-encoding
br
x-content-type-options
nosniff
google-creative-id
-1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23228
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
date
Thu, 10 Jun 2021 00:22:35 GMT
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://www.justjared.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
aa5208257b043a118cd885646456b3fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C77F 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://aa5208257b043a118cd885646456b3fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
event
event.insticator.com/v1/ 		0
121 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: http://d3lcz8vpax4lo2.cloudfront.net/header-tags/2cdf4c71-ad6c-487e-b43a-8f1af912284a/0d973e93-712c-4a2e-965d-e8d79c298b38.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.185.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Allow-Origin
*
Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/json

Response headers

access-control-allow-origin
http://www.justjared.com
date
Thu, 10 Jun 2021 00:22:35 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
event
event.insticator.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Protocol
H2
Server
3.216.185.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
access-control-allow-origin,content-type
Origin
http://www.justjared.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 10 Jun 2021 00:22:35 GMT
content-length
0
vary
Origin
access-control-max-age
3600
access-control-allow-origin
http://www.justjared.com
access-control-allow-headers
access-control-allow-origin,content-type
access-control-allow-methods
POST
access-control-allow-credentials
true
activeview
pagead2.googlesyndication.com/pcs/ Frame 758E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss66bvv2l_1BIAyYFiUQYlvsMw2-kQzoYiOcZQTIpZ8kf3CoGFnxaTZYJQRItgTm3WNQ6X03jlL33hPIRYFIMAJ0rWN-W6FpJ873A6cC38&sig=Cg0ArKJSzC42gAIS5B34EAE&id=lidar2&mcvt=1001&p=503,980,775,1280&mtos=0,1001,1001,1001,1001&tos=0,1001,0,0,0&v=20210607&bin=7&avms=nio&bs=1600,1200&mc=0.92&app=0&itpl=19&adk=3019536337&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&eosm=0&rst=1623284553320&dlt=0&rpt=1269&isd=0&msd=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
a.tribalfusion.com/cdn-cgi/ Frame DF73 		0
480 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://a.tribalfusion.com/cdn-cgi/rum?req_id=65ce722f38dad6b5
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js
Protocol
HTTP/1.1
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://a.tribalfusion.com/p.media?clickID=atmTw7UVMT2FunmHAMYT6w4drEPsBA2AnHoteNTWJ60bn7YFBe1qiMSbrDWb3PVHJ4obYnPFbNYaZbN5EZbi2aYYmajEYbfhWWM0nmfZcpGUqmHnJ3a3e3Wet4mvZbprvEXVMYYsFTXVjupTb42rQQTrjBUAnXQTQ4PsnoPdUOYt7uVmbu4srUXrMJTm2o5mZb7R6BH4HBr0dMKmWiv5ABY3sjgVcUIWU7YmAmwed&mediaDataID=2713736&mediaName=frame.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json

Response headers

Date
Thu, 10 Jun 2021 00:22:35 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cloudflare
X-Frame-Options
DENY
access-control-allow-methods
POST,OPTIONS
Content-Type
text/plain
access-control-allow-origin
http://a.tribalfusion.com
access-control-max-age
86400
Transfer-Encoding
chunked
Connection
keep-alive
access-control-allow-credentials
true
CF-RAY
65ce7239a8c72b12-FRA
vary
Origin
rum
a.tribalfusion.com/cdn-cgi/ Frame B33F 		0
480 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://a.tribalfusion.com/cdn-cgi/rum?req_id=65ce722e28b0175e
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js
Protocol
HTTP/1.1
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://a.tribalfusion.com/p.media?clickID=aomTw7T6Mu4sY3XUrZcU66p2PrbPmjD3HrO0HnCndEv36YV5cr7UsQjVcBiP6YnUWFTWbr03rZauWTbxVEQdSTvZcScBZcPbExRH7kVcbP2FTrodiOXqXw3HMFPsrH2mUHotZaOTHQf0rMd1UF91E6mPUUCWUQ5WdMXnbjqQFrq1E3y5EUl2aURnEBAXUf6TdMQoAUZapVjmotUD2qMg3WmN3AvGprv7Xrr7tqmH7N&mediaDataID=5436426&mediaName=frame.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json

Response headers

Date
Thu, 10 Jun 2021 00:22:35 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cloudflare
X-Frame-Options
DENY
access-control-allow-methods
POST,OPTIONS
Content-Type
text/plain
access-control-allow-origin
http://a.tribalfusion.com
access-control-max-age
86400
Transfer-Encoding
chunked
Connection
keep-alive
access-control-allow-credentials
true
CF-RAY
65ce723a697e2b12-FRA
vary
Origin
container.html
aa5208257b043a118cd885646456b3fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DDEA 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aa5208257b043a118cd885646456b3fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
aa5208257b043a118cd885646456b3fa.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.justjared.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.justjared.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Thu, 10 Jun 2021 00:22:35 GMT
expires
Fri, 10 Jun 2022 00:22:35 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ Frame C77F 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d8c7ce12428be733a9213b2fecae66db6950a933c276d68bf7c8271829a627d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:35 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1623066164336645"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28149
x-xss-protection
0
expires
Thu, 10 Jun 2021 00:22:35 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame C77F 		10 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021060301&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86dac89d5c5493cd385a462d6f46bda95fe9173e2e00d3b1218de845a6671979
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 10 Jun 2021 00:22:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7861
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame C77F 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1622653785071769"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Thu, 10 Jun 2021 00:22:36 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4820968453026349056/ Frame 65C8 		115 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4820968453026349056/index.html
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85a703d2d88ceb5a803c601ad8e596579f6864ef5dfc526f196db0f0c5a3b239
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/4820968453026349056/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://aa5208257b043a118cd885646456b3fa.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://aa5208257b043a118cd885646456b3fa.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
date
Tue, 08 Jun 2021 18:19:55 GMT
expires
Wed, 08 Jun 2022 18:19:55 GMT
last-modified
Thu, 18 Feb 2021 15:56:11 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
content-length
25668
age
108161
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
securepubads.g.doubleclick.net/pagead/ Frame DDEA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CEetJS1vBYM3IIaCEx_AP9MSImAT52-OWY6XAp4ekDeSsva-xHBABIPGD13pg9ZXOgeAEoAHp9Iu_A8gBCakC64f2hb9utD7gAgCoAwHIAwKqBM0BT9DLqpt0wL1afE3fSOewvZFqVOtMPVwZshTMN-zsLcXgNxu_Rk1JhoNA_1BW8HcXNmF5iwI4W8BAmI1t3EP_tI8J49Ybu0maezENwxXvMa5xXSjjI-nmed2zdmQzT6uvaE11OLBAs-nFRP27POCCAaTXqgaug68DW8BV_FarfGaeOx0MBuY3ZF0auQKNnIhqd5v1_CelRpaFZUOEMajPEsN-8-LfRxzYM9n5cYanwHQo7n20wD2a8zEWY60h3m-dur4kxglmSpb4OiZ2EMAEhZf4-JoD4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBl2AB8Wlg0KoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQtZUK0ggHCIBhEAEYHfIIG2FkeC1zdWJzeW4tMjU2MTE4ODY4ODE2MzEyN4AKA8gLAdgTDYgUAtAVAYAXAbIXGgoYCAASFHB1Yi0xNDkzNzk5NjM4NjU2MDE3&sigh=ta-T7md65OE
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://aa5208257b043a118cd885646456b3fa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
s
googleads.g.doubleclick.net/pagead/drt/ Frame 1FD9 		143 B
430 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: aa5208257b043a118cd885646456b3fa.safeframe.googlesyndication.com
URL: https://aa5208257b043a118cd885646456b3fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://aa5208257b043a118cd885646456b3fa.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUk4kEGu2OYu93Z5ONX81IRXI5F4LFxAu_XJxc3kdx-iXvVo-qS36NwlGQzj5ws
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://aa5208257b043a118cd885646456b3fa.safeframe.googlesyndication.com/

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 09 Jun 2021 23:45:08 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2248
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame DDEA 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/window_focus_fy2019.js
Requested by
Host: aa5208257b043a118cd885646456b3fa.safeframe.googlesyndication.com
URL: https://aa5208257b043a118cd885646456b3fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://aa5208257b043a118cd885646456b3fa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:02:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1194
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1316
x-xss-protection
0
server
cafe
etag
797314601362473214
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 24 Jun 2021 00:02:42 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DDEA 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: aa5208257b043a118cd885646456b3fa.safeframe.googlesyndication.com
URL: https://aa5208257b043a118cd885646456b3fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2f28c37beb838d695f95710805308cfe7f1fcc286bd744ab0184a23a10d5a4ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://aa5208257b043a118cd885646456b3fa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:36 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1623066169988846"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37960
x-xss-protection
0
expires
Thu, 10 Jun 2021 00:22:36 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame DDEA 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: aa5208257b043a118cd885646456b3fa.safeframe.googlesyndication.com
URL: https://aa5208257b043a118cd885646456b3fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a677da8f32851941b090ee6e9294757cba154033200b20231b2a4ca7f62a820
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://aa5208257b043a118cd885646456b3fa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:19:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
209
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5644
x-xss-protection
0
server
cafe
etag
16788636151609896382
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 24 Jun 2021 00:19:07 GMT
rum
a.tribalfusion.com/cdn-cgi/ Frame FD4F 		0
480 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://a.tribalfusion.com/cdn-cgi/rum?req_id=65ce722e2e5b4a56
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js
Protocol
HTTP/1.1
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://a.tribalfusion.com/p.media?clickID=apmTw7oTbD1rZb9UdJSnAQIpGUupt7C3Tr73dAy5A7ZbprMLXVnQXs3V1GFOpab33bFUTUvEWPnTPajSQsUrStjN1HfqVmYn3GBWYbZbZaVmXq2PUeQP7G2Wvm1dBLpdAo5mU05cjeVs3aUc78SmQOWWYRWrj22retVaQsWEJbSTYFSGQJRrZavSdjdVVYR5b6oodIo0aav2WYFPsFH4PJHmdXyVWZbZcXVrUt12ZatH&mediaDataID=6807466&mediaName=frame.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json

Response headers

Date
Thu, 10 Jun 2021 00:22:36 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cloudflare
X-Frame-Options
DENY
access-control-allow-methods
POST,OPTIONS
Content-Type
text/plain
access-control-allow-origin
http://a.tribalfusion.com
access-control-max-age
86400
Transfer-Encoding
chunked
Connection
keep-alive
access-control-allow-credentials
true
CF-RAY
65ce723b2a972b12-FRA
vary
Origin
runner.html
tpc.googlesyndication.com/sodar/sodar2/223/ Frame 5905 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/223/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.justjared.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.justjared.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Thu, 10 Jun 2021 00:01:26 GMT
expires
Fri, 10 Jun 2022 00:01:26 GMT
last-modified
Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1270
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 7540 		783 B
530 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f8350f4c9ccb46bc9d58bf293fbba224ad4da056c1b6cdc13b9128b8558658e5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-FuhXQn1/qHXhiuuHs3s0ag' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.justjared.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.justjared.com/

Response headers

expires
Thu, 10 Jun 2021 00:22:36 GMT
date
Thu, 10 Jun 2021 00:22:36 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-FuhXQn1/qHXhiuuHs3s0ag' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
511
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
css
fonts.googleapis.com/ Frame 65C8 		6 KB
695 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:regular,700,600
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4820968453026349056/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ae62dd075f4359b389158ec0ce732971da832938b5d630a24eb2e89111b00e1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 09 Jun 2021 22:28:57 GMT
server
ESF
date
Thu, 10 Jun 2021 00:22:36 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 10 Jun 2021 00:22:36 GMT
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 65C8 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4820968453026349056/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 11:33:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46118
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5866
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Thu, 10 Jun 2021 11:33:58 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 65C8 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4820968453026349056/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 22:25:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6997
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Thu, 10 Jun 2021 22:25:59 GMT
truncated
/ Frame DDEA 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
350c605abf46fc8368cc3ad01f4059f624cffe7e6cc0aa30387016d3505c4724

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ Frame 65C8 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:regular,700,600
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
null
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 14:30:13 GMT
x-content-type-options
nosniff
age
121943
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16112
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:10:09 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jun 2022 14:30:13 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ Frame 65C8 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:regular,700,600
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24f7e397faec79e62c37ff2f00b170f6dc1557fb46ac169f9f1897a9d641dd03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
null
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 16:14:41 GMT
x-content-type-options
nosniff
age
115675
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15764
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:10:17 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jun 2022 16:14:41 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ Frame 65C8 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:regular,700,600
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
null
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 10:59:58 GMT
x-content-type-options
nosniff
age
134558
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15948
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:10:32 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jun 2022 10:59:58 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 1FD9
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: aa5208257b043a118cd885646456b3fa.safeframe.googlesyndication.com
URL: https://aa5208257b043a118cd885646456b3fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUk4kEGu2OYu93Z5ONX81IRXI5F4LFxAu_XJxc3kdx-iXvVo-qS36NwlGQzj5ws
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 10 Jun 2021 00:22:36 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Thu, 10-Jun-2021 01:22:36 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 10 Jun 2021 00:22:36 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 10 Jun 2021 00:22:36 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js
pagead2.googlesyndication.com/bg/ Frame 5905 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 00:21:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
86485
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5768
x-xss-protection
0
last-modified
Mon, 31 May 2021 08:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 09 Jun 2022 00:21:11 GMT
logo-ovh-cloud-white_-_Kopie_-_Kopie.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4820968453026349056/ Frame 65C8 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4820968453026349056/logo-ovh-cloud-white_-_Kopie_-_Kopie.svg
Requested by
Host: aa5208257b043a118cd885646456b3fa.safeframe.googlesyndication.com
URL: https://aa5208257b043a118cd885646456b3fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a7874b862d1faf089608da188395aac2437dfa955dbe02539d1946f8452eb75f
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
92927
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1104
x-xss-protection
0
last-modified
Thu, 18 Feb 2021 15:56:11 GMT
server
sffe
date
Tue, 08 Jun 2021 22:33:49 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jun 2022 22:33:49 GMT
eco_award_Winner_20_white.gif
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4820968453026349056/ Frame 65C8 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4820968453026349056/eco_award_Winner_20_white.gif
Requested by
Host: aa5208257b043a118cd885646456b3fa.safeframe.googlesyndication.com
URL: https://aa5208257b043a118cd885646456b3fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c53acfba50e5a03627e8be676e2eeffae2acc298353cbb0dc4d0c32317344b1c
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
113229
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8781
x-xss-protection
0
last-modified
Thu, 18 Feb 2021 15:56:11 GMT
server
sffe
date
Tue, 08 Jun 2021 16:55:27 GMT
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jun 2022 16:55:27 GMT
canada.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4820968453026349056/ Frame 65C8 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4820968453026349056/canada.png
Requested by
Host: aa5208257b043a118cd885646456b3fa.safeframe.googlesyndication.com
URL: https://aa5208257b043a118cd885646456b3fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
758620a47e0b78dafa9f84bf31bf7b5286d3ec308898ef9a84210e200e155156
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
119030
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2993
x-xss-protection
0
last-modified
Thu, 18 Feb 2021 15:56:11 GMT
server
sffe
date
Tue, 08 Jun 2021 15:18:46 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jun 2022 15:18:46 GMT
poland.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4820968453026349056/ Frame 65C8 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4820968453026349056/poland.png
Requested by
Host: aa5208257b043a118cd885646456b3fa.safeframe.googlesyndication.com
URL: https://aa5208257b043a118cd885646456b3fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0db99d9da0149da51b9b345ca059f998277fa95e8071b4a24b559926ce7b798
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
98944
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1560
x-xss-protection
0
last-modified
Thu, 18 Feb 2021 15:56:11 GMT
server
sffe
date
Tue, 08 Jun 2021 20:53:32 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jun 2022 20:53:32 GMT
uk.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4820968453026349056/ Frame 65C8 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4820968453026349056/uk.png
Requested by
Host: aa5208257b043a118cd885646456b3fa.safeframe.googlesyndication.com
URL: https://aa5208257b043a118cd885646456b3fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf691a260498d64f5fde0f039dab98349d396b6894cac32e22069bc2e7271e84
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
103342
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4634
x-xss-protection
0
last-modified
Thu, 18 Feb 2021 15:56:11 GMT
server
sffe
date
Tue, 08 Jun 2021 19:40:14 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jun 2022 19:40:14 GMT
france.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4820968453026349056/ Frame 65C8 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4820968453026349056/france.png
Requested by
Host: aa5208257b043a118cd885646456b3fa.safeframe.googlesyndication.com
URL: https://aa5208257b043a118cd885646456b3fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c80738b8c5bfd2b41093e978f4b094ee8d0d7441685ad2c44b69645dcf387a1
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
102554
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1770
x-xss-protection
0
last-modified
Thu, 18 Feb 2021 15:56:11 GMT
server
sffe
date
Tue, 08 Jun 2021 19:53:22 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jun 2022 19:53:22 GMT
germany.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4820968453026349056/ Frame 65C8 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4820968453026349056/germany.png
Requested by
Host: aa5208257b043a118cd885646456b3fa.safeframe.googlesyndication.com
URL: https://aa5208257b043a118cd885646456b3fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4557926a05164a4923ff16ce8cc7b2641f8759d34c965860e5264f81d485ee37
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
109101
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1569
x-xss-protection
0
last-modified
Thu, 18 Feb 2021 15:56:11 GMT
server
sffe
date
Tue, 08 Jun 2021 18:04:15 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jun 2022 18:04:15 GMT
SD-Advance_ads.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4820968453026349056/ Frame 65C8 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4820968453026349056/SD-Advance_ads.png
Requested by
Host: aa5208257b043a118cd885646456b3fa.safeframe.googlesyndication.com
URL: https://aa5208257b043a118cd885646456b3fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
df2740a669815549f8340f3819359ff7dd7407d6b440bb5f915bb684707059c4
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
84473
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72451
x-xss-protection
0
last-modified
Thu, 18 Feb 2021 15:56:11 GMT
server
sffe
date
Wed, 09 Jun 2021 00:54:43 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Jun 2022 00:54:43 GMT
Intel_Xeon_2020_logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4820968453026349056/ Frame 65C8 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4820968453026349056/Intel_Xeon_2020_logo.png
Requested by
Host: aa5208257b043a118cd885646456b3fa.safeframe.googlesyndication.com
URL: https://aa5208257b043a118cd885646456b3fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ad2cb250bec4215626d326c2dde6c1fe55317ff119df311b5b9a43ca96f1cab8
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
125237
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15203
x-xss-protection
0
last-modified
Thu, 18 Feb 2021 15:56:11 GMT
server
sffe
date
Tue, 08 Jun 2021 13:35:19 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jun 2022 13:35:19 GMT
truncated
/ Frame 65C8 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Intel_Xeon_2020_logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4820968453026349056/ Frame 65C8 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4820968453026349056/Intel_Xeon_2020_logo.png
Requested by
Host: aa5208257b043a118cd885646456b3fa.safeframe.googlesyndication.com
URL: https://aa5208257b043a118cd885646456b3fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ad2cb250bec4215626d326c2dde6c1fe55317ff119df311b5b9a43ca96f1cab8
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
125237
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15203
x-xss-protection
0
last-modified
Thu, 18 Feb 2021 15:56:11 GMT
server
sffe
date
Tue, 08 Jun 2021 13:35:19 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jun 2022 13:35:19 GMT
SD-Advance_ads.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4820968453026349056/ Frame 65C8 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4820968453026349056/SD-Advance_ads.png
Requested by
Host: aa5208257b043a118cd885646456b3fa.safeframe.googlesyndication.com
URL: https://aa5208257b043a118cd885646456b3fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
df2740a669815549f8340f3819359ff7dd7407d6b440bb5f915bb684707059c4
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
84473
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72451
x-xss-protection
0
last-modified
Thu, 18 Feb 2021 15:56:11 GMT
server
sffe
date
Wed, 09 Jun 2021 00:54:43 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Jun 2022 00:54:43 GMT
germany.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4820968453026349056/ Frame 65C8 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4820968453026349056/germany.png
Requested by
Host: aa5208257b043a118cd885646456b3fa.safeframe.googlesyndication.com
URL: https://aa5208257b043a118cd885646456b3fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4557926a05164a4923ff16ce8cc7b2641f8759d34c965860e5264f81d485ee37
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
109101
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1569
x-xss-protection
0
last-modified
Thu, 18 Feb 2021 15:56:11 GMT
server
sffe
date
Tue, 08 Jun 2021 18:04:15 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jun 2022 18:04:15 GMT
france.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4820968453026349056/ Frame 65C8 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4820968453026349056/france.png
Requested by
Host: aa5208257b043a118cd885646456b3fa.safeframe.googlesyndication.com
URL: https://aa5208257b043a118cd885646456b3fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c80738b8c5bfd2b41093e978f4b094ee8d0d7441685ad2c44b69645dcf387a1
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
102554
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1770
x-xss-protection
0
last-modified
Thu, 18 Feb 2021 15:56:11 GMT
server
sffe
date
Tue, 08 Jun 2021 19:53:22 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jun 2022 19:53:22 GMT
uk.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4820968453026349056/ Frame 65C8 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4820968453026349056/uk.png
Requested by
Host: aa5208257b043a118cd885646456b3fa.safeframe.googlesyndication.com
URL: https://aa5208257b043a118cd885646456b3fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf691a260498d64f5fde0f039dab98349d396b6894cac32e22069bc2e7271e84
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
103342
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4634
x-xss-protection
0
last-modified
Thu, 18 Feb 2021 15:56:11 GMT
server
sffe
date
Tue, 08 Jun 2021 19:40:14 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jun 2022 19:40:14 GMT
poland.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4820968453026349056/ Frame 65C8 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4820968453026349056/poland.png
Requested by
Host: aa5208257b043a118cd885646456b3fa.safeframe.googlesyndication.com
URL: https://aa5208257b043a118cd885646456b3fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0db99d9da0149da51b9b345ca059f998277fa95e8071b4a24b559926ce7b798
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
98944
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1560
x-xss-protection
0
last-modified
Thu, 18 Feb 2021 15:56:11 GMT
server
sffe
date
Tue, 08 Jun 2021 20:53:32 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jun 2022 20:53:32 GMT
canada.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4820968453026349056/ Frame 65C8 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4820968453026349056/canada.png
Requested by
Host: aa5208257b043a118cd885646456b3fa.safeframe.googlesyndication.com
URL: https://aa5208257b043a118cd885646456b3fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
758620a47e0b78dafa9f84bf31bf7b5286d3ec308898ef9a84210e200e155156
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
119030
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2993
x-xss-protection
0
last-modified
Thu, 18 Feb 2021 15:56:11 GMT
server
sffe
date
Tue, 08 Jun 2021 15:18:46 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jun 2022 15:18:46 GMT
eco_award_Winner_20_white.gif
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4820968453026349056/ Frame 65C8 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4820968453026349056/eco_award_Winner_20_white.gif
Requested by
Host: aa5208257b043a118cd885646456b3fa.safeframe.googlesyndication.com
URL: https://aa5208257b043a118cd885646456b3fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c53acfba50e5a03627e8be676e2eeffae2acc298353cbb0dc4d0c32317344b1c
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
113229
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8781
x-xss-protection
0
last-modified
Thu, 18 Feb 2021 15:56:11 GMT
server
sffe
date
Tue, 08 Jun 2021 16:55:27 GMT
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jun 2022 16:55:27 GMT
logo-ovh-cloud-white_-_Kopie_-_Kopie.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4820968453026349056/ Frame 65C8 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4820968453026349056/logo-ovh-cloud-white_-_Kopie_-_Kopie.svg
Requested by
Host: aa5208257b043a118cd885646456b3fa.safeframe.googlesyndication.com
URL: https://aa5208257b043a118cd885646456b3fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a7874b862d1faf089608da188395aac2437dfa955dbe02539d1946f8452eb75f
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
92927
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1104
x-xss-protection
0
last-modified
Thu, 18 Feb 2021 15:56:11 GMT
server
sffe
date
Tue, 08 Jun 2021 22:33:49 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jun 2022 22:33:49 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C77F 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gpt_2021060301&jk=2993960314587184&bg=!dXaldjLNAAY6sG-_OrA7ACkAdvg8WpzVaA5pCH2xXgL4G9GpGX0Rrdnqy0iMO43RQPBMmPm9AqbHvQIAAACNUgAAAAxoAQcKAEm7vRvAI9xbs7tqChevR2tEsIXj7f0hBto4EzAM7ABmIcRSzsyitLScXM_jXyMwyL8GFofnBbBUvliBt0uP4l-QMKLpCkm4H114mQKDtVN6-AfomEBlo_EWbVppv3YPn0NqnhyHjSpj8sj-FEgHIOzTCG9S4VbY0HkHcK1GjtZdBmB-Tf9iMmc9Nd2xC5ELkMFu2Zi0zQyNY5uSlh6I8owv2jF2hidJF3VaJDI2cWq4goJs0jCAtBmgCe9ZpFa4HnKJdllibt_O27CVNRZgQ-F64mCXlLaIBwDryKG3tmd6qwt9Mx-Kirev7a5-0AKmJoX8PXsQTJy6mlLhLM7Aw7gXctCR6gf_8rnN2cGeprSis5RZ121p3JsHt-cxWf5IIZoRZaXoRD-ScvMFe2o0vg8aW0OBtFOJYFNZ0fvDGzsPpPUu9GlSE12rbQDAW-j8ebXSuhuEtIsMoCgy5nJlHU0zFj7zBwABonB9p3phjzTfwHnqKH-1EG-ErNwPA0fAIxYo-qgQ0XZcpE67j3UBUNr0fTLNg2xPWSqpflroq4C0jqztSuqIdzKIofWtnibWz-7vn3FwlJgPBNl7MM2aGp0v0tXapWc7khmcRDC5XbBB14qjeon7dy37lnGLth6VFDX6HY-wrxdO0IK0wkLYesUaE6_DCLXzd68uAD7kv7633er8pCcmt9yBk74iwNY1WthEQtoxmqj5Am5U8s2acDI1hzo-Yl4TVyu7KJkxmcnLvWFBjLY94DCsTM9Y0ntAOgq9hTZPoShbUhzNwr8lSeYBh8sZ4_idN43y1aIA2QhJSNpU0Y8tZ4VRZIKf1X7WTsEwgH8avG4Kz87yLuvsbDPoN41DeD5_3ClpMNVB1krLvBfGCXht2UrTJuPdeCXZOzO9JTZLuMiYADW13jhGZxUvp2pY8j__v0iXGvRbt6Id2m8aXk-GImhXKQomlqvQoA
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usertracking
b2c.insticator.com/v3/pages/ Frame B5A0 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b2c.insticator.com/v3/pages/usertracking
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/0eb717a5-edb3-4ba3-8a50-e9f78184d544.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.185.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
984bca55409990098cf74adc47ed650c3d22c68900739950bd14c04c9d45f8f7

Request headers

:method
GET
:authority
b2c.insticator.com
:scheme
https
:path
/v3/pages/usertracking
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
userId=9d96c76c-59ca-226e-f5ca-b965c6bb9729
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:36 GMT
content-type
text/html; charset=UTF-8
content-length
2821
etag
49b36b9c-1d64-4b4e-b481-f90f730be2a9
vary
Accept-Encoding,Origin
pragma
max-age=3600
cache-control
max-age=3600
content-encoding
gzip
rum
a.tribalfusion.com/cdn-cgi/ Frame 52FD 		0
480 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://a.tribalfusion.com/cdn-cgi/rum?req_id=65ce72320bc44a56
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js
Protocol
HTTP/1.1
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://a.tribalfusion.com/p.media?clickID=anmTw7Rr6oPHvcWGQV5b2oodAyYTyy3W3ZdQVFZc4mQZamdApTHJdXFnkXUbjXTeNRrJEWFJYVdYWmUYvPFjs1EMt5aFe4av2oEMKXFUcWHJVoAnBmsMqpWQA2qZbg5tiN5PjFnbbG0VMS1cYV1cjypabQ5UUPWUFBVP31QTb1ScUMQdUNYtZbuWAUv4cn0YrZbKVmPt2AB8PPBA3dMq0tBApd2o363y5FnQpmFBjU&mediaDataID=6719746&mediaName=frame.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json

Response headers

Date
Thu, 10 Jun 2021 00:22:36 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cloudflare
X-Frame-Options
DENY
access-control-allow-methods
POST,OPTIONS
Content-Type
text/plain
access-control-allow-origin
http://a.tribalfusion.com
access-control-max-age
86400
Transfer-Encoding
chunked
Connection
keep-alive
access-control-allow-credentials
true
CF-RAY
65ce723f5f492b12-FRA
vary
Origin
showad.js
ads.pubmatic.com/AdServer/js/ Frame 2804 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=243001C2-55CB-49FA-8475-D0132988CDB5; KRTBCOOKIE_1051=22884-18072662182946732675; PugT=1623284556; PUBMDCID=3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=

Response headers

last-modified
Tue, 11 May 2021 05:24:02 GMT
etag
"13006b6-96ca-5c2071a26cca4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13964
content-type
text/html; charset=UTF-8
cache-control
public, max-age=39894
expires
Thu, 10 Jun 2021 11:27:30 GMT
date
Thu, 10 Jun 2021 00:22:36 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame CE47 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=243001C2-55CB-49FA-8475-D0132988CDB5; KRTBCOOKIE_1051=22884-18072662182946732675; PugT=1623284556; PUBMDCID=3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=

Response headers

last-modified
Tue, 11 May 2021 05:24:02 GMT
etag
"13006b6-96ca-5c2071a26cca4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13964
content-type
text/html; charset=UTF-8
cache-control
public, max-age=39894
expires
Thu, 10 Jun 2021 11:27:30 GMT
date
Thu, 10 Jun 2021 00:22:36 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame DCB1 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID&gdpr=0
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=243001C2-55CB-49FA-8475-D0132988CDB5; KRTBCOOKIE_1051=22884-18072662182946732675; PugT=1623284556; PUBMDCID=3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID&gdpr=0

Response headers

last-modified
Tue, 11 May 2021 05:24:02 GMT
etag
"13006b6-96ca-5c2071a26cca4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13964
content-type
text/html; charset=UTF-8
cache-control
public, max-age=39894
expires
Thu, 10 Jun 2021 11:27:30 GMT
date
Thu, 10 Jun 2021 00:22:36 GMT
vary
Accept-Encoding
headerstats
as-sec.casalemedia.com/ 		0
432 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=427822&u=http%3A%2F%2Fwww.justjared.com%2F&v=3
Requested by
Host: js-sec.indexww.com
URL: http://js-sec.indexww.com/ht/p/191040-27970744739601.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:37 GMT
X-AK-INITIAL-GEO
CC:[CH], RC:[ZH], CN:[EU], CIP:[185.156.175.107], XFF:[]
Server
Apache
Access-Control-Allow-Origin
http://www.justjared.com
X-CS-CLIENT-GEO
12
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-AK-CLIENT-GEO
12
Expires
Thu, 10 Jun 2021 00:22:37 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 2804 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=49429567&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
75f82aafde938180a887ba3ae050a79bafc336f879cde0c3a228bef1acea5c89

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:34 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
9d96c76c-59ca-226e-f5ca-b965c6bb9729
b2c.insticator.com/v1/users/points/ Frame EAC2 		12 B
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b2c.insticator.com/v1/users/points/9d96c76c-59ca-226e-f5ca-b965c6bb9729
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/0eb717a5-edb3-4ba3-8a50-e9f78184d544.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.185.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
81017b77e6b32a8df8203193353169a8871b371dde24cc129fc797af8c3488fc

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
http://www.justjared.com
date
Thu, 10 Jun 2021 00:22:36 GMT
access-control-allow-credentials
true
content-length
12
vary
Origin
content-type
application/json
contents
cms.insticator.com/v3/ Frame EAC2 		18 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cms.insticator.com/v3/contents?embed_uuid=0eb717a5-edb3-4ba3-8a50-e9f78184d544&cookie_id=9d96c76c-59ca-226e-f5ca-b965c6bb9729&content_order=ORDERED&for_embed=true&content_count=20
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/0eb717a5-edb3-4ba3-8a50-e9f78184d544.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.185.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
c074313895686b0de0ea14df05b7bacfccfe00121314213853bf9ddfadb66e85

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
http://www.justjared.com
date
Thu, 10 Jun 2021 00:22:36 GMT
access-control-allow-credentials
true
content-length
18634
vary
Origin
content-type
application/json
logo-insticator-light-opt.png
df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/ Frame EAC2 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/logo-insticator-light-opt.png
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218c:be00:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b943ac9eb37bac5937d3fdec8a4295e7e330f8c1ff4b481fb2810d3ae4bca8dd

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
LybvWmHpQaY5Dv6QaV2YBIQ2Sd9s.sSg
via
1.1 dcff20cbe7f6611a8c32722d5b502d44.cloudfront.net (CloudFront)
last-modified
Fri, 23 Oct 2020 18:52:01 GMT
server
AmazonS3
age
39749
etag
"b5cc01468ea9b242e6354798d28874df"
x-cache
Hit from cloudfront
content-type
image/png
date
Wed, 09 Jun 2021 13:20:08 GMT
x-amz-cf-pop
CDG50-P1
accept-ranges
bytes
content-length
2129
x-amz-cf-id
nwAM3DdaJOaLTpEPuCGleuZEC2kehXqGieEol6IiCpk7ZNMUgW4Otg==
QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v9/ Frame EAC2 		54 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v9/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Work+Sans:400,500,600,700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a4918ffe64106f49bc51cc7105702b64ddeb8a72bd89e5b2d242e7682b7d691
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://www.justjared.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 08:02:36 GMT
x-content-type-options
nosniff
age
145200
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55340
x-xss-protection
0
last-modified
Thu, 28 Jan 2021 21:40:26 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jun 2022 08:02:36 GMT
match
c1.adform.net/serving/cookie/ Frame 6353
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=243001C2-55CB-49FA-8475-D0132988CDB5
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=243001C2-55CB-49FA-8475-D0132988CDB5
35 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=243001C2-55CB-49FA-8475-D0132988CDB5
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?CC=1&party=14&cid=243001C2-55CB-49FA-8475-D0132988CDB5
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
C=1; uid=871952570536581476
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 10 Jun 2021 00:22:46 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=871952570536581476; expires=Mon, 09 Aug 2021 00:22:46 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Thu, 10 Jun 2021 00:22:46 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=243001C2-55CB-49FA-8475-D0132988CDB5
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
C=1; expires=Sat, 10 Jul 2021 00:22:46 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame F34B
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3987235876482715318
42 B
365 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3987235876482715318
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3987235876482715318
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
PUBMDCID=3; KADUSERCOOKIE=DFD26154-CAF9-4A9B-A4C8-0A3924C365A8; chkChromeAb67Sec=1; DPSync3=1623369600%3A174%7C1624492800%3A197_219_201; SyncRTB3=1624579200%3A35%7C1624492800%3A7_3_166_81_161_22_99_8_56_54_234_21_71_55%7C1624147200%3A63%7C1625875200%3A203%7C1623888000%3A2_223_15; KRTBCOOKIE_153=19420-GV1jmBoPNcgCXjKcGFktmBtYNpkCCzOfSwz0MTAO&KRTB&22979-GV1jmBoPNcgCXjKcGFktmBtYNpkCCzOfSwz0MTAO; KRTBCOOKIE_27=16735-uid:62c060c1-5b59-4e00-ab8c-32c2382a2fab&KRTB&16736-uid:62c060c1-5b59-4e00-ab8c-32c2382a2fab&KRTB&23019-uid:62c060c1-5b59-4e00-ab8c-32c2382a2fab&KRTB&23114-uid:62c060c1-5b59-4e00-ab8c-32c2382a2fab; SPugT=1623284570; KRTBCOOKIE_80=22987-CAESENiYSvuWiW7QobS4uxh0v84&KRTB&16514-CAESENiYSvuWiW7QobS4uxh0v84&KRTB&23025-CAESENiYSvuWiW7QobS4uxh0v84; KRTBCOOKIE_391=22924-4150698187221535170&KRTB&23263-4150698187221535170; PugT=1623284570; KRTBCOOKIE_377=6810-3b7ecffc-7e9a-4156-8cae-98b0d9533a0d&KRTB&22918-3b7ecffc-7e9a-4156-8cae-98b0d9533a0d&KRTB&23031-3b7ecffc-7e9a-4156-8cae-98b0d9533a0d
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 10 Jun 2021 00:22:49 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_336=5844-3987235876482715318; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 10-Jul-2021 00:22:49 GMT; path=/ PugT=1623284569; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 10-Jul-2021 00:22:49 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 08-Sep-2021 00:22:49 GMT; path=/
x-lat
amspug009:0:381
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3987235876482715318
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 3F67 		43 B
369 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Thu, 10 Jun 2021 00:00:00 GMT
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1289
x-powered-by
ASP.NET
date
Thu, 10 Jun 2021 00:22:52 GMT
content-length
43
usersync
rtb.gumgum.com/ Frame 38C3 		35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=pbm&i=243001C2-55CB-49FA-8475-D0132988CDB5
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.41.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=pbm&i=243001C2-55CB-49FA-8475-D0132988CDB5
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
cs=true; loc=6w2LaLFVVEsKeEYDbKODy-cmQlLX826CTV8Ymt8iPk0IH9fAdwz9ELRbeFQtJW1PMyKQbd06DJpuPD5VDA-jgw; vst=e_9cfc47e5-d880-4d32-b76a-dcf8c5c95563
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Thu, 10 Jun 2021 00:22:36 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2804
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=JDABwlXLSfqEddATKYjNtQ%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:37 GMT
content-encoding
gzip
last-modified
Tue, 01 Jun 2021 06:44:25 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-2080-5c3aeac410031"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=40867
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
2586
expires
Thu, 10 Jun 2021 11:43:44 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:36 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 2804
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=b72660c1-5b48-4d00-bd58-4280b2d3c0b0
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=b72660c1-5b48-4d00-bd58-4280b2d3c0b0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:43 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Thu, 10 Jun 2021 00:22:37 GMT
Server
MT3 3759 5f8f15b master zrh-pixel-x27
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=b72660c1-5b48-4d00-bd58-4280b2d3c0b0
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 10 Jun 2021 00:22:36 GMT
mw
mwzeom.zeotap.com/ Frame 2804
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=243001C2-55CB-49FA-8475-D0132988CDB5
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://pixel.onaudience.com/?partner=147&mapped=d2513907-50a7-4b1a-a831-996b2a9a1e2d&icm
  • https://spl.zeotap.com/?zdid=1332&zcluid=7f88407e40da51b1
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=bc81cbd3-8650-4506-5257-d867b78f0833&reqId=df53c4e7-0b76-4aac-4e49-fe5feeaa48db&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESECMENMpKIWhqbPkG_5hgx9A&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=bc81cbd3-8650-4506-5257-d867b78f0833&reqId=df53c4e7-0b76-4aac-4e49-fe5...
95 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESECMENMpKIWhqbPkG_5hgx9A&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=bc81cbd3-8650-4506-5257-d867b78f0833&reqId=df53c4e7-0b76-4aac-4e49-fe5feeaa48db&zcluid=7f88407e40da51b1&zdid=1332
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:40 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
65ce72569fbec28b-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a94e5ca210000c28b86a93000000001

Redirect headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:40 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESECMENMpKIWhqbPkG_5hgx9A&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=bc81cbd3-8650-4506-5257-d867b78f0833&reqId=df53c4e7-0b76-4aac-4e49-fe5feeaa48db&zcluid=7f88407e40da51b1&zdid=1332
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 2804
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjQzMDAxQzItNTVDQi00OUZBLTg0NzUtRDAxMzI5ODhDREI1&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:41 GMT
cache-control
no-store, no-cache, private
x-lat
amspug005:0:389
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:36 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 2804
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIYemLSCDKQv2Hg48g-Ga3w&google_cver=1
42 B
437 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIYemLSCDKQv2Hg48g-Ga3w&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:42 GMT
cache-control
no-store, no-cache, private
x-lat
amspug014:0:390
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:36 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIYemLSCDKQv2Hg48g-Ga3w&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 2804 		43 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
bc.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:40 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 09 Jun 2021 00:22:40 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 2804
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:b72660c1-5b48-4d00-bd58-4280b2d3c0b0&gdpr=0&gdpr_consent=
42 B
650 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:b72660c1-5b48-4d00-bd58-4280b2d3c0b0&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:44 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug001:0:2158
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Thu, 10 Jun 2021 00:22:37 GMT
Server
MT3 3759 5f8f15b master zrh-pixel-x9
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:b72660c1-5b48-4d00-bd58-4280b2d3c0b0&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 10 Jun 2021 00:22:36 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 2804
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=871952570536581476
42 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=871952570536581476
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:46 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug010:0:401
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:46 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=871952570536581476
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 2804
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=d2513907-50a7-4b1a-a831-996b2a9a1e2d
42 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=d2513907-50a7-4b1a-a831-996b2a9a1e2d
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:37 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug007:0:298
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:37 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=d2513907-50a7-4b1a-a831-996b2a9a1e2d
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame 2804
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7761284304466057866&gdpr=0&gdpr_consent=
42 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7761284304466057866&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:41 GMT
cache-control
no-store, no-cache, private
x-lat
amspug006:0:416
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:37 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.60:80
AN-X-Request-Uuid
2398dbd5-2131-4507-a227-fa2c6c7f2350
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7761284304466057866&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
243001C2-55CB-49FA-8475-D0132988CDB5
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 2804 		43 B
921 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/243001C2-55CB-49FA-8475-D0132988CDB5?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:37 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame D283 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1e0c500c57328bcdd6992db38ed20a78a321a8b62197c1e0659231ed3ab1eb14

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu&gdpr=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:36 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Jun 2021 21:11:51 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=41711
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9302
Expires
Thu, 10 Jun 2021 11:57:47 GMT
v2gks1md9V0ikLPvP1Sn_pjuj0G94iTowaWDYR1MADkAwgGIs4CTxw0qJN6Jqi2f_98dFJ-mDoDDUp8gQ
sulkycook.com/ 		216 B
614 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sulkycook.com/v2gks1md9V0ikLPvP1Sn_pjuj0G94iTowaWDYR1MADkAwgGIs4CTxw0qJN6Jqi2f_98dFJ-mDoDDUp8gQ
Requested by
Host: sulkycook.com
URL: https://sulkycook.com/v2xvlFGSxXgH04nKGo3OP9MGpH4ZVEULG9eLw54klbAbVNIIJqQ8w1ZVy_0xydXGI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.249.84 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
84.249.186.35.bc.googleusercontent.com
Software
/
Resource Hash
694c48e9addf53abacbe9e561c7e64063f9359b72246032672aa4317ac9b3e50
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-datacenter
gce-europe-west1
date
Thu, 10 Jun 2021 00:22:37 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
http://www.justjared.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-hostname
f8becdc5
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
216
expires
Thu, 10 Jun 2021 00:22:36 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame D283
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=a9eu&gdpr=0&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=KPQ5PKTL-V-4HSC&ex=d-rubiconproject.com&status=ok&gdpr=0
43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=KPQ5PKTL-V-4HSC&ex=d-rubiconproject.com&status=ok&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_gg_n-index_pm-db5_rbd_n-emx_n-acuityads_cnv_n-amobee_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.123.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:37 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://aax-eu.amazon-adsystem.com/s/ecm3?id=KPQ5PKTL-V-4HSC&ex=d-rubiconproject.com&status=ok&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Expires
0
event
event.insticator.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_question-loaded
Protocol
H2
Server
3.216.185.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
http://www.justjared.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 10 Jun 2021 00:22:37 GMT
content-length
0
vary
Origin
access-control-max-age
3600
access-control-allow-origin
http://www.justjared.com
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-credentials
true
event
event.insticator.com/v1/ Frame EAC2 		0
121 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_question-loaded
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/0eb717a5-edb3-4ba3-8a50-e9f78184d544.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.185.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
http://www.justjared.com
date
Thu, 10 Jun 2021 00:22:37 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
200.gif
media1.giphy.com/media/kZosktkABtPN3Evx9S/ Frame EAC2 		663 KB
664 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media1.giphy.com/media/kZosktkABtPN3Evx9S/200.gif
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.82.2 Marseille, France, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7d3c2e1f4da61db466093443965de518af2a14b288fa9b018623045a8d5cc254
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:37 GMT
via
1.1 varnish, 1.1 varnish
age
0
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
content-length
679255
x-served-by
cache-bwi5171-BWI, cache-mrs10554-MRS
last-modified
Mon, 09 Sep 2019 17:11:52 GMT
x-timer
S1623284558.504041,VS0,VE89
etag
"1c692238bf2da924e6caca80a8a64b3e"
strict-transport-security
max-age=86400
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-cache-hits
1, 0
QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v9/ Frame EAC2 		54 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v9/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Work+Sans:400,500,600,700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a4918ffe64106f49bc51cc7105702b64ddeb8a72bd89e5b2d242e7682b7d691
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://www.justjared.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 08:02:36 GMT
x-content-type-options
nosniff
age
145201
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55340
x-xss-protection
0
last-modified
Thu, 28 Jan 2021 21:40:26 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jun 2022 08:02:36 GMT
fa-solid-900.woff2
use.fontawesome.com/releases/v5.5.0/webfonts/ Frame EAC2 		72 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.5.0/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.5.0/css/all.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
7798165ee5a3c6809310d8261dcbe7c8d0c12d795b7b09a71af3eb86ec8f33f2

Request headers

Origin
http://www.justjared.com
Referer
https://use.fontawesome.com/releases/v5.5.0/css/all.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:37 GMT
last-modified
Fri, 02 Nov 2018 15:17:39 GMT
server
NetDNA-cache/2.2
etag
"fb493903265cad425ccdf8e04fc2de61"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
accept-ranges
bytes
content-length
73852
pixel
cm.g.doubleclick.net/ Frame D283
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODhiYTcyMmI3ZGNmZmJhYTgzZDVhNjU0Y2E0NzgyZTVjMGI1MWE1Nw&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODhiYTcyMmI3ZGNmZmJhYTgzZDVhNjU0Y2E0NzgyZTVjMGI1MWE1Nw&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_gg_n-index_pm-db5_rbd_n-emx_n-acuityads_cnv_n-amobee_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODhiYTcyMmI3ZGNmZmJhYTgzZDVhNjU0Y2E0NzgyZTVjMGI1MWE1Nw&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
709414.gif
id.rlcdn.com/ Frame D283 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif?gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_gg_n-index_pm-db5_rbd_n-emx_n-acuityads_cnv_n-amobee_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:40 GMT
via
1.1 google
alt-svc
clear
content-length
0
tap.php
pixel.rubiconproject.com/ Frame D283
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/6axVIxVdwzQXCzRg553vow?csrc=&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3480645534301063835
42 B
690 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3480645534301063835
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_gg_n-index_pm-db5_rbd_n-emx_n-acuityads_cnv_n-amobee_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/gif

Redirect headers

date
Thu, 10 Jun 2021 00:22:38 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3480645534301063835
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame D283
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=b72660c1-5b48-4d00-bd58-4280b2d3c0b0&gdpr=0&gdpr_consent=
42 B
690 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=b72660c1-5b48-4d00-bd58-4280b2d3c0b0&gdpr=0&gdpr_consent=
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_gg_n-index_pm-db5_rbd_n-emx_n-acuityads_cnv_n-amobee_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/gif

Redirect headers

Date
Thu, 10 Jun 2021 00:22:37 GMT
Server
MT3 3759 5f8f15b master zrh-pixel-x31
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=b72660c1-5b48-4d00-bd58-4280b2d3c0b0&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 10 Jun 2021 00:22:36 GMT
tap.php
pixel.rubiconproject.com/ Frame D283
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEBvtNLj2TdZpBHqJS8qHSYs&google_cver=1
42 B
690 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEBvtNLj2TdZpBHqJS8qHSYs&google_cver=1
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_gg_n-index_pm-db5_rbd_n-emx_n-acuityads_cnv_n-amobee_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:37 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEBvtNLj2TdZpBHqJS8qHSYs&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
ads.yahoo.com/cms/ Frame D283
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594&gdpr=0
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KPQ5PKTL-V-4HSC&sigv=1&esig=2~0f6014245fdab29106e168621d969a8ae7438d04&gdpr=0
0
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KPQ5PKTL-V-4HSC&sigv=1&esig=2~0f6014245fdab29106e168621d969a8ae7438d04&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_gg_n-index_pm-db5_rbd_n-emx_n-acuityads_cnv_n-amobee_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:38 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KPQ5PKTL-V-4HSC&sigv=1&esig=2~0f6014245fdab29106e168621d969a8ae7438d04&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame D283
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YMFbSAABq73bxAA4&gdpr=0
42 B
754 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YMFbSAABq73bxAA4&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_gg_n-index_pm-db5_rbd_n-emx_n-acuityads_cnv_n-amobee_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:46 GMT
via
1.1 varnish
server
Varnish
x-timer
S1623284567.629327,VS0,VE0
x-served-by
cache-fra19169-FRA
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YMFbSAABq73bxAA4&gdpr=0
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame D283
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BRNVBLVEwtVi00SFND&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BRNVBLVEwtVi00SFND&gdpr=0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_gg_n-index_pm-db5_rbd_n-emx_n-acuityads_cnv_n-amobee_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&gdpr=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BRNVBLVEwtVi00SFND&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
v2qgcQESK8boFaFkjWeLY7mUmS1VhO7kzu3IQzzKVEMXzmp0X_02FJLzsUVPZgpJ2BzxBvyzUeFPR6l9r
sulkycook.com/ 		3 B
36 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sulkycook.com/v2qgcQESK8boFaFkjWeLY7mUmS1VhO7kzu3IQzzKVEMXzmp0X_02FJLzsUVPZgpJ2BzxBvyzUeFPR6l9r
Requested by
Host: sulkycook.com
URL: https://sulkycook.com/v2xvlFGSxXgH04nKGo3OP9MGpH4ZVEULG9eLw54klbAbVNIIJqQ8w1ZVy_0xydXGI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.249.84 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
84.249.186.35.bc.googleusercontent.com
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-datacenter
gce-europe-west1
date
Thu, 10 Jun 2021 00:22:37 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
http://www.justjared.com
access-control-allow-credentials
true
x-hostname
f8becdc5
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
3
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fwww.justjared.com%2F&domain=www.justjared.com&cw=1
Protocol
H2
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
http://www.justjared.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
http://www.justjared.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1738
date
Thu, 10 Jun 2021 00:22:37 GMT
content-encoding
gzip
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fwww.justjared.com%2F&domain=www.justjared.com&cw=1
  • https://mug.criteo.com/sid?cpp=Fbqv4Hw5TTVvTEQvTGJsMThSaGs0WUl3L2lnT1FoTTlBZ0xUczNRV0xlRmtGNWQxZ1htNnZrY0FGOGVqUjNqQklpd2VPbUsxRlVxTmtlRzRhU0FMUkZveWI1S2hNQ0x4c1lCemc5Tms5b0NPYjZGcEUvNTlWR01QQVBXZE...
347 B
630 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=Fbqv4Hw5TTVvTEQvTGJsMThSaGs0WUl3L2lnT1FoTTlBZ0xUczNRV0xlRmtGNWQxZ1htNnZrY0FGOGVqUjNqQklpd2VPbUsxRlVxTmtlRzRhU0FMUkZveWI1S2hNQ0x4c1lCemc5Tms5b0NPYjZGcEUvNTlWR01QQVBXZEFDcERNZTJKR2p2ZTFxa1lSbzhSR2xUQXczWnVzZ1N0Zy9Vc2QyTjRqQ21YbHR4Mkt1cUUwRXV0R3hZbDA5S0JjZ2dlNG1ETk9GYURKc3VEOXcxZlFMQWhJSWVSdmhXU0ZhdVZLekFNQ3hYV2tsNk1kVW5JPXw&cppv=2
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
69f4c93036ca13519885c8379e55a9e80c06380a8425a5e0e709aa07febf85bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Thu, 10 Jun 2021 00:22:39 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2082
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 10 Jun 2021 00:22:37 GMT
location
https://mug.criteo.com/sid?cpp=Fbqv4Hw5TTVvTEQvTGJsMThSaGs0WUl3L2lnT1FoTTlBZ0xUczNRV0xlRmtGNWQxZ1htNnZrY0FGOGVqUjNqQklpd2VPbUsxRlVxTmtlRzRhU0FMUkZveWI1S2hNQ0x4c1lCemc5Tms5b0NPYjZGcEUvNTlWR01QQVBXZEFDcERNZTJKR2p2ZTFxa1lSbzhSR2xUQXczWnVzZ1N0Zy9Vc2QyTjRqQ21YbHR4Mkt1cUUwRXV0R3hZbDA5S0JjZ2dlNG1ETk9GYURKc3VEOXcxZlFMQWhJSWVSdmhXU0ZhdVZLekFNQ3hYV2tsNk1kVW5JPXw&cppv=2
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
http://www.justjared.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1411
content-length
482
expires
0
insync
thrtle.com/
Redirect Chain
  • https://px.britepool.com/new?partner_id=t
  • https://thrtle.com/insync?vxii_pid=10054&vxii_pdid=c65c9366-1668-4843-9797-e12d4835b04b
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/insync?vxii_pid=10054&vxii_pdid=c65c9366-1668-4843-9797-e12d4835b04b
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.226.4.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Date
Thu, 10 Jun 2021 00:22:38 GMT
Server
nginx
Vary
negotiate,Accept-Encoding
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://thrtle.com/insync?vxii_pid=10054&vxii_pdid=c65c9366-1668-4843-9797-e12d4835b04b
Cache-Control
no-cache, no-store, private
Tcn
Choice
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
X-Request-Id
51ab4981259a48a86dcb12349c7c72ef
Expires
Sat, 26 Jul 1997 05:00:00 GMT
config.js
confiant-integrations.global.ssl.fastly.net/pOIAx-8QWovHK9PBpEctv-fzgXs/gpt_and_prebid/ 		65 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://confiant-integrations.global.ssl.fastly.net/pOIAx-8QWovHK9PBpEctv-fzgXs/gpt_and_prebid/config.js
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Server
151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1c8c9ad7a54751bea6faa267ae3edf7bdaab82b822fe8fc76fb3c381ace9974b

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:40 GMT
Content-Encoding
gzip
Age
3279
X-Cache
HIT
Connection
keep-alive
Content-Length
15999
x-amz-id-2
kaKPtwo68jivq2+mpbkldP3hqTPuAiTw1rVr1sXMoqIXuxRJSO3nChMKDKYO9I1vg1tRGWFkqFQ=
X-Served-By
cache-hhn4072-HHN
Last-Modified
Wed, 09 Jun 2021 23:04:25 GMT
Server
AmazonS3
X-Timer
S1623284561.722499,VS0,VE0
ETag
"e18ea23c732cd07e6808aa44aa905aa4"
x-amz-request-id
0CT2XE3VXJAXPTGT
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
248
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=Fbqv4Hw5TTVvTEQvTGJsMThSaGs0WUl3L2lnT1FoTTlBZ0xUczNRV0xlRmtGNWQxZ1htNnZrY0FGOGVqUjNqQklpd2VPbUsxRlVxTmtlRzRhU0FMUkZveWI1S2hNQ0x4c1lCemc5Tms5b0NPYjZGcEUvNTlWR01QQVBXZEFDcERNZTJKR2p2ZTFxa1lSbzhSR2xUQXczWnVzZ1N0Zy9Vc2QyTjRqQ21YbHR4Mkt1cUUwRXV0R3hZbDA5S0JjZ2dlNG1ETk9GYURKc3VEOXcxZlFMQWhJSWVSdmhXU0ZhdVZLekFNQ3hYV2tsNk1kVW5JPXw&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1057
date
Thu, 10 Jun 2021 00:22:39 GMT
content-encoding
gzip
vary
Accept-Encoding
gpt.js
www.googletagservices.com/tag/js/ 		61 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: http://d3lcz8vpax4lo2.cloudfront.net/header-tags/2cdf4c71-ad6c-487e-b43a-8f1af912284a/0d973e93-712c-4a2e-965d-e8d79c298b38.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5722702001788ee03a5638c5af46828d25917c12659977dd752ae46befd56ab6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"898 / 402 of 1000 / last-modified: 1623280302"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21290
x-xss-protection
0
expires
Thu, 10 Jun 2021 00:22:38 GMT
show_companion_ad.js
pagead2.googlesyndication.com/pagead/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_companion_ad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
16600b031f7e2e59efe4b96a23e07fb4a56b411833e73070c1c8b60bc7116cf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 23:29:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3215
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5871
x-xss-protection
0
server
cafe
etag
12272712123306252075
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Thu, 10 Jun 2021 00:29:03 GMT
363.json
id5-sync.com/g/v2/ 		213 B
534 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/363.json
Requested by
Host: ads.rubiconproject.com
URL: http://ads.rubiconproject.com/prebid/21666_JustJared.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.21.8 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
62323efc5a606c1754f2900e0a5aca1a51d58b0366f6760808e04b1eacdf32fa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
http://www.justjared.com
Date
Thu, 10 Jun 2021 00:21:26 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ 		0
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=1260
Requested by
Host: ads.rubiconproject.com
URL: http://ads.rubiconproject.com/prebid/21666_JustJared.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 10 Jun 2021 00:22:38 GMT
via
1.1 google
alt-svc
clear
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
http://www.justjared.com
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
0
rid
match.adsrvr.org/track/ 		108 B
689 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=qvrl0w8&fmt=json
Requested by
Host: ads.rubiconproject.com
URL: http://ads.rubiconproject.com/prebid/21666_JustJared.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
26a397eb44ac1cf1e0edb58e2b5f9aff7d27cb8422f00e2898c54712d2eff6e2

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 10 Jun 2021 00:22:38 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
http://www.justjared.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Sat, 10 Jul 2021 00:22:38 GMT
sync
eb2.3lift.com/ Frame EEF2 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: ads.rubiconproject.com
URL: http://ads.rubiconproject.com/prebid/21666_JustJared.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.137.147 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
9fcb974930a8b0db6460f66d3ebdb7d96ccd107680d83323057acf8d71011fc0

Request headers

:method
GET
:authority
eb2.3lift.com
:scheme
https
:path
/sync?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.justjared.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
tluid=11905015314952651458
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.justjared.com/

Response headers

date
Thu, 10 Jun 2021 00:22:41 GMT
content-type
text/html; charset=utf-8
content-length
479
set-cookie
sync=CgoIgQIQre2ymp8vCgoIkQIQre2ymp8vCgoI4gEQre2ymp8vCgoIkgIQre2ymp8vCgoI5gEQre2ymp8vCgoIhwIQre2ymp8vCgkIOhCt7bKany8KCQgLEK3tspqfLwoJCF8Qre2ymp8vCgkIHxCt7bKany8=; Max-Age=7776000; Expires=Wed, 08 Sep 2021 00:22:41 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=11905015314952651458; Max-Age=7776000; Expires=Wed, 08 Sep 2021 00:22:41 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate
async_usersync.html
acdn.adnxs.com/dmp/ Frame 1CAD 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.rubiconproject.com
URL: http://ads.rubiconproject.com/prebid/21666_JustJared.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://www.justjared.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
uuid2=7761284304466057866
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.justjared.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Fri, 11 Jun 2021 00:22:41 GMT
Date
Thu, 10 Jun 2021 00:22:39 GMT
Connection
keep-alive
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame AFAC 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.rubiconproject.com
URL: http://ads.rubiconproject.com/prebid/21666_JustJared.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://www.justjared.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
uuid2=7761284304466057866
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.justjared.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Fri, 11 Jun 2021 00:22:41 GMT
Date
Thu, 10 Jun 2021 00:22:39 GMT
Connection
keep-alive
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 204E 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: ads.rubiconproject.com
URL: http://ads.rubiconproject.com/prebid/21666_JustJared.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://www.justjared.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
rsid=1|AIfsdBUH+v3fWCPuzNowDE/csJlhKa2tlCBRUZWfOQpzq4eRUmvkSc3ya9WQi+HKKRWt2jyoYTD2eRvLWSDhFgX3ng06hUEE9RUpasHbexgivGKrYKdBNKOTT8+Kbwv/ANSf; ses15=; ses10=; vis10=293666^1; khaos=KPQ5PKTL-V-4HSC; uids=eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsicnRiaG91c2UiOnsidWlkIjoibGFOTUd3TjAzTFdOMUR2Sjg3S2QiLCJleHBpcmVzIjoiMjAyMS0wNi0yNFQwMDoyMjozMi41NTZaIn0sInJ1Ymljb24iOnsidWlkIjoiS1BRNVBLVEwtVi00SFNDIiwiZXhwaXJlcyI6IjIwMjEtMDYtMjRUMDA6MjI6MzIuNDE1WiJ9LCJndW1ndW0iOnsidWlkIjoiZV81YWYzOGI3MC0zODM2LTQyODQtODcxNy0zMTkxOWEyODYxOTEiLCJleHBpcmVzIjoiMjAyMS0wNi0yNFQwMDoyMjozMi43MTRaIn19LCJiZGF5IjoiMjAyMS0wNi0xMFQwMDoyMjozMi40MTVaIn0=; vis15=153530^1&293666^1; pux=1512%3D100273%262249%3D100273%262974%3D100273%263778%3D100273%262249-DV360-Hosted%3D100273%26idl%3D100273%26brx%3D100273%26goog%3D100273%26; audit=1|naVuGyos1qojheJiu7KYlXp4/TMPY9XwzMb5byHS7FYCNhXkkZ+je92KjpcTyb52dalcOrJi9dpo2B05UvZjL2UmrsSRQiLTsqlSNZOaaDQ=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.justjared.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 10 Jun 2021 00:22:38 GMT
Connection
keep-alive
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 5015 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.rubiconproject.com
URL: http://ads.rubiconproject.com/prebid/21666_JustJared.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://www.justjared.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.justjared.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Thu, 10 Jun 2021 00:22:39 GMT
Connection
keep-alive
showad.js
ads.pubmatic.com/AdServer/js/ Frame E224 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.rubiconproject.com
URL: http://ads.rubiconproject.com/prebid/21666_JustJared.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.justjared.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=243001C2-55CB-49FA-8475-D0132988CDB5; KRTBCOOKIE_1051=22884-18072662182946732675; PUBMDCID=3; KCCH=YES; chkChromeAb67Sec=1; DPSync3=1623369600%3A174%7C1624492800%3A197_219_201; SyncRTB3=1624492800%3A71_21_161_7_56_54_3_220_13%7C1624579200%3A35; KRTBCOOKIE_377=6810-d2513907-50a7-4b1a-a831-996b2a9a1e2d&KRTB&22918-d2513907-50a7-4b1a-a831-996b2a9a1e2d&KRTB&23031-d2513907-50a7-4b1a-a831-996b2a9a1e2d; PugT=1623284557
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.justjared.com/

Response headers

last-modified
Tue, 11 May 2021 05:24:02 GMT
etag
"13006b6-96ca-5c2071a26cca4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13964
content-type
text/html; charset=UTF-8
cache-control
public, max-age=39892
expires
Thu, 10 Jun 2021 11:27:30 GMT
date
Thu, 10 Jun 2021 00:22:38 GMT
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 4FD5 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: ads.rubiconproject.com
URL: http://ads.rubiconproject.com/prebid/21666_JustJared.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.137.147 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
9fcb974930a8b0db6460f66d3ebdb7d96ccd107680d83323057acf8d71011fc0

Request headers

:method
GET
:authority
eb2.3lift.com
:scheme
https
:path
/sync?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.justjared.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
tluid=11905015314952651458
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.justjared.com/

Response headers

date
Thu, 10 Jun 2021 00:22:41 GMT
content-type
text/html; charset=utf-8
content-length
479
set-cookie
sync=CgoIgQIQru2ymp8vCgoIkQIQru2ymp8vCgoI4gEQru2ymp8vCgoIkgIQru2ymp8vCgoI5gEQru2ymp8vCgoIhwIQru2ymp8vCgkIOhCu7bKany8KCQgLEK7tspqfLwoJCF8Qru2ymp8vCgkIHxCu7bKany8=; Max-Age=7776000; Expires=Wed, 08 Sep 2021 00:22:41 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=11905015314952651458; Max-Age=7776000; Expires=Wed, 08 Sep 2021 00:22:41 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate
async_usersync.html
acdn.adnxs.com/dmp/ Frame 8559 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.rubiconproject.com
URL: http://ads.rubiconproject.com/prebid/21666_JustJared.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://www.justjared.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
uuid2=7761284304466057866
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.justjared.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Fri, 11 Jun 2021 00:22:41 GMT
Date
Thu, 10 Jun 2021 00:22:39 GMT
Connection
keep-alive
Vary
Accept-Encoding
sync
eb2.3lift.com/ Frame D9C6 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: ads.rubiconproject.com
URL: http://ads.rubiconproject.com/prebid/21666_JustJared.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.137.147 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
9fcb974930a8b0db6460f66d3ebdb7d96ccd107680d83323057acf8d71011fc0

Request headers

:method
GET
:authority
eb2.3lift.com
:scheme
https
:path
/sync?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.justjared.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
tluid=11905015314952651458
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.justjared.com/

Response headers

date
Thu, 10 Jun 2021 00:22:41 GMT
content-type
text/html; charset=utf-8
content-length
479
set-cookie
sync=CgoIgQIQru2ymp8vCgoIkQIQru2ymp8vCgoI4gEQru2ymp8vCgoIkgIQru2ymp8vCgoI5gEQru2ymp8vCgoIhwIQru2ymp8vCgkIOhCu7bKany8KCQgLEK7tspqfLwoJCF8Qru2ymp8vCgkIHxCu7bKany8=; Max-Age=7776000; Expires=Wed, 08 Sep 2021 00:22:41 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=11905015314952651458; Max-Age=7776000; Expires=Wed, 08 Sep 2021 00:22:41 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate
ixmatch.html
js-sec.indexww.com/um/ Frame 1DB1 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.rubiconproject.com
URL: http://ads.rubiconproject.com/prebid/21666_JustJared.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://www.justjared.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.justjared.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Thu, 10 Jun 2021 00:22:39 GMT
Connection
keep-alive
showad.js
ads.pubmatic.com/AdServer/js/ Frame 5961 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.rubiconproject.com
URL: http://ads.rubiconproject.com/prebid/21666_JustJared.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.justjared.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=243001C2-55CB-49FA-8475-D0132988CDB5; KRTBCOOKIE_1051=22884-18072662182946732675; PUBMDCID=3; KCCH=YES; chkChromeAb67Sec=1; DPSync3=1623369600%3A174%7C1624492800%3A197_219_201; SyncRTB3=1624492800%3A71_21_161_7_56_54_3_220_13%7C1624579200%3A35; KRTBCOOKIE_377=6810-d2513907-50a7-4b1a-a831-996b2a9a1e2d&KRTB&22918-d2513907-50a7-4b1a-a831-996b2a9a1e2d&KRTB&23031-d2513907-50a7-4b1a-a831-996b2a9a1e2d; PugT=1623284557
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.justjared.com/

Response headers

last-modified
Tue, 11 May 2021 05:24:02 GMT
etag
"13006b6-96ca-5c2071a26cca4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13964
content-type
text/html; charset=UTF-8
cache-control
public, max-age=39892
expires
Thu, 10 Jun 2021 11:27:30 GMT
date
Thu, 10 Jun 2021 00:22:38 GMT
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 91D3 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.rubiconproject.com
URL: http://ads.rubiconproject.com/prebid/21666_JustJared.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://www.justjared.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.justjared.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Thu, 10 Jun 2021 00:22:39 GMT
Connection
keep-alive
showad.js
ads.pubmatic.com/AdServer/js/ Frame 64BC 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.rubiconproject.com
URL: http://ads.rubiconproject.com/prebid/21666_JustJared.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.justjared.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=243001C2-55CB-49FA-8475-D0132988CDB5; KRTBCOOKIE_1051=22884-18072662182946732675; PUBMDCID=3; KCCH=YES; chkChromeAb67Sec=1; DPSync3=1623369600%3A174%7C1624492800%3A197_219_201; SyncRTB3=1624492800%3A71_21_161_7_56_54_3_220_13%7C1624579200%3A35; KRTBCOOKIE_377=6810-d2513907-50a7-4b1a-a831-996b2a9a1e2d&KRTB&22918-d2513907-50a7-4b1a-a831-996b2a9a1e2d&KRTB&23031-d2513907-50a7-4b1a-a831-996b2a9a1e2d; PugT=1623284557
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.justjared.com/

Response headers

last-modified
Tue, 11 May 2021 05:24:02 GMT
etag
"13006b6-96ca-5c2071a26cca4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13964
content-type
text/html; charset=UTF-8
cache-control
public, max-age=39892
expires
Thu, 10 Jun 2021 11:27:30 GMT
date
Thu, 10 Jun 2021 00:22:38 GMT
vary
Accept-Encoding
/
ssp-nj.webtradehub.com/ 		0
0
track
track1.aniview.com/ 		0
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?r=www.justjared.com&sn=&ic=0&tgt=0&app=&wi=640&he=360&test=&apppkg=&fv=3&proto=http
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d8ccec528a0617cae5a0755
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.44.237.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-44-237-179.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 10 Jun 2021 00:22:46 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
usync.js
eus.rubiconproject.com/ Frame 204E 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1e0c500c57328bcdd6992db38ed20a78a321a8b62197c1e0659231ed3ab1eb14

Request headers

Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Jun 2021 21:11:51 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=41709
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9302
Expires
Thu, 10 Jun 2021 11:57:47 GMT
integrator.js
adservice.google.ch/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ch/adsid/integrator.js?domain=www.justjared.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 10 Jun 2021 00:22:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.justjared.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 10 Jun 2021 00:22:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		12 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=170702717969275&correlator=1721875291809883&output=ldjh&impl=fifs&vrg=2021060301&ptt=17&gdpr=0&addtl_consent=1~&sc=0&sfv=1-0-38&ecs=20210610&iu_parts=27794161%2Cjustjared.com_Web_300x250_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=h%3D0%26shb%3D1%26tg%3D1%26amznbid%3D2%26amznp%3D2%26p%3DBTF%26Exclude_Adx%3DN%26ib%3Dnofill%26iba%3D0%26iaid%3Dnofill%26it%3Dil&eri=1&cust_params=skin_width%3Dyes%26width%3D1600&cookie=ID%3Dfb18708d144b5179%3AT%3D1623284552%3AS%3DALNI_MZsEEPtn-39LZN61dLhDS_dE-1nMw&bc=23&abxe=1&lmt=1623284318&dt=1623284558886&dlt=1623284550544&idt=500&frm=20&biw=1600&bih=1200&oid=3&adxs=464&adys=1802&adks=564978008&ucis=6&ifi=6&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.justjared.com%2F&vis=1&scr_x=0&scr_y=0&psz=610x645&msz=305x295&ga_vid=2019856573.1623284551&ga_sid=1623284553&ga_hid=2054784078&ga_fc=false&fws=0&ohw=0&btvi=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
c3c283103a0bb705ab9790249be705c40c8337daf1f0537d5b3cb5fddfb548ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:39 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6208
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://www.justjared.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		12 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=170702717969275&correlator=1319477334806121&output=ldjh&impl=fifs&vrg=2021060301&ptt=17&gdpr=0&addtl_consent=1~&sc=0&sfv=1-0-38&ecs=20210610&iu_parts=27794161%2Cjustjared.com_Web_300x250_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=h%3D0%26shb%3D1%26tg%3D1%26amznbid%3D2%26amznp%3D2%26p%3DBTF%26Exclude_Adx%3DN%26ib%3Dnofill%26iba%3D0%26iaid%3Dnofill%26it%3Dil&eri=1&cust_params=skin_width%3Dyes%26width%3D1600&cookie=ID%3Dfb18708d144b5179%3AT%3D1623284552%3AS%3DALNI_MZsEEPtn-39LZN61dLhDS_dE-1nMw&bc=23&abxe=1&lmt=1623284318&dt=1623284558890&dlt=1623284550544&idt=500&frm=20&biw=1600&bih=1200&oid=3&adxs=624&adys=1802&adks=1792955468&ucis=7&ifi=7&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.justjared.com%2F&vis=1&scr_x=0&scr_y=0&psz=610x645&msz=305x295&ga_vid=2019856573.1623284551&ga_sid=1623284553&ga_hid=2054784078&ga_fc=false&fws=0&ohw=0&btvi=4
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
bba375f7380feb84fd63bf9271069dd9eb884dd28cea5f1be7190707d879e156
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:39 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5894
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://www.justjared.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 2804 		0
375 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cnection
close
date
Thu, 10 Jun 2021 00:22:37 GMT
content-encoding
gzip
server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache
content-type
text/plain; charset=utf-8
container.html
2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F63D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.justjared.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.justjared.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Thu, 10 Jun 2021 00:22:32 GMT
expires
Fri, 10 Jun 2022 00:22:32 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
7
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
securepubads.g.doubleclick.net/pagead/ Frame F63D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CikRhTlvBYJPiOMfXgQfBjJ2oAc_ZtZNczPrvubQJwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTc2MzA5NjExNjM2NDMxMzfIAQmpAr-zE73u-oU-4AIAqAMBqgTkAU_Q2azdlhjSXJ7J_BcRr3YETUtZKsxojz7y1AnVbkQuRblWdhl4pJVUAiFctDrFdD9hTxnXrKXqX7pSejM9B9G6q6GaOIDa9aFh1BVm4kDX8o-g-9INEY_GLXVgDwh76ySjLzDPaDRjBNCxeh1TiaA2JEPUUG0HG0KcVDQYyCqK4irGbtk7RspAd3uWaOQ9HEQZMZa9CPjpUpVF9Q5QDW07xHsHDsZmvl9a0qno57nfvNDP9cgjFiqOCvyWqYcc9qi9E3CRCwUMpYQxKU1vOMU0bF1f3Pb7NXzrwK3_FJ3N2GgIDuAEAYAGu6S8_Ky89p9JoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBQiAYRAB8ggbYWR4LXN1YnN5bi05NzY2MTQ2MTk0OTA1MzUxgAoD-gsCCAGADAHQFQGAFwGyFxgKFhIUcHViLTc2MzA5NjExNjM2NDMxMzc&sigh=Fx_eUQwnVGs
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
/
track.adform.net/adfscript/ Frame F63D 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=46742068;rtbwp=YMFbTgAOMRMK4GvHAAdGQX1JGrZnrRc9OkJmhg;rtbdata=213YhU2VLU2RF_ECytzaNoZiqyeJKAYJ_5xWoQZO5axLZbyH7x4NMQ6lzVbaIVSCSJ4dMKlQ7FF2LkGIA6pa6hTJ4LpST6SfndxIUf_Rx_vfF_CtL2cpmz2F4yBVG4BzMmMNdHuK2dhOq0f-djRZhM7k1oK6FVBYJMFVC0H4xNlMzFP0PKy7cymJ_IU6mQ8yoaWiyEmAAY07Vseksh6f3krzvcOouG350;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CY0bKTlvBYJPiOMfXgQfBjJ2oAc_ZtZNczPrvubQJwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTc2MzA5NjExNjM2NDMxMzfIAQmpAr-zE73u-oU-4AIAqAMBqgTnAU_Q2azdlhjSXJ7J_BcRr3YETUtZKsxojz7y1AnVbkQuRblWdhl4pJVUAiFctDrFdD9hTxnXrKXqX7pSejM9B9G6q6GaOIDa9aFh1BVm4kDX8o-g-9INEY_GLXVgDwh76ySjLzDPaDRjBNCxeh1TiaA2JEPUUG0HG0KcVDQYyCqK4irGbtk7RspAd3uWaOQ9HEQZMZa9CPjpUpVF9Q5QDW07xHsHDsZmvl9a0qno57nfvNDP9cgjFiqOCvyWqYcc9qi9E3CRCwUMpYQxKU1vOMU0bB9d0WRz9beTHmb013WZHKhsGjgBDeAEAYAGu6S8_Ky89p9JoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBQiAYRAB8ggbYWR4LXN1YnN5bi05NzY2MTQ2MTk0OTA1MzUx-gsCCAGADAHQFQGAFwE&num=1&sig=AOD64_1apwOT28n9oBXJRA4pwlo7NjxCFg&client=ca-pub-7630961163643137&adurl=
Requested by
Host: 2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com
URL: https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
65784230d0d43d4203897c719df894ffe9277858457c1170dbb29ec202c95d6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:39 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
1611
expires
-1
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame F63D 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/window_focus_fy2019.js
Requested by
Host: 2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com
URL: https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:02:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1197
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1316
x-xss-protection
0
server
cafe
etag
797314601362473214
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 24 Jun 2021 00:02:42 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F63D 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com
URL: https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2f28c37beb838d695f95710805308cfe7f1fcc286bd744ab0184a23a10d5a4ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:39 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1623066169988846"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37960
x-xss-protection
0
expires
Thu, 10 Jun 2021 00:22:39 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame F63D 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com
URL: https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a677da8f32851941b090ee6e9294757cba154033200b20231b2a4ca7f62a820
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:19:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
212
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5644
x-xss-protection
0
server
cafe
etag
16788636151609896382
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 24 Jun 2021 00:19:07 GMT
l
www.google.com/ads/measurement/ Frame F63D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTUmLY0dHvF7fGGZweawLRY1M7KXnJBCzoIrHaaIIDZJ7xkepvRlDSaK1gSAQJBNbdAXoTf2hunbttABGpC6-0HUlP7Ow
Requested by
Host: 2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com
URL: https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame F63D 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com
URL: https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 20:25:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
100657
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jun 2022 20:25:02 GMT
container.html
2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6553 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.justjared.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.justjared.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Thu, 10 Jun 2021 00:22:32 GMT
expires
Fri, 10 Jun 2022 00:22:32 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
7
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
securepubads.g.doubleclick.net/pagead/ Frame 6553 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CwvjjTlvBYIaGOcfpgAeejJmQA8_ZtZNczPrvubQJwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTc2MzA5NjExNjM2NDMxMzfIAQmpAr-zE73u-oU-4AIAqAMBqgTkAU_QfPUVbotTusSB-0D8b6Y1qsnxd8j3tZrjD_KhkZY2IvGg3iDvw-SbKAnmEZnmAr8_zkgL93SlcaCIM8GH2UQ1Ai3dqJ-q8Q8lj8QuMjzHDg0Chre9-ELL3uCXtuXKH9DEEZs_J8hcaJCYSeZaEYUdqkqJQu1ku7s9dQRYhM0CllrzhWt9V23wXWc9ehCu29a8YovdTiT7r7IPik5ldpjia1svA0ymc9WhUpsTRNw1qUNnb97vdMY3PMJWycx2lj2hF0bZiiQ0BgqYIKtMt_nkSv-oB0_spykuR2D2I78q5Ei-MeAEAYAGu6S8_Ky89p9JoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBQiAYRAB8ggbYWR4LXN1YnN5bi05NzY2MTQ2MTk0OTA1MzUxgAoD-gsCCAGADAHQFQGAFwGyFxgKFhIUcHViLTc2MzA5NjExNjM2NDMxMzc&sigh=_pb4IOi2NMo
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
/
track.adform.net/adfscript/ Frame 6553 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=46742068;rtbwp=YMFbTgAOQwYK4DTHAAZGHmNekn0D4z4hvU_3qA;rtbdata=213YhU2VLU2RF_ECytzaNnrIBjHdcRrRdx5yXZXrreU4m3iAI_iLeg6lzVbaIVSCSJ4dMKlQ7FF2LkGIA6pa6hTJ4LpST6SfndxIUf_Rx_vfF_CtL2cpmz2F4yBVG4BzMmMNdHuK2dhOq0f-djRZhPP3WPufjLmVJMFVC0H4xNlMzFP0PKy7cymJ_IU6mQ8yoaWiyEmAAY07Vseksh6f3gY_XY_D3lCi0;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CdDRFTlvBYIaGOcfpgAeejJmQA8_ZtZNczPrvubQJwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTc2MzA5NjExNjM2NDMxMzfIAQmpAr-zE73u-oU-4AIAqAMBqgTnAU_QfPUVbotTusSB-0D8b6Y1qsnxd8j3tZrjD_KhkZY2IvGg3iDvw-SbKAnmEZnmAr8_zkgL93SlcaCIM8GH2UQ1Ai3dqJ-q8Q8lj8QuMjzHDg0Chre9-ELL3uCXtuXKH9DEEZs_J8hcaJCYSeZaEYUdqkqJQu1ku7s9dQRYhM0CllrzhWt9V23wXWc9ehCu29a8YovdTiT7r7IPik5ldpjia1svA0ymc9WhUpsTRNw1qUNnb97vdMY3PMJWycx2lj2hF0bZiiQ0BgqYIKtMt_nkSr2qCt1kZ-JWmav94Fd-IIjaJQaMcuAEAYAGu6S8_Ky89p9JoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBQiAYRAB8ggbYWR4LXN1YnN5bi05NzY2MTQ2MTk0OTA1MzUx-gsCCAGADAHQFQGAFwE&num=1&sig=AOD64_13oLqTS2-tyeWNBjLuald_WeYpcQ&client=ca-pub-7630961163643137&adurl=
Requested by
Host: 2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com
URL: https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
69c8c56f185d739269fd58b980ceb4801b09c5d688c86a7e10b2df7e1b3ff286
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:39 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
1601
expires
-1
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame 6553 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/window_focus_fy2019.js
Requested by
Host: 2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com
URL: https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:02:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1197
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1316
x-xss-protection
0
server
cafe
etag
797314601362473214
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 24 Jun 2021 00:02:42 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6553 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com
URL: https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2f28c37beb838d695f95710805308cfe7f1fcc286bd744ab0184a23a10d5a4ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:39 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1623066169988846"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37960
x-xss-protection
0
expires
Thu, 10 Jun 2021 00:22:39 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame 6553 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com
URL: https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a677da8f32851941b090ee6e9294757cba154033200b20231b2a4ca7f62a820
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:19:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
212
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5644
x-xss-protection
0
server
cafe
etag
16788636151609896382
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 24 Jun 2021 00:19:07 GMT
l
www.google.com/ads/measurement/ Frame 6553 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRlyG9zlDM-DPP93xYULPd_PISXZDwR8KBYRI_6jFbWKr_4REziGx7UmHN6h7hGcZrfRmBwY6VRUmrNp_mfea1M2ZxqZg
Requested by
Host: 2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com
URL: https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 6553 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com
URL: https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 20:25:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
100657
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jun 2022 20:25:02 GMT
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame F63D 		35 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=46742068;rtbwp=YMFbTgAOMRMK4GvHAAdGQX1JGrZnrRc9OkJmhg;rtbdata=213YhU2VLU2RF_ECytzaNoZiqyeJKAYJ_5xWoQZO5axLZbyH7x4NMQ6lzVbaIVSCSJ4dMKlQ7FF2LkGIA6pa6hTJ4LpST6SfndxIUf_Rx_vfF_CtL2cpmz2F4yBVG4BzMmMNdHuK2dhOq0f-djRZhM7k1oK6FVBYJMFVC0H4xNlMzFP0PKy7cymJ_IU6mQ8yoaWiyEmAAY07Vseksh6f3krzvcOouG350;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CY0bKTlvBYJPiOMfXgQfBjJ2oAc_ZtZNczPrvubQJwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTc2MzA5NjExNjM2NDMxMzfIAQmpAr-zE73u-oU-4AIAqAMBqgTnAU_Q2azdlhjSXJ7J_BcRr3YETUtZKsxojz7y1AnVbkQuRblWdhl4pJVUAiFctDrFdD9hTxnXrKXqX7pSejM9B9G6q6GaOIDa9aFh1BVm4kDX8o-g-9INEY_GLXVgDwh76ySjLzDPaDRjBNCxeh1TiaA2JEPUUG0HG0KcVDQYyCqK4irGbtk7RspAd3uWaOQ9HEQZMZa9CPjpUpVF9Q5QDW07xHsHDsZmvl9a0qno57nfvNDP9cgjFiqOCvyWqYcc9qi9E3CRCwUMpYQxKU1vOMU0bB9d0WRz9beTHmb013WZHKhsGjgBDeAEAYAGu6S8_Ky89p9JoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBQiAYRAB8ggbYWR4LXN1YnN5bi05NzY2MTQ2MTk0OTA1MzUx-gsCCAGADAHQFQGAFwE&num=1&sig=AOD64_1apwOT28n9oBXJRA4pwlo7NjxCFg&client=ca-pub-7630961163643137&adurl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
f6248573434a6b4f50dbfe3166d5892c7e62ee1296a2328d50006fe88510cecf

Request headers

Referer
https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:40 GMT
content-encoding
gzip
last-modified
Tue, 04 May 2021 13:03:07 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Fri, 11 Jun 2021 03:31:54 GMT
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame 6553 		35 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=46742068;rtbwp=YMFbTgAOQwYK4DTHAAZGHmNekn0D4z4hvU_3qA;rtbdata=213YhU2VLU2RF_ECytzaNnrIBjHdcRrRdx5yXZXrreU4m3iAI_iLeg6lzVbaIVSCSJ4dMKlQ7FF2LkGIA6pa6hTJ4LpST6SfndxIUf_Rx_vfF_CtL2cpmz2F4yBVG4BzMmMNdHuK2dhOq0f-djRZhPP3WPufjLmVJMFVC0H4xNlMzFP0PKy7cymJ_IU6mQ8yoaWiyEmAAY07Vseksh6f3gY_XY_D3lCi0;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CdDRFTlvBYIaGOcfpgAeejJmQA8_ZtZNczPrvubQJwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTc2MzA5NjExNjM2NDMxMzfIAQmpAr-zE73u-oU-4AIAqAMBqgTnAU_QfPUVbotTusSB-0D8b6Y1qsnxd8j3tZrjD_KhkZY2IvGg3iDvw-SbKAnmEZnmAr8_zkgL93SlcaCIM8GH2UQ1Ai3dqJ-q8Q8lj8QuMjzHDg0Chre9-ELL3uCXtuXKH9DEEZs_J8hcaJCYSeZaEYUdqkqJQu1ku7s9dQRYhM0CllrzhWt9V23wXWc9ehCu29a8YovdTiT7r7IPik5ldpjia1svA0ymc9WhUpsTRNw1qUNnb97vdMY3PMJWycx2lj2hF0bZiiQ0BgqYIKtMt_nkSr2qCt1kZ-JWmav94Fd-IIjaJQaMcuAEAYAGu6S8_Ky89p9JoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBQiAYRAB8ggbYWR4LXN1YnN5bi05NzY2MTQ2MTk0OTA1MzUx-gsCCAGADAHQFQGAFwE&num=1&sig=AOD64_13oLqTS2-tyeWNBjLuald_WeYpcQ&client=ca-pub-7630961163643137&adurl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
f6248573434a6b4f50dbfe3166d5892c7e62ee1296a2328d50006fe88510cecf

Request headers

Referer
https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:40 GMT
content-encoding
gzip
last-modified
Tue, 04 May 2021 13:03:07 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Fri, 11 Jun 2021 03:31:54 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame B2F4 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
74b9b19e533f7065894dfd6c92e6751b9f0cdcf89d60ba3e0e880acad4385bde

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YMFbSGKU0Ksl.eiRobrDDQAA; CMPS=3202; CMPRO=1117; CMST=YMFbSWDBW0oA; CMRUM3=5160c15b4905a0&5860c15b4905a0&2760c15b490b40&dd60c15b492760&bf60c15b4905a0&e660c15b492760&8360c15b4a276018072662182946732675&f160c15b4905a0&2d60c15b492760CAESEHhPXQd2pOKdVH6pCJNSVpw
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
46|73|4|206|188|105|47|111
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1421
Expires
Thu, 10 Jun 2021 00:22:39 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:39 GMT
Connection
keep-alive
Set-Cookie
CMID=YMFbSGKU0Ksl.eiRobrDDQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 10 Jun 2022 00:22:39 GMT CMPS=3202;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 08 Sep 2021 00:22:39 GMT CMPRO=1117;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 08 Sep 2021 00:22:39 GMT CMRUM3=2d60c15b492760CAESEHhPXQd2pOKdVH6pCJNSVpw&6960c15b4f05a0&bf60c15b4905a0&dd60c15b492760&2e60c15b4f05a0&2f60c15b4f05a0&4960c15b4f05a0&f160c15b4905a0&8360c15b4a276018072662182946732675&e660c15b492760&0460c15b4f05a0&2760c15b490b40&bc60c15b4f05a00&5860c15b4905a0&6f60c15b4f05a0&5160c15b4905a0&ce60c15b4f05a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 10 Jun 2022 00:22:39 GMT CMST=YMFbSWDBW08A;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 11 Jun 2021 00:22:39 GMT
async_usersync
ib.adnxs.com/ Frame 1CAD 		0
754 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:39 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.222.230:80
AN-X-Request-Uuid
5f396f8b-0174-474e-b2d1-b89dcf3a654b
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame A3D0 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2ba7697530bdd01e695c09b7dd7eca73f878377f6459d3f6126efc1790eb26f7

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YMFbSGKU0Ksl.eiRobrDDQAA; CMPS=3202; CMPRO=1117; CMST=YMFbSWDBW0oA; CMRUM3=5160c15b4905a0&5860c15b4905a0&2760c15b490b40&dd60c15b492760&bf60c15b4905a0&e660c15b492760&8360c15b4a276018072662182946732675&f160c15b4905a0&2d60c15b492760CAESEHhPXQd2pOKdVH6pCJNSVpw
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
46|73|130|3|88|47|51|221
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1629
Expires
Thu, 10 Jun 2021 00:22:39 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:39 GMT
Connection
keep-alive
Set-Cookie
CMID=YMFbSGKU0Ksl.eiRobrDDQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 10 Jun 2022 00:22:39 GMT CMPS=3202;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 08 Sep 2021 00:22:39 GMT CMPRO=1117;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 08 Sep 2021 00:22:39 GMT CMST=YMFbSWDBW08A;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 11 Jun 2021 00:22:39 GMT CMRUM3=3360c15b4f05a0&5860c15b4f05a0&4960c15b4f05a0&5160c15b4905a0&2e60c15b4f05a0&2f60c15b4f05a0&8260c15b4fa8c0&8360c15b4a276018072662182946732675&2d60c15b492760CAESEHhPXQd2pOKdVH6pCJNSVpw&f160c15b4905a0&0360c15b4f05a0&2760c15b490b40&dd60c15b4f2760&e660c15b492760&bf60c15b4905a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 10 Jun 2022 00:22:39 GMT
async_usersync
ib.adnxs.com/ Frame AFAC 		0
753 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:39 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.48:80
AN-X-Request-Uuid
e0a1842c-11e3-4040-8c47-da166b698bd8
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 0ED8 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1758358d0928e42c5bbd0a4a4003b82d558ef345ecaf2e5f7d40721f33a07b14

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YMFbSGKU0Ksl.eiRobrDDQAA; CMPS=3202; CMPRO=1117; CMST=YMFbSWDBW0oA; CMRUM3=5160c15b4905a0&5860c15b4905a0&2760c15b490b40&dd60c15b492760&bf60c15b4905a0&e660c15b492760&8360c15b4a276018072662182946732675&f160c15b4905a0&2d60c15b492760CAESEHhPXQd2pOKdVH6pCJNSVpw
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
73|46|130|206|3|109|218|65
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1550
Expires
Thu, 10 Jun 2021 00:22:39 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:39 GMT
Connection
keep-alive
Set-Cookie
CMID=YMFbSGKU0Ksl.eiRobrDDQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 10 Jun 2022 00:22:39 GMT CMPS=3202;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 08 Sep 2021 00:22:39 GMT CMPRO=1117;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 08 Sep 2021 00:22:39 GMT CMST=YMFbSWDBW08A;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 11 Jun 2021 00:22:39 GMT CMRUM3=6d60c15b4f05a0&4160c15b4f05a0&2d60c15b492760CAESEHhPXQd2pOKdVH6pCJNSVpw&dd60c15b492760&bf60c15b4905a0&da60c15b4f2760&4960c15b4f05a0&2e60c15b4f05a0&8360c15b4a276018072662182946732675&8260c15b4fa8c0&f160c15b4905a0&2760c15b490b40&0360c15b4f05a0&e660c15b492760&5860c15b4905a0&ce60c15b4f05a0&5160c15b4905a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 10 Jun 2022 00:22:39 GMT
id
api.britepool.com/v1/britepool/ Frame 		0
0
id
api.britepool.com/v1/britepool/ 		0
0
id
id.crwdcntrl.net/ 		77 B
429 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: ads.pubmatic.com
URL: http://ads.pubmatic.com/AdServer/js/pwt/95054/2912/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.109.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
88097b976a86b73590125551ac1ac07d2fa2fb0b0663bd0f992a23b8a6e03f9e

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:39 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
http://www.justjared.com
cache-control
no-cache
x-server
10.45.20.57
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
content-length
77
expires
0
rid
match.adsrvr.org/track/ 		0
0
async_usersync
ib.adnxs.com/ Frame 8559 		0
754 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:39 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.186:80
AN-X-Request-Uuid
c32ee7d3-009e-440d-a0d7-571499a760de
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame B2F4
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7761284304466057866
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7761284304466057866
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:39 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 10 Jun 2021 00:22:39 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:39 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.55:80
AN-X-Request-Uuid
e2631c3b-f027-4b75-9af9-e8ad5a156fd0
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7761284304466057866
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
YMFbSGKU0Ksl-eiRobrDDQAABF0AAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame B2F4 		43 B
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YMFbSGKU0Ksl-eiRobrDDQAABF0AAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:39 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame B2F4
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2390624913052329021
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2390624913052329021
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:39 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 10 Jun 2021 00:22:39 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2390624913052329021
pragma
no-cache
date
Thu, 10 Jun 2021 00:22:39 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
YMFbSGKU0Ksl-eiRobrDDQAABF0AAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame B2F4
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YMFbSGKU0Ksl-eiRobrDDQAABF0AAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/YMFbSGKU0Ksl-eiRobrDDQAABF0AAAAB
43 B
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YMFbSGKU0Ksl-eiRobrDDQAABF0AAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:40 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Thu, 10 Jun 2021 00:22:40 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://pr-bh.ybp.yahoo.com/sync/casale/YMFbSGKU0Ksl-eiRobrDDQAABF0AAAAB
Connection
keep-alive
Content-Length
0
CookieIndex
rtb.adentifi.com/ Frame B2F4 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.44.64.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
crum
dsum-sec.casalemedia.com/ Frame B2F4
Redirect Chain
  • https://d.adroll.com/cm/index/ssp
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:40 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 10 Jun 2021 00:22:40 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Thu, 10 Jun 2021 00:22:40 GMT
server
nginx/1.18.0
content-length
76
crum
dsum-sec.casalemedia.com/ Frame B2F4
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=286l9JDr1LR8sY5
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=286l9JDr1LR8sY5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:39 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 10 Jun 2021 00:22:39 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:39 GMT
Server
PingMatch/v2.0.30-649-g03fe1b8#rel-ec2-master i-0a1405953f2666354@eu-central-1a@dxedge-app-eu-central-1-prod-asg
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=286l9JDr1LR8sY5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame B2F4
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=871952570536581476&expiration=1624494166
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=871952570536581476&expiration=1624494166
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:46 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 10 Jun 2021 00:22:46 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:46 GMT
server
nginx
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=871952570536581476&expiration=1624494166
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
htw-pixel.gif
js-sec.indexww.com/ht/ Frame B2F4 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YMFbSGKU0Ksl.eiRobrDDQAA%261117
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:39 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"da1f1d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=3474
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Thu, 10 Jun 2021 01:20:33 GMT
crum
dsum-sec.casalemedia.com/ Frame A3D0
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7761284304466057866
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7761284304466057866
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:39 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 10 Jun 2021 00:22:39 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:39 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.39:80
AN-X-Request-Uuid
0753466b-001b-4368-b530-c89b0d2c135f
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7761284304466057866
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
YMFbSGKU0Ksl-eiRobrDDQAABF0AAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame A3D0 		43 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YMFbSGKU0Ksl-eiRobrDDQAABF0AAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:39 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame A3D0
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAAzRk7BgrcAADMcIDorAA&expiration=1624494163
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAAzRk7BgrcAADMcIDorAA&expiration=1624494163
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:44 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 10 Jun 2021 00:22:44 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAAzRk7BgrcAADMcIDorAA&expiration=1624494163
Date
Thu, 10 Jun 2021 00:22:43 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
crum
dsum-sec.casalemedia.com/ Frame A3D0
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=b72660c1-5b48-4d00-bd58-4280b2d3c0b0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=b72660c1-5b48-4d00-bd58-4280b2d3c0b0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:44 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 10 Jun 2021 00:22:44 GMT

Redirect headers

Date
Thu, 10 Jun 2021 00:22:37 GMT
Server
MT3 3759 5f8f15b master zrh-pixel-x12
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=b72660c1-5b48-4d00-bd58-4280b2d3c0b0
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 10 Jun 2021 00:22:36 GMT
rum
dsum-sec.casalemedia.com/ Frame A3D0
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YMFbSAABq73bxAA4
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YMFbSAABq73bxAA4
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:46 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 10 Jun 2021 00:22:46 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:46 GMT
via
1.1 varnish
server
Varnish
x-timer
S1623284567.629260,VS0,VE0
x-served-by
cache-fra19169-FRA
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YMFbSAABq73bxAA4
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame A3D0
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=286l9JDr1LR8sY5
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=286l9JDr1LR8sY5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:39 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 10 Jun 2021 00:22:39 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:39 GMT
Server
PingMatch/v2.0.30-649-g03fe1b8#rel-ec2-master i-077182e85f3323570@eu-central-1a@dxedge-app-eu-central-1-prod-asg
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=286l9JDr1LR8sY5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum.casalemedia.com/ Frame A3D0
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=index
  • https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=index&bsw_uid=28089516-6d3a-4447-b279-e92369718e38
  • https://a.volvelle.tech/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=index&bsw_uid=28089516-6d3a-4447-b279-e92369718e38
  • https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=351e790b-e7f1-45ce-bc35-1fd259b31e21&ssp=index
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=28089516-6d3a-4447-b279-e92369718e38
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=28089516-6d3a-4447-b279-e92369718e38
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:41 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 10 Jun 2021 00:22:41 GMT

Redirect headers

location
//dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=28089516-6d3a-4447-b279-e92369718e38
date
Thu, 10 Jun 2021 00:22:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
tpid=YMFbSGKU0Ksl.eiRobrDDQAA%261117
bcp.crwdcntrl.net/map/c=6725/tp=INDX/ Frame A3D0 		0
0
htw-pixel.gif
js-sec.indexww.com/ht/ Frame A3D0 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YMFbSGKU0Ksl.eiRobrDDQAA%261117
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:39 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"da1f1d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=3474
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Thu, 10 Jun 2021 01:20:33 GMT
YMFbSGKU0Ksl-eiRobrDDQAABF0AAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 0ED8 		43 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YMFbSGKU0Ksl-eiRobrDDQAABF0AAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:39 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 0ED8
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7761284304466057866
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7761284304466057866
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:39 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 10 Jun 2021 00:22:39 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:39 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.232:80
AN-X-Request-Uuid
61ea34eb-6f8a-414c-aa70-18c7af18a6a4
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7761284304466057866
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 0ED8
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAA55E7BgrcAADM_IDorAA&expiration=1624494163
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAA55E7BgrcAADM_IDorAA&expiration=1624494163
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:44 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 10 Jun 2021 00:22:44 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAA55E7BgrcAADM_IDorAA&expiration=1624494163
Date
Thu, 10 Jun 2021 00:22:43 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
YMFbSGKU0Ksl-eiRobrDDQAABF0AAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 0ED8
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YMFbSGKU0Ksl-eiRobrDDQAABF0AAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/YMFbSGKU0Ksl-eiRobrDDQAABF0AAAAB
43 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YMFbSGKU0Ksl-eiRobrDDQAABF0AAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:40 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Thu, 10 Jun 2021 00:22:40 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://pr-bh.ybp.yahoo.com/sync/casale/YMFbSGKU0Ksl-eiRobrDDQAABF0AAAAB
Connection
keep-alive
Content-Length
0
crum
dsum-sec.casalemedia.com/ Frame 0ED8
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=b72660c1-5b48-4d00-bd58-4280b2d3c0b0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=b72660c1-5b48-4d00-bd58-4280b2d3c0b0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:44 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 10 Jun 2021 00:22:44 GMT

Redirect headers

Date
Thu, 10 Jun 2021 00:22:37 GMT
Server
MT3 3759 5f8f15b master zrh-pixel-x26
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=b72660c1-5b48-4d00-bd58-4280b2d3c0b0
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 10 Jun 2021 00:22:36 GMT
crum
dsum-sec.casalemedia.com/ Frame 0ED8
Redirect Chain
  • https://cm.ctnsnet.com/int/cm?exc=19
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=85ccf6c4a7c34ec6b41e6bee6624d15c&expiration=1625876564
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=85ccf6c4a7c34ec6b41e6bee6624d15c&expiration=1625876564&C=1
43 B
1019 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=85ccf6c4a7c34ec6b41e6bee6624d15c&expiration=1625876564&C=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:44 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 10 Jun 2021 00:22:44 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:44 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=85ccf6c4a7c34ec6b41e6bee6624d15c&expiration=1625876564&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
323
Expires
Thu, 10 Jun 2021 00:22:44 GMT
demconf.jpg
dpm.demdex.net/ Frame 0ED8
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YMFbSGKU0Ksl.eiRobrDDQAA%261117?gdpr_consent=&us_privacy=&gdpr=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YMFbSGKU0Ksl.eiRobrDDQAA%261117
42 B
973 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YMFbSGKU0Ksl.eiRobrDDQAA%261117
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.101.97 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-101-97.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v008-0a748d4c3.edge-irl1.demdex.com 6.3.0.20210527085910-PR_1432-SNAPSHOT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
a77ufzI1S2s=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v008-0e550184e.edge-irl1.demdex.com 6.3.0.20210527085910-PR_1432-SNAPSHOT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
6MfudtvVT+c=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YMFbSGKU0Ksl.eiRobrDDQAA%261117
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
rum
dsum.casalemedia.com/ Frame 0ED8
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1623370959
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1623370959
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:41 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Thu, 10 Jun 2021 00:22:41 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1623370959
pragma
no-cache
date
Thu, 10 Jun 2021 00:22:39 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 0ED8 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YMFbSGKU0Ksl.eiRobrDDQAA%261117
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:39 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"da1f1d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=3474
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Thu, 10 Jun 2021 01:20:33 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame CE47 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/AdServer/js/showad.js
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=243001C2-55CB-49FA-8475-D0132988CDB5; KRTBCOOKIE_1051=22884-18072662182946732675; PUBMDCID=3; chkChromeAb67Sec=1; DPSync3=1623369600%3A174%7C1624492800%3A197_219_201; SyncRTB3=1624492800%3A71_21_161_7_56_54_3_220_13%7C1624579200%3A35; KRTBCOOKIE_377=6810-d2513907-50a7-4b1a-a831-996b2a9a1e2d&KRTB&22918-d2513907-50a7-4b1a-a831-996b2a9a1e2d&KRTB&23031-d2513907-50a7-4b1a-a831-996b2a9a1e2d; PugT=1623284557; SPugT=1623284557; repi=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

last-modified
Tue, 11 May 2021 05:24:02 GMT
etag
"13006b6-96ca-5c2071a26cca4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13964
content-type
text/html; charset=UTF-8
cache-control
public, max-age=39891
expires
Thu, 10 Jun 2021 11:27:30 GMT
date
Thu, 10 Jun 2021 00:22:39 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame DCB1 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/AdServer/js/showad.js
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=243001C2-55CB-49FA-8475-D0132988CDB5; KRTBCOOKIE_1051=22884-18072662182946732675; PUBMDCID=3; chkChromeAb67Sec=1; DPSync3=1623369600%3A174%7C1624492800%3A197_219_201; SyncRTB3=1624492800%3A71_21_161_7_56_54_3_220_13%7C1624579200%3A35; KRTBCOOKIE_377=6810-d2513907-50a7-4b1a-a831-996b2a9a1e2d&KRTB&22918-d2513907-50a7-4b1a-a831-996b2a9a1e2d&KRTB&23031-d2513907-50a7-4b1a-a831-996b2a9a1e2d; PugT=1623284557; SPugT=1623284557; repi=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

last-modified
Tue, 11 May 2021 05:24:02 GMT
etag
"13006b6-96ca-5c2071a26cca4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13964
content-type
text/html; charset=UTF-8
cache-control
public, max-age=39891
expires
Thu, 10 Jun 2021 11:27:30 GMT
date
Thu, 10 Jun 2021 00:22:39 GMT
vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame CE47 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=52542372&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
c221738b15c839ae6859f7d87c8355c0e2c2f7d98825deeee80df4c21ddd3389

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:38 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame 5976
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6971954097301878934
42 B
366 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6971954097301878934
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6971954097301878934
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=243001C2-55CB-49FA-8475-D0132988CDB5; KRTBCOOKIE_1051=22884-18072662182946732675; PUBMDCID=3; KRTBCOOKIE_377=6810-d2513907-50a7-4b1a-a831-996b2a9a1e2d&KRTB&22918-d2513907-50a7-4b1a-a831-996b2a9a1e2d&KRTB&23031-d2513907-50a7-4b1a-a831-996b2a9a1e2d; SPugT=1623284557; chkChromeAb67Sec=2; DPSync3=1624492800%3A201_221_226_227_232_197_219%7C1623369600%3A174; SyncRTB3=1623888000%3A2_223_15%7C1625875200%3A203%7C1624492800%3A56_54_13_166_161_71_7_8_81_55_21_3_220_22%7C1624579200%3A35%7C1624147200%3A63; KRTBCOOKIE_22=14911-2390624913052329021; PugT=1623284559
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 10 Jun 2021 00:22:40 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_1101=23040-6971954097301878934; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 10-Jul-2021 00:22:40 GMT; path=/ PugT=1623284560; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 10-Jul-2021 00:22:40 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 08-Sep-2021 00:22:40 GMT; path=/
x-lat
lhrpug009:0:486
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Thu, 10 Jun 2021 00:22:40 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=6971954097301878934; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6971954097301878934
Pug
image2.pubmatic.com/AdServer/ Frame D6DE
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBNTVFN0JncmNBQURNX0lEb3JBQQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAA55E7BgrcAADM_IDorAA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_curre...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=3652133321888945880
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAAzRk7BgrcAADMcIDorAA&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D3652133321888945880%26bee_sync_partners%3Dpm%26bee_sync...
  • https://match.prod.bidr.io/cookie-sync?userid=3652133321888945880&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAAzRk7BgrcAADMcIDorAA&pid=558502&d...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAAzRk7BgrcAADMcIDorAA
42 B
522 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAAzRk7BgrcAADMcIDorAA
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAAzRk7BgrcAADMcIDorAA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=243001C2-55CB-49FA-8475-D0132988CDB5; KRTBCOOKIE_1051=22884-18072662182946732675; PUBMDCID=3; KRTBCOOKIE_377=6810-d2513907-50a7-4b1a-a831-996b2a9a1e2d&KRTB&22918-d2513907-50a7-4b1a-a831-996b2a9a1e2d&KRTB&23031-d2513907-50a7-4b1a-a831-996b2a9a1e2d; KRTBCOOKIE_22=14911-2390624913052329021; KRTBCOOKIE_1101=23040-6971954097301878934; PugT=1623284560; KRTBCOOKIE_466=16530-28089516-6d3a-4447-b279-e92369718e38; chkChromeAb67Sec=3; DPSync3=1624492800%3A201_232_197_219_235_221_226_227%7C1623369600%3A174; SyncRTB3=1625875200%3A203%7C1624492800%3A13_55_21_3_230_56_54_161_71_165_204_7_99_234_88_166_8_81_220_22%7C1624147200%3A63%7C1623888000%3A223_2_15%7C1624579200%3A35; SPugT=1623284561
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 10 Jun 2021 00:22:41 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_699=22727-AAAzRk7BgrcAADMcIDorAA; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 10-Jul-2021 00:22:41 GMT; path=/ PugT=1623284561; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 10-Jul-2021 00:22:41 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 08-Sep-2021 00:22:41 GMT; path=/
x-lat
amspug004:0:411
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Date
Thu, 10 Jun 2021 00:22:43 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAAzRk7BgrcAADMcIDorAA
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
usersync
rtb.gumgum.com/ Frame B621 		35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=pbm&i=243001C2-55CB-49FA-8475-D0132988CDB5
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.41.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=pbm&i=243001C2-55CB-49FA-8475-D0132988CDB5
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
cs=true; loc=6w2LaLFVVEsKeEYDbKODy-cmQlLX826CTV8Ymt8iPk0IH9fAdwz9ELRbeFQtJW1PMyKQbd06DJpuPD5VDA-jgw; vst=e_9cfc47e5-d880-4d32-b76a-dcf8c5c95563
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Thu, 10 Jun 2021 00:22:39 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*
Artemis
aud.pubmatic.com/AdServer/ Frame CE47
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=243001C2-55CB-49FA-8475-D0132988CDB5&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=243001C2-55CB-49FA-8475-D0132988CDB5&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=243001C2-55CB-49FA-8475-D0132988CDB5&addseg=31
7 B
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=243001C2-55CB-49FA-8475-D0132988CDB5&addseg=31
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.87 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:56 GMT
content-length
7
content-type
text/plain; charset=utf-8

Redirect headers

date
Thu, 10 Jun 2021 00:22:56 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=243001C2-55CB-49FA-8475-D0132988CDB5&addseg=31
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
135
info2
uipglob.semasio.net/pubmatic/1/ Frame CE47
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=243001C2-55CB-49FA-8475-D0132988CDB5&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=243001C2-55CB-49FA-8475-D0132988CDB5&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=243001C2-55CB-49FA-8475-D0132988CDB5&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 Hjørring, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:54 GMT
frontend-id
6
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:54 GMT
frontend-id
9
location
/pubmatic/1/info2?sType=sync&sExtCookieId=243001C2-55CB-49FA-8475-D0132988CDB5&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
mw
mwzeom.zeotap.com/ Frame CE47 		95 B
490 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=243001C2-55CB-49FA-8475-D0132988CDB5
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:39 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
65ce7253cc50c28b-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a94e5c8620000c28bca03a000000001
/
loadm.exelator.com/load/ Frame CE47
Redirect Chain
  • https://loadm.exelator.com/load/?p=204&g=71&buid=243001C2-55CB-49FA-8475-D0132988CDB5&gdpr=0&gdpr_consent=&j=0
  • https://loadm.exelator.com/load/?p=204&g=71&buid=243001C2-55CB-49FA-8475-D0132988CDB5&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=71&buid=243001C2-55CB-49FA-8475-D0132988CDB5&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.126.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-126-47.eu-central-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:54 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date
Thu, 10 Jun 2021 00:22:54 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://loadm.exelator.com/load/?p=204&g=71&buid=243001C2-55CB-49FA-8475-D0132988CDB5&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
cache-control
no-cache
access-control-allow-credentials
true
content-type
image/gif
content-length
0
SPug
image4.pubmatic.com/AdServer/ Frame CE47
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=243001C2-55CB-49FA-8475-D0132988CDB5&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-4qK6xF1E2uUxHQZgRUjO9OhRgItAAuA-~A&gdpr=0&gdpr_consent=
0
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-4qK6xF1E2uUxHQZgRUjO9OhRgItAAuA-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cnection
close
date
Thu, 10 Jun 2021 00:22:38 GMT
content-encoding
gzip
server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache
content-type
text/plain; charset=utf-8

Redirect headers

Date
Thu, 10 Jun 2021 00:22:40 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-4qK6xF1E2uUxHQZgRUjO9OhRgItAAuA-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame CE47
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=TMaT0k-UxNpXl8bbHMLdhk7HyIJXk8PaHsXKbE_o
42 B
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=TMaT0k-UxNpXl8bbHMLdhk7HyIJXk8PaHsXKbE_o
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:42 GMT
cache-control
no-store, no-cache, private
x-lat
amspug013:0:428
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:39 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=TMaT0k-UxNpXl8bbHMLdhk7HyIJXk8PaHsXKbE_o
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame CE47
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_uid=28089516-6d3a-4447-b279-e92369718e38
  • https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=0&user_id=&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=28089516-6d3a-4447-b279-e92369718e38&gdpr=&gdpr_consent=&gdpr_pd=
1 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=28089516-6d3a-4447-b279-e92369718e38&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:40 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug003:0:410
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=28089516-6d3a-4447-b279-e92369718e38&gdpr=&gdpr_consent=&gdpr_pd=
date
Thu, 10 Jun 2021 00:22:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame CE47
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YMFbSAABq73bxAA4&gdpr=0&gdpr_consent=
1 B
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YMFbSAABq73bxAA4&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:46 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug006:0:356
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:46 GMT
via
1.1 varnish
server
Varnish
x-timer
S1623284567.629318,VS0,VE0
x-served-by
cache-fra19169-FRA
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YMFbSAABq73bxAA4&gdpr=0&gdpr_consent=
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Pug
simage2.pubmatic.com/AdServer/ Frame CE47
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2390624913052329021&gdpr=0&gdpr_consent=&us_privacy=
1 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2390624913052329021&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:39 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug005:0:481
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2390624913052329021&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 10 Jun 2021 00:22:39 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
current
pubmatic-match.dotomi.com/match/bounce/ Frame CE47 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=243001C2-55CB-49FA-8475-D0132988CDB5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2010 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:39 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pubmaticmatch
match.adsby.bidtheatre.com/ Frame CE47 		0
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame CE47 		0
0
/
track.adform.net/adfserve/ Frame F63D 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?CC=1&bn=46742068;rtbwp=YMFbTgAOMRMK4GvHAAdGQX1JGrZnrRc9OkJmhg;rtbdata=213YhU2VLU2RF_ECytzaNoZiqyeJKAYJ_5xWoQZO5axLZbyH7x4NMQ6lzVbaIVSCSJ4dMKlQ7FF2LkGIA6pa6hTJ4LpST6SfndxIUf_Rx_vfF_CtL2cpmz2F4yBVG4BzMmMNdHuK2dhOq0f-djRZhM7k1oK6FVBYJMFVC0H4xNlMzFP0PKy7cymJ_IU6mQ8yoaWiyEmAAY07Vseksh6f3krzvcOouG350;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CY0bKTlvBYJPiOMfXgQfBjJ2oAc_ZtZNczPrvubQJwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTc2MzA5NjExNjM2NDMxMzfIAQmpAr-zE73u-oU-4AIAqAMBqgTnAU_Q2azdlhjSXJ7J_BcRr3YETUtZKsxojz7y1AnVbkQuRblWdhl4pJVUAiFctDrFdD9hTxnXrKXqX7pSejM9B9G6q6GaOIDa9aFh1BVm4kDX8o-g-9INEY_GLXVgDwh76ySjLzDPaDRjBNCxeh1TiaA2JEPUUG0HG0KcVDQYyCqK4irGbtk7RspAd3uWaOQ9HEQZMZa9CPjpUpVF9Q5QDW07xHsHDsZmvl9a0qno57nfvNDP9cgjFiqOCvyWqYcc9qi9E3CRCwUMpYQxKU1vOMU0bB9d0WRz9beTHmb013WZHKhsGjgBDeAEAYAGu6S8_Ky89p9JoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBQiAYRAB8ggbYWR4LXN1YnN5bi05NzY2MTQ2MTk0OTA1MzUx-gsCCAGADAHQFQGAFwE&num=1&sig=AOD64_1apwOT28n9oBXJRA4pwlo7NjxCFg&client=ca-pub-7630961163643137&adurl=;js=1;adfxid=1x;5584;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=http%3A%2F%2Fwww.justjared.com
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e9249ae527fa7da9d4880430969e7035ead404d1348401f09a95f43911d76613
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:40 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
3456
expires
-1
/
track.adform.net/adfserve/ Frame 6553 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?CC=1&bn=46742068;rtbwp=YMFbTgAOQwYK4DTHAAZGHmNekn0D4z4hvU_3qA;rtbdata=213YhU2VLU2RF_ECytzaNnrIBjHdcRrRdx5yXZXrreU4m3iAI_iLeg6lzVbaIVSCSJ4dMKlQ7FF2LkGIA6pa6hTJ4LpST6SfndxIUf_Rx_vfF_CtL2cpmz2F4yBVG4BzMmMNdHuK2dhOq0f-djRZhPP3WPufjLmVJMFVC0H4xNlMzFP0PKy7cymJ_IU6mQ8yoaWiyEmAAY07Vseksh6f3gY_XY_D3lCi0;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CdDRFTlvBYIaGOcfpgAeejJmQA8_ZtZNczPrvubQJwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTc2MzA5NjExNjM2NDMxMzfIAQmpAr-zE73u-oU-4AIAqAMBqgTnAU_QfPUVbotTusSB-0D8b6Y1qsnxd8j3tZrjD_KhkZY2IvGg3iDvw-SbKAnmEZnmAr8_zkgL93SlcaCIM8GH2UQ1Ai3dqJ-q8Q8lj8QuMjzHDg0Chre9-ELL3uCXtuXKH9DEEZs_J8hcaJCYSeZaEYUdqkqJQu1ku7s9dQRYhM0CllrzhWt9V23wXWc9ehCu29a8YovdTiT7r7IPik5ldpjia1svA0ymc9WhUpsTRNw1qUNnb97vdMY3PMJWycx2lj2hF0bZiiQ0BgqYIKtMt_nkSr2qCt1kZ-JWmav94Fd-IIjaJQaMcuAEAYAGu6S8_Ky89p9JoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBQiAYRAB8ggbYWR4LXN1YnN5bi05NzY2MTQ2MTk0OTA1MzUx-gsCCAGADAHQFQGAFwE&num=1&sig=AOD64_13oLqTS2-tyeWNBjLuald_WeYpcQ&client=ca-pub-7630961163643137&adurl=;js=1;adfxid=2x;5717;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=http%3A%2F%2Fwww.justjared.com
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
4698afeb8a607026f1dc2bd145a6f0c2cbaf8e6ab89f7efed42cc64baf3c0873
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:40 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
3444
expires
-1
wrap.js
confiant-integrations.global.ssl.fastly.net/prebid/202106012030/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://confiant-integrations.global.ssl.fastly.net/prebid/202106012030/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: http://confiant-integrations.global.ssl.fastly.net/pOIAx-8QWovHK9PBpEctv-fzgXs/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Server
151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
68b89c1f3ec9e9be7dc91c35dfc3184b2f0d88aaf7764da9f9e1322e047f8345

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:40 GMT
Content-Encoding
gzip
Age
575
X-Cache
HIT
Connection
keep-alive
Content-Length
29396
x-amz-id-2
7m6Yw4ElyZ05oE4btnz5SnKP2bgMGFo8+bCa4kJbQixpZvzXWdRNTJ9QXxYd40MfuWBESXjW+tU=
X-Served-By
cache-hhn4072-HHN
Last-Modified
Wed, 02 Jun 2021 00:32:24 GMT
Server
AmazonS3
X-Timer
S1623284561.756679,VS0,VE0
ETag
"098c45e4f29dbf25022a0bb481509278"
x-amz-request-id
GXXM7F5NCF02MCEF
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
169
impression_tracker.php
assets.bly.ch/tool/php/ Frame F63D 		1 KB
524 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bly.ch/tool/php/impression_tracker.php?type=js&creative_id=44198068&campaign_id=2319764
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.130.16.67 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
veramedia1.timmeserver.de
Software
nginx /
Resource Hash
34685fe875aff4e059dd8d9c5e8c402b3c8b0a9e4f8560fea983678c98a2ea6f

Request headers

Referer
https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:40 GMT
content-encoding
br
server
nginx
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
x-bly-info
Opt Out under https://www.bly.ch/opt-out/
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cross-origin-resource-policy
cross-origin
/
track.adform.net/csimpr/ Frame F63D 		35 B
503 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=46742068&csi=WE5CDpTaNM6pOA5vcMuEhjS1uIbZ2nSNtM-jBG0WA0_rygPkIxxfkxQtvt_D0oVnM3aIED92xfa0wB3_j1N2wWQBbo50IEXs0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:40 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
inv.gif
img.tradedoubler.com/images/ Frame F63D
Redirect Chain
  • https://impch.tradedoubler.com/imp?type(inv)g(24852340)a(3014885)&rnd=52959
  • https://img.tradedoubler.com/images/inv.gif
43 B
565 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.tradedoubler.com/images/inv.gif
Requested by
Host: 2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com
URL: https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.174.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 09 Jun 2021 17:50:15 GMT
Via
1.1 a9cd237416fb828127279373bfd596cb.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Fri, 19 Nov 2004 15:35:04 GMT
Server
Apache
Age
23549
ETag
"2b-3e93e402bfa00"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Cache-Control
max-age=604800, public
X-Amz-Cf-Pop
CDG50-P2
Accept-Ranges
bytes
Content-Length
43
X-Amz-Cf-Id
utLOPdk5yqGqUJ7omaTYRy1zQhLD2A3TFJdZmfF6DcY349zx2NZSkQ==
Expires
Wed, 16 Jun 2021 17:50:15 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:43 GMT
via
1.1 google
referrer-policy
origin
server
TXServerHttp
location
https://img.tradedoubler.com/images/inv.gif
p3p
policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
access-control-allow-origin
*
cache-control
private, max-age=0
content-type
text/html; charset=ISO-8859-1
alt-svc
clear
content-length
248
impression_tracker.php
assets.bly.ch/tool/php/ Frame F63D 		0
221 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.bly.ch/tool/php/impression_tracker.php?pid=1400&campaign=2319764&rnd=26700
Requested by
Host: 2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com
URL: https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.130.16.67 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
veramedia1.timmeserver.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:40 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
x-bly-info
Opt Out under https://www.bly.ch/opt-out/
server
nginx
cross-origin-resource-policy
cross-origin
content-type
image/png
impression_tracker.php
assets.bly.ch/tool/php/ Frame 6553 		1 KB
523 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bly.ch/tool/php/impression_tracker.php?type=js&creative_id=44198068&campaign_id=2319764
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.130.16.67 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
veramedia1.timmeserver.de
Software
nginx /
Resource Hash
34685fe875aff4e059dd8d9c5e8c402b3c8b0a9e4f8560fea983678c98a2ea6f

Request headers

Referer
https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:40 GMT
content-encoding
br
server
nginx
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
x-bly-info
Opt Out under https://www.bly.ch/opt-out/
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cross-origin-resource-policy
cross-origin
/
track.adform.net/csimpr/ Frame 6553 		35 B
503 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=46742068&csi=mXXUV9fkougziLNbfnaBumRjFUcvNhOitM-jBG0WA0_rygPkIxxfk4UU6jlCJvPk7Zidklo7ZfYSMM1UcZ_uamQBbo50IEXs0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:40 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
inv.gif
img.tradedoubler.com/images/ Frame 6553
Redirect Chain
  • https://impch.tradedoubler.com/imp?type(inv)g(24852340)a(3014885)&rnd=65934
  • https://img.tradedoubler.com/images/inv.gif
43 B
565 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.tradedoubler.com/images/inv.gif
Requested by
Host: 2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com
URL: https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.174.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 09 Jun 2021 17:50:15 GMT
Via
1.1 a9cd237416fb828127279373bfd596cb.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Fri, 19 Nov 2004 15:35:04 GMT
Server
Apache
Age
23549
ETag
"2b-3e93e402bfa00"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Cache-Control
max-age=604800, public
X-Amz-Cf-Pop
CDG50-P2
Accept-Ranges
bytes
Content-Length
43
X-Amz-Cf-Id
qZwLCZ0G0VdqMEkJzzOFqI3Yp-5qgwLyL6NwmqU9F90oEqgbT6WFEQ==
Expires
Wed, 16 Jun 2021 17:50:15 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:43 GMT
via
1.1 google
referrer-policy
origin
server
TXServerHttp
location
https://img.tradedoubler.com/images/inv.gif
p3p
policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
access-control-allow-origin
*
cache-control
private, max-age=0
content-type
text/html; charset=ISO-8859-1
alt-svc
clear
content-length
248
impression_tracker.php
assets.bly.ch/tool/php/ Frame 6553 		0
221 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.bly.ch/tool/php/impression_tracker.php?pid=1400&campaign=2319764&rnd=52138
Requested by
Host: 2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com
URL: https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.130.16.67 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
veramedia1.timmeserver.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:40 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
x-bly-info
Opt Out under https://www.bly.ch/opt-out/
server
nginx
cross-origin-resource-policy
cross-origin
content-type
image/png
ThirdParty
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.206/e/igSBggDA/i/vCAv.IAAAAAoAA/r:types/ Frame F63D 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.206/e/igSBggDA/i/vCAv.IAAAAAoAA/r:types/ThirdParty
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
0b0f62719efee7a8a3548115ada8f568a54709e7843a6ead1e6032111ae07ea2

Request headers

Referer
https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:40 GMT
content-encoding
gzip
last-modified
Tue, 04 May 2021 13:03:07 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Fri, 11 Jun 2021 03:12:17 GMT
ThirdParty
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.206/e/igSBggDA/i/vCAv.IAAAAAoAA/r:types/ Frame 6553 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.206/e/igSBggDA/i/vCAv.IAAAAAoAA/r:types/ThirdParty
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
0b0f62719efee7a8a3548115ada8f568a54709e7843a6ead1e6032111ae07ea2

Request headers

Referer
https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:40 GMT
content-encoding
gzip
last-modified
Tue, 04 May 2021 13:03:07 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Fri, 11 Jun 2021 03:12:17 GMT
Cookie set /
www.post.ch/de/ Frame A55B
Redirect Chain
  • https://cct.connects.ch/tpv.php?t=116404V1571145373M
  • https://cct.shop.post.ch/tpv.php?t=116404V1571145373M&sdtr=1
  • https://tracking.adtracker.ch/link/red/l/Mzg2?utm_medium=Referral&utm_source=Affiliate&utm_campaign=connects&lea_source=2021061002224451320574857X116404V1571145373M
  • https://www.post.ch/?lea_source=2021061002224451320574857X116404V1571145373M
  • https://www.post.ch/de?lea_source=2021061002224451320574857X116404V1571145373M
  • https://www.post.ch/de/
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.post.ch/de/
Requested by
Host: assets.bly.ch
URL: https://assets.bly.ch/tool/php/impression_tracker.php?type=js&creative_id=44198068&campaign_id=2319764
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a00:17c8:0:103::20a Bern, Switzerland, ASN12511 (CH-POSTNETZ Post CH AG, CH),
Reverse DNS
Software
Delivery3 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.pnet.ch *.post.ch *.becompany.ch *.signdemo.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
www.post.ch
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/

Response headers

Date
Wed, 09 Jun 2021 23:55:21 GMT
Server
Delivery3
Strict-Transport-Security
max-age=31536000
Set-Cookie
ittrksessid=8af8c0b9.5c45e63d603c7;HttpOnly;Secure; path=/
X-Xss-Protection
1; mode=block
Referrer-Policy
no-referrer-when-downgrade
X-Content-Type-Options
nosniff
Cache-Control
max-age=1800
Content-Type
text/html; charset=utf-8
Expires
Thu, 10 Jun 2021 00:25:21 GMT
Vary
Accept-Encoding
Content-Security-Policy
frame-ancestors 'self' *.pnet.ch *.post.ch *.becompany.ch *.signdemo.com
X-Frame-Options
SAMEORIGIN
X-UA-Compatible
IE=Edge
Age
1642
Accept-Ranges
bytes
Content-Encoding
gzip
Keep-Alive
timeout=5
Connection
Keep-Alive
Transfer-Encoding
chunked

Redirect headers

Date
Thu, 10 Jun 2021 00:22:28 GMT
Server
Delivery1
Strict-Transport-Security
max-age=31536000
Set-Cookie
ittrksessid=9a078217.5c45e63d59e64;HttpOnly;Secure; path=/
X-Xss-Protection
1; mode=block
Referrer-Policy
no-referrer-when-downgrade
X-Content-Type-Options
nosniff
Content-Type
text/html; charset=utf-8
Location
/de/
Content-Security-Policy
frame-ancestors 'self' *.pnet.ch *.post.ch *.becompany.ch *.signdemo.com
X-UA-Compatible
IE=Edge
Age
15
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
111
Keep-Alive
timeout=5
Connection
Keep-Alive
inv.gif
img.tradedoubler.com/images/ Frame 9A98
Redirect Chain
  • https://impch.tradedoubler.com/imp?type(inv)g(24852354)a(3014885)
  • https://img.tradedoubler.com/images/inv.gif
43 B
565 B 		Document
General
Check archive.org
Download Go to
Full URL
https://img.tradedoubler.com/images/inv.gif
Requested by
Host: assets.bly.ch
URL: https://assets.bly.ch/tool/php/impression_tracker.php?type=js&creative_id=44198068&campaign_id=2319764
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.174.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Host
img.tradedoubler.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
UI=1z11zzoWzwXcEXz1PXhyK9bM; BT=1z11zzoWz1ymrBdzcSXVlVZzz4x1z9ycSXVlVZ; PI=1z11z1zoWz284Jq8zEe5iy1y230P6y1eGbyyyAweBy1TShy2Fuo4eyyy
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/

Response headers

Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Server
Apache
Last-Modified
Fri, 19 Nov 2004 15:35:04 GMT
Accept-Ranges
bytes
Date
Wed, 09 Jun 2021 17:50:15 GMT
Expires
Wed, 16 Jun 2021 17:50:15 GMT
Cache-Control
max-age=604800, public
ETag
"2b-3e93e402bfa00"
X-Cache
Hit from cloudfront
Via
1.1 a9cd237416fb828127279373bfd596cb.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
CDG50-P2
X-Amz-Cf-Id
awYMU4ZmC5XhammP4t8IgFQBG8yIUt9WGURcgaQ5E-MMXNGjoQBeFg==
Age
23548

Redirect headers

location
https://img.tradedoubler.com/images/inv.gif
set-cookie
BT=1z11zzoWz1pV5JTzcSXVlVYzz4x1z9ycSXVlVY;expires=Fri, 10-Jun-2022 00:22:43 GMT;path=/;domain=.tradedoubler.com;SameSite=None; Secure PI=1z11z1zoWz2RITFlzEe5iy1y230PKy1eGbyyyAweBy1TShy2Fuo4eyyy;expires=Fri, 10-Jun-2022 00:22:43 GMT;path=/;domain=.tradedoubler.com;SameSite=None; Secure UI=1z11zzoWzwXcEXz1PXhyK9bM;expires=Fri, 10-Jun-2022 00:22:43 GMT;path=/;domain=.tradedoubler.com;SameSite=None; Secure
server
TXServerHttp
access-control-allow-origin
*
cache-control
private, max-age=0
pragma
no-cache
p3p
policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
referrer-policy
origin
date
Thu, 10 Jun 2021 00:22:43 GMT
content-length
248
content-type
text/html; charset=ISO-8859-1
via
1.1 google
alt-svc
clear
inv.gif
img.tradedoubler.com/images/ Frame 7F67
Redirect Chain
  • https://impch.tradedoubler.com/imp?type(inv)g(24936634)a(3014885)
  • https://img.tradedoubler.com/images/inv.gif
43 B
565 B 		Document
General
Check archive.org
Download Go to
Full URL
https://img.tradedoubler.com/images/inv.gif
Requested by
Host: assets.bly.ch
URL: https://assets.bly.ch/tool/php/impression_tracker.php?type=js&creative_id=44198068&campaign_id=2319764
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.174.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Host
img.tradedoubler.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
UI=1z11zzoWzwXcEXz1PXhyK9bM; BT=1z11zzoWz1ymrBdzcSXVlVZzz4x1z9ycSXVlVZ; PI=1z11z1zoWz284Jq8zEe5iy1y230P6y1eGbyyyAweBy1TShy2Fuo4eyyy
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/

Response headers

Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Server
Apache
Last-Modified
Fri, 19 Nov 2004 15:35:04 GMT
Accept-Ranges
bytes
Date
Wed, 09 Jun 2021 17:50:15 GMT
Expires
Wed, 16 Jun 2021 17:50:15 GMT
Cache-Control
max-age=604800, public
ETag
"2b-3e93e402bfa00"
X-Cache
Hit from cloudfront
Via
1.1 a9cd237416fb828127279373bfd596cb.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
CDG50-P2
X-Amz-Cf-Id
Jq6NfYSsWT3wpDj3zzke3W_bh793NYtgG0Gd59czrVU6JrID715k3g==
Age
23548

Redirect headers

location
https://img.tradedoubler.com/images/inv.gif
set-cookie
BT=1z11zzoWz1pV5JTzcSXVlVYzz4x1z9ycSXVlVY;expires=Fri, 10-Jun-2022 00:22:43 GMT;path=/;domain=.tradedoubler.com;SameSite=None; Secure PI=1z11z1zoWz1A3sPGzEe5iy1y23ObmyCaaCyyyB3a4y1Ul0y2Fuo4eyyy;expires=Fri, 10-Jun-2022 00:22:43 GMT;path=/;domain=.tradedoubler.com;SameSite=None; Secure UI=1z11zzoWzRdciaz1QngyK9PM;expires=Fri, 10-Jun-2022 00:22:43 GMT;path=/;domain=.tradedoubler.com;SameSite=None; Secure
server
TXServerHttp
access-control-allow-origin
*
cache-control
private, max-age=0
pragma
no-cache
p3p
policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
referrer-policy
origin
date
Thu, 10 Jun 2021 00:22:43 GMT
content-length
248
content-type
text/html; charset=ISO-8859-1
via
1.1 google
alt-svc
clear
index.html
campaigns.cembra.ch/campaigns/de/connects/ Frame 54E0 		426 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://campaigns.cembra.ch/campaigns/de/connects/index.html?ap=116404
Requested by
Host: assets.bly.ch
URL: https://assets.bly.ch/tool/php/impression_tracker.php?type=js&creative_id=44198068&campaign_id=2319764
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a01:ab20:0:203::1:245 , Switzerland, ASN47302 (CYON, CH),
Reverse DNS
Software
/
Resource Hash
913eb8f14d0a12fc4b36e3c42e660450a7a3c1fec874f88c9169a3b89d6b25e3

Request headers

:method
GET
:authority
campaigns.cembra.ch
:scheme
https
:path
/campaigns/de/connects/index.html?ap=116404
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/

Response headers

set-cookie
PHPSESSID=f9d74ade4fa090af36595b46c0d24b29; path=/; domain=.cembra.ch; secure; HttpOnly cembthtlp1=Q0VNQlRDODJBRkZHMDAwMDE5NjgwMTI1MDA5MDAwMDAwMDAwMDA0MTAwMDAwMDAwMDA2MzE2MjMyODQ1NjAwMGNvbm5lY3RzMDBjODFjMjY4ODhlNDU2ZmZlN2Q1OTk0Yjg2YTBjMTlkZQ%3D%3D; expires=Sat, 10-Jul-2021 00:22:40 GMT; Max-Age=2592000; path=/; domain=.cembra.ch; secure; HttpOnly; SameSite=Lax cembtpv1=connects; expires=Sat, 10-Jul-2021 00:22:40 GMT; Max-Age=2592000; path=/; domain=.cembra.ch; secure; SameSite=Lax cembthtlp1_e=MTYyMzI4NDU2MGFmY2RjNGU3Nzc0N2ZkOGZhYzIzNjY4NTlkNmNkMmUwMTE2NDA0; expires=Sat, 10-Jul-2021 00:22:40 GMT; Max-Age=2592000; path=/; domain=.cembra.ch; secure; HttpOnly; SameSite=Lax
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
content-length
301
content-encoding
br
vary
Accept-Encoding
date
Thu, 10 Jun 2021 00:22:40 GMT
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
index.html
campaigns.cembra.ch/campaigns/de/cumulusmc_pv/ Frame 2983 		426 B
865 B 		Document
General
Check archive.org
Download Go to
Full URL
https://campaigns.cembra.ch/campaigns/de/cumulusmc_pv/index.html?version=14010&ap=116404
Requested by
Host: assets.bly.ch
URL: https://assets.bly.ch/tool/php/impression_tracker.php?type=js&creative_id=44198068&campaign_id=2319764
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a01:ab20:0:203::1:245 , Switzerland, ASN47302 (CYON, CH),
Reverse DNS
Software
/
Resource Hash
913eb8f14d0a12fc4b36e3c42e660450a7a3c1fec874f88c9169a3b89d6b25e3

Request headers

:method
GET
:authority
campaigns.cembra.ch
:scheme
https
:path
/campaigns/de/cumulusmc_pv/index.html?version=14010&ap=116404
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/

Response headers

set-cookie
PHPSESSID=1cfe7caf3530251a485acd54ba2f59d2; path=/; domain=.cembra.ch; secure; HttpOnly cembthtlp2=Q0VNQlRDMTcxMDAwMDE0MDEwOTEwMTM5MDAyMTAwMDAwMDAwMDA3OTAwMDAwMDAwMDAzMjE2MjMyODQ1NjAwMGNvbm5lY3RzMDBjNzRiZjVmZTYzZDk1MjMxNzRhMzVjOWEyMDE5ZDE1NA%3D%3D; expires=Sat, 10-Jul-2021 00:22:40 GMT; Max-Age=2592000; path=/; domain=.cembra.ch; secure; HttpOnly; SameSite=Lax cembtpv2=connects; expires=Sat, 10-Jul-2021 00:22:40 GMT; Max-Age=2592000; path=/; domain=.cembra.ch; secure; SameSite=Lax cembthtlp2_e=MTYyMzI4NDU2MGFmY2RjNGU3Nzc0N2ZkOGZhYzIzNjY4NTlkNmNkMmUwMTE2NDA0; expires=Sat, 10-Jul-2021 00:22:40 GMT; Max-Age=2592000; path=/; domain=.cembra.ch; secure; HttpOnly; SameSite=Lax
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
content-length
301
content-encoding
br
vary
Accept-Encoding
date
Thu, 10 Jun 2021 00:22:40 GMT
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
Cookie set /
www.post.ch/de/ Frame 4B5E
Redirect Chain
  • https://cct.connects.ch/tpv.php?t=116404V1571145373M
  • https://cct.shop.post.ch/tpv.php?t=116404V1571145373M&sdtr=1
  • https://tracking.adtracker.ch/link/red/l/Mzg2?utm_medium=Referral&utm_source=Affiliate&utm_campaign=connects&lea_source=2021061002224451320574859X116404V1571145373M
  • https://www.post.ch/?lea_source=2021061002224451320574859X116404V1571145373M
  • https://www.post.ch/de?lea_source=2021061002224451320574859X116404V1571145373M
  • https://www.post.ch/de/
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.post.ch/de/
Requested by
Host: assets.bly.ch
URL: https://assets.bly.ch/tool/php/impression_tracker.php?type=js&creative_id=44198068&campaign_id=2319764
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a00:17c8:0:103::20a Bern, Switzerland, ASN12511 (CH-POSTNETZ Post CH AG, CH),
Reverse DNS
Software
Delivery2 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.pnet.ch *.post.ch *.becompany.ch *.signdemo.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
www.post.ch
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/

Response headers

Date
Wed, 09 Jun 2021 23:55:12 GMT
Server
Delivery2
Strict-Transport-Security
max-age=31536000
Set-Cookie
ittrksessid=271bfa0c.5c45e63d5d2ea;HttpOnly;Secure; path=/
X-Xss-Protection
1; mode=block
Referrer-Policy
no-referrer-when-downgrade
X-Content-Type-Options
nosniff
Cache-Control
max-age=1800
Content-Type
text/html; charset=utf-8
Expires
Thu, 10 Jun 2021 00:25:13 GMT
Vary
Accept-Encoding
Content-Security-Policy
frame-ancestors 'self' *.pnet.ch *.post.ch *.becompany.ch *.signdemo.com
X-Frame-Options
SAMEORIGIN
X-UA-Compatible
IE=Edge
Age
1650
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
17053
Keep-Alive
timeout=5
Connection
Keep-Alive

Redirect headers

Date
Thu, 10 Jun 2021 00:21:45 GMT
Server
Delivery2
Strict-Transport-Security
max-age=31536000
Set-Cookie
ittrksessid=9abd174c.5c45e63d57419;HttpOnly;Secure; path=/
X-Xss-Protection
1; mode=block
Referrer-Policy
no-referrer-when-downgrade
X-Content-Type-Options
nosniff
Content-Type
text/html; charset=utf-8
Location
/de/
Content-Security-Policy
frame-ancestors 'self' *.pnet.ch *.post.ch *.becompany.ch *.signdemo.com
X-UA-Compatible
IE=Edge
Age
58
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
111
Keep-Alive
timeout=5
Connection
Keep-Alive
inv.gif
img.tradedoubler.com/images/ Frame 7FD2
Redirect Chain
  • https://impch.tradedoubler.com/imp?type(inv)g(24852354)a(3014885)
  • https://img.tradedoubler.com/images/inv.gif
43 B
565 B 		Document
General
Check archive.org
Download Go to
Full URL
https://img.tradedoubler.com/images/inv.gif
Requested by
Host: assets.bly.ch
URL: https://assets.bly.ch/tool/php/impression_tracker.php?type=js&creative_id=44198068&campaign_id=2319764
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.174.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Host
img.tradedoubler.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
UI=1z11zzoWzwXcEXz1PXhyK9bM; BT=1z11zzoWz1ymrBdzcSXVlVZzz4x1z9ycSXVlVZ; PI=1z11z1zoWz284Jq8zEe5iy1y230P6y1eGbyyyAweBy1TShy2Fuo4eyyy
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/

Response headers

Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Server
Apache
Last-Modified
Fri, 19 Nov 2004 15:35:04 GMT
Accept-Ranges
bytes
Date
Wed, 09 Jun 2021 17:50:15 GMT
Expires
Wed, 16 Jun 2021 17:50:15 GMT
Cache-Control
max-age=604800, public
ETag
"2b-3e93e402bfa00"
X-Cache
Hit from cloudfront
Via
1.1 a9cd237416fb828127279373bfd596cb.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
CDG50-P2
X-Amz-Cf-Id
7gqBOkIEM5HNxrr-uUMKmvNtXz-6uw1N8sSrx0dWfalM0LfIHWo2mw==
Age
23549

Redirect headers

location
https://img.tradedoubler.com/images/inv.gif
set-cookie
BT=1z11zzoWz1pV5JTzcSXVlVYzz4x1z9ycSXVlVY;expires=Fri, 10-Jun-2022 00:22:43 GMT;path=/;domain=.tradedoubler.com;SameSite=None; Secure PI=1z11z1zoWz2RITFlzEe5iy1y230PKy1eGbyyyAweBy1TShy2Fuo4eyyy;expires=Fri, 10-Jun-2022 00:22:43 GMT;path=/;domain=.tradedoubler.com;SameSite=None; Secure UI=1z11zzoWzwXcEXz1PXhyK9bM;expires=Fri, 10-Jun-2022 00:22:43 GMT;path=/;domain=.tradedoubler.com;SameSite=None; Secure
server
TXServerHttp
access-control-allow-origin
*
cache-control
private, max-age=0
pragma
no-cache
p3p
policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
referrer-policy
origin
date
Thu, 10 Jun 2021 00:22:43 GMT
content-length
248
content-type
text/html; charset=ISO-8859-1
via
1.1 google
alt-svc
clear
inv.gif
img.tradedoubler.com/images/ Frame 5F71
Redirect Chain
  • https://impch.tradedoubler.com/imp?type(inv)g(24936634)a(3014885)
  • https://img.tradedoubler.com/images/inv.gif
43 B
565 B 		Document
General
Check archive.org
Download Go to
Full URL
https://img.tradedoubler.com/images/inv.gif
Requested by
Host: assets.bly.ch
URL: https://assets.bly.ch/tool/php/impression_tracker.php?type=js&creative_id=44198068&campaign_id=2319764
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.174.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Host
img.tradedoubler.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
UI=1z11zzoWzwXcEXz1PXhyK9bM; BT=1z11zzoWz1ymrBdzcSXVlVZzz4x1z9ycSXVlVZ; PI=1z11z1zoWz284Jq8zEe5iy1y230P6y1eGbyyyAweBy1TShy2Fuo4eyyy
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/

Response headers

Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Server
Apache
Last-Modified
Fri, 19 Nov 2004 15:35:04 GMT
Accept-Ranges
bytes
Date
Wed, 09 Jun 2021 17:50:15 GMT
Expires
Wed, 16 Jun 2021 17:50:15 GMT
Cache-Control
max-age=604800, public
ETag
"2b-3e93e402bfa00"
X-Cache
Hit from cloudfront
Via
1.1 a9cd237416fb828127279373bfd596cb.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
CDG50-P2
X-Amz-Cf-Id
y6Ro07tpw-IpxH8-Y5qHhTysJFXoC5etVAMlLFwI-f5I8xIaAfRN5w==
Age
23549

Redirect headers

location
https://img.tradedoubler.com/images/inv.gif
set-cookie
BT=1z11zzoWz1pV5JTzcSXVlVYzz4x1z9ycSXVlVY;expires=Fri, 10-Jun-2022 00:22:43 GMT;path=/;domain=.tradedoubler.com;SameSite=None; Secure PI=1z11z1zoWz1A3sPGzEe5iy1y23ObmyCaaCyyyB3a4y1Ul0y2Fuo4eyyy;expires=Fri, 10-Jun-2022 00:22:43 GMT;path=/;domain=.tradedoubler.com;SameSite=None; Secure UI=1z11zzoWzRdciaz1QngyK9PM;expires=Fri, 10-Jun-2022 00:22:43 GMT;path=/;domain=.tradedoubler.com;SameSite=None; Secure
server
TXServerHttp
access-control-allow-origin
*
cache-control
private, max-age=0
pragma
no-cache
p3p
policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
referrer-policy
origin
date
Thu, 10 Jun 2021 00:22:42 GMT
content-length
248
content-type
text/html; charset=ISO-8859-1
via
1.1 google
alt-svc
clear
index.html
campaigns.cembra.ch/campaigns/de/connects/ Frame DE84 		426 B
624 B 		Document
General
Check archive.org
Download Go to
Full URL
https://campaigns.cembra.ch/campaigns/de/connects/index.html?ap=116404
Requested by
Host: assets.bly.ch
URL: https://assets.bly.ch/tool/php/impression_tracker.php?type=js&creative_id=44198068&campaign_id=2319764
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a01:ab20:0:203::1:245 , Switzerland, ASN47302 (CYON, CH),
Reverse DNS
Software
/
Resource Hash
913eb8f14d0a12fc4b36e3c42e660450a7a3c1fec874f88c9169a3b89d6b25e3

Request headers

:method
GET
:authority
campaigns.cembra.ch
:scheme
https
:path
/campaigns/de/connects/index.html?ap=116404
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/

Response headers

set-cookie
PHPSESSID=553912b52bba9107af9fdf2a6cf28da8; path=/; domain=.cembra.ch; secure; HttpOnly cembthtlp1=Q0VNQlRDNjVBRkZHMDAwMDE5MTUwMTE3MDA1NjAwMDAwMDAwMDA5NTAwMDAwMDAwMDAyNzE2MjMyODQ1NjAwMGNvbm5lY3RzMDBlYTY4NzA5ZjQ2ODE1OGRhM2MwMDhiNzM1YzJmNGU0OQ%3D%3D; expires=Sat, 10-Jul-2021 00:22:40 GMT; Max-Age=2592000; path=/; domain=.cembra.ch; secure; HttpOnly; SameSite=Lax cembtpv1=connects; expires=Sat, 10-Jul-2021 00:22:40 GMT; Max-Age=2592000; path=/; domain=.cembra.ch; secure; SameSite=Lax cembthtlp1_e=MTYyMzI4NDU2MGFmY2RjNGU3Nzc0N2ZkOGZhYzIzNjY4NTlkNmNkMmUwMTE2NDA0; expires=Sat, 10-Jul-2021 00:22:40 GMT; Max-Age=2592000; path=/; domain=.cembra.ch; secure; HttpOnly; SameSite=Lax
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
content-length
301
content-encoding
br
vary
Accept-Encoding
date
Thu, 10 Jun 2021 00:22:40 GMT
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
index.html
campaigns.cembra.ch/campaigns/de/cumulusmc_pv/ Frame 6471 		426 B
625 B 		Document
General
Check archive.org
Download Go to
Full URL
https://campaigns.cembra.ch/campaigns/de/cumulusmc_pv/index.html?version=14010&ap=116404
Requested by
Host: assets.bly.ch
URL: https://assets.bly.ch/tool/php/impression_tracker.php?type=js&creative_id=44198068&campaign_id=2319764
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a01:ab20:0:203::1:245 , Switzerland, ASN47302 (CYON, CH),
Reverse DNS
Software
/
Resource Hash
913eb8f14d0a12fc4b36e3c42e660450a7a3c1fec874f88c9169a3b89d6b25e3

Request headers

:method
GET
:authority
campaigns.cembra.ch
:scheme
https
:path
/campaigns/de/cumulusmc_pv/index.html?version=14010&ap=116404
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/

Response headers

set-cookie
PHPSESSID=8974ab65f1cf77e16058ddb937b88e4e; path=/; domain=.cembra.ch; secure; HttpOnly cembthtlp2=Q0VNQlRDOTkxMDAwMDE0MDEwODUwMTEyMDA2MTAwMDAwMDAwMDA2MzAwMDAwMDAwMDAxMDE2MjMyODQ1NjAwMGNvbm5lY3RzMDBmM2ZjYWRlZmU3ZTM1OWUxMjA1MGM5MDQxZTBjZmViNg%3D%3D; expires=Sat, 10-Jul-2021 00:22:40 GMT; Max-Age=2592000; path=/; domain=.cembra.ch; secure; HttpOnly; SameSite=Lax cembtpv2=connects; expires=Sat, 10-Jul-2021 00:22:40 GMT; Max-Age=2592000; path=/; domain=.cembra.ch; secure; SameSite=Lax cembthtlp2_e=MTYyMzI4NDU2MGFmY2RjNGU3Nzc0N2ZkOGZhYzIzNjY4NTlkNmNkMmUwMTE2NDA0; expires=Sat, 10-Jul-2021 00:22:40 GMT; Max-Age=2592000; path=/; domain=.cembra.ch; secure; HttpOnly; SameSite=Lax
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
content-length
301
content-encoding
br
vary
Accept-Encoding
date
Thu, 10 Jun 2021 00:22:40 GMT
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
JuneAffiliateStaticBanners300x250.jpg
vht.tradedoubler.com/file/308023/2021/iabDE/ Frame F63D
Redirect Chain
  • https://impfr.tradedoubler.com/imp?type(img)g(24852340)a(3014885)266090059
  • https://vht.tradedoubler.com/file/308023/2021/iabDE/JuneAffiliateStaticBanners300x250.jpg
26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vht.tradedoubler.com/file/308023/2021/iabDE/JuneAffiliateStaticBanners300x250.jpg
Requested by
Host: 2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com
URL: https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.174.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
61faf69bd293c8013b79cc909ad87baff566039fc340f42324fd1cf8d32f3eb3

Request headers

Referer
https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 07 Jun 2021 07:36:21 GMT
Via
1.1 8e20810f1edd66323991c4412691bb48.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Tue, 01 Jun 2021 09:05:42 GMT
Server
Apache
Age
233182
ETag
"6874-5c3b0a5826580"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Cache-Control
max-age=604800, public
X-Amz-Cf-Pop
CDG50-P2
Accept-Ranges
bytes
Content-Length
26740
X-Amz-Cf-Id
Rk9DFyFUd_9L02-DqqVbYdeM2zBU4SNRJ_68m0dFb9AsI6Xm2s0eYg==
Expires
Mon, 14 Jun 2021 07:36:21 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:42 GMT
via
1.1 google
referrer-policy
origin
server
TXServerHttp
location
https://vht.tradedoubler.com/file/308023/2021/iabDE/JuneAffiliateStaticBanners300x250.jpg
p3p
policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
access-control-allow-origin
*
cache-control
private, max-age=0
content-type
text/html; charset=ISO-8859-1
alt-svc
clear
content-length
294
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame A1CD 		1 KB
756 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com
URL: https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Wed, 09 Jun 2021 05:40:48 GMT
expires
Thu, 10 Jun 2021 05:40:48 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
67312
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame F63D 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7832cdd3678c86f85df323d4ad202f77a487b7314fa86b81a2f38f1f3e5f7946

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
JuneAffiliateStaticBanners300x250.jpg
vht.tradedoubler.com/file/308023/2021/iabDE/ Frame 6553
Redirect Chain
  • https://impfr.tradedoubler.com/imp?type(img)g(24852340)a(3014885)978753824
  • https://vht.tradedoubler.com/file/308023/2021/iabDE/JuneAffiliateStaticBanners300x250.jpg
26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vht.tradedoubler.com/file/308023/2021/iabDE/JuneAffiliateStaticBanners300x250.jpg
Requested by
Host: 2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com
URL: https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.174.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
61faf69bd293c8013b79cc909ad87baff566039fc340f42324fd1cf8d32f3eb3

Request headers

Referer
https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 07 Jun 2021 07:36:21 GMT
Via
1.1 ee4db0d243ceb0d1993e5f46ad6c0f01.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Tue, 01 Jun 2021 09:05:42 GMT
Server
Apache
Age
233182
ETag
"6874-5c3b0a5826580"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Cache-Control
max-age=604800, public
X-Amz-Cf-Pop
CDG50-P2
Accept-Ranges
bytes
Content-Length
26740
X-Amz-Cf-Id
TjQ9vrsZbLvKpev8GYaGRhNd1OwCi7hiU4jW1rGbpiufFPMPdutliw==
Expires
Mon, 14 Jun 2021 07:36:21 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:42 GMT
via
1.1 google
referrer-policy
origin
server
TXServerHttp
location
https://vht.tradedoubler.com/file/308023/2021/iabDE/JuneAffiliateStaticBanners300x250.jpg
p3p
policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
access-control-allow-origin
*
cache-control
private, max-age=0
content-type
text/html; charset=ISO-8859-1
alt-svc
clear
content-length
294
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 8C36 		1 KB
756 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com
URL: https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Wed, 09 Jun 2021 05:40:48 GMT
expires
Thu, 10 Jun 2021 05:40:48 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
67312
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 6553 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ab5f3bc8c637f3383c8b24b3e5ca63346bd69c52ccf287a9273f3dbb52918d18

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
/
google2waycm.netmng.com/cm/ Frame A1CD 		0
0
pixel
cm.g.doubleclick.net/ Frame A1CD
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEMl44P6AtI8a0ElkGh0w-s4&google_cver=1&google_push=AYg5qPJ5fvw3dt6bhXARZHrybKzlh77s2z9wsuPSu-Ba_IE3ys89Wa5hdUzSL27BOwh05DTd2MmZe2JCZC0F0dEo...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=86gANFKoRdeE3MKnqBXQfA2&google_push=AYg5qPJ5fvw3dt6bhXARZHrybKzlh77s2z9wsuPSu-Ba_IE3ys89Wa5hdUzSL27BOwh05DTd2MmZe2JCZC0F0dEovPkPUyRvwqar
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=86gANFKoRdeE3MKnqBXQfA2&google_push=AYg5qPJ5fvw3dt6bhXARZHrybKzlh77s2z9wsuPSu-Ba_IE3ys89Wa5hdUzSL27BOwh05DTd2MmZe2JCZC0F0dEovPkPUyRvwqar&g...
170 B
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=86gANFKoRdeE3MKnqBXQfA2&google_push=AYg5qPJ5fvw3dt6bhXARZHrybKzlh77s2z9wsuPSu-Ba_IE3ys89Wa5hdUzSL27BOwh05DTd2MmZe2JCZC0F0dEovPkPUyRvwqar&google_tc=
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:56 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=86gANFKoRdeE3MKnqBXQfA2&google_push=AYg5qPJ5fvw3dt6bhXARZHrybKzlh77s2z9wsuPSu-Ba_IE3ys89Wa5hdUzSL27BOwh05DTd2MmZe2JCZC0F0dEovPkPUyRvwqar&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
415
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A1CD
Redirect Chain
  • https://a.c.appier.net/gcm?google_gid=CAESEHE6B-BW-BhlAnUInLHxq0k&google_cver=1&google_push=AYg5qPKHFFW9ToSZCRGZDkBcfQld7Nl3nGsxSFd2f7EJJMTHxZvZPSa3YAHnp24pqMnRzofKSSyqx7T4Ql6naMj2SBMPErSOZIfs
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=NTNfZlc2NS1BZ0tTcDR3R1VWdkJZQQ%3D%3D&google_push=AYg5qPKHFFW9ToSZCRGZDkBcfQld7Nl3nGsxSFd2f7EJJMTHxZvZPSa3YAHnp24pqMnRzofKSSyqx7T4Ql6na...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=NTNfZlc2NS1BZ0tTcDR3R1VWdkJZQQ%3D%3D&google_push=AYg5qPKHFFW9ToSZCRGZDkBcfQld7Nl3nGsxSFd2f7EJJMTHxZvZPSa3YAHnp24pqMnRzofKSSyqx7T4Ql6naMj2SBMPErSOZIfs
Requested by
Host: 2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com
URL: https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=NTNfZlc2NS1BZ0tTcDR3R1VWdkJZQQ%3D%3D&google_push=AYg5qPKHFFW9ToSZCRGZDkBcfQld7Nl3nGsxSFd2f7EJJMTHxZvZPSa3YAHnp24pqMnRzofKSSyqx7T4Ql6naMj2SBMPErSOZIfs
date
Thu, 10 Jun 2021 00:22:41 GMT
cache-control
no-store
server
nginx
content-type
text/html; charset=utf-8
content-length
243
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pixel
cm.g.doubleclick.net/ Frame A1CD
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=JDABwlXLSfqEddATKYjNtQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=JDABwlXLSfqEddATKYjNtQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIUZH67FP4Uwxik2i2YehuYnXHAx96_0mWxnAyhhUiEBny9fBisL--XxGJzPorCGtU04FdIjGKM6Z-iTBmRZxQG-2Q19rgg
Requested by
Host: 2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com
URL: https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=JDABwlXLSfqEddATKYjNtQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIUZH67FP4Uwxik2i2YehuYnXHAx96_0mWxnAyhhUiEBny9fBisL--XxGJzPorCGtU04FdIjGKM6Z-iTBmRZxQG-2Q19rgg
date
Thu, 10 Jun 2021 00:22:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame A1CD
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAYg5qPLSzG_Rjt4S21J0Kz6J-cY69RBAGGT40j5Rdyvkx-Ex_zhlVzGHIAxyqtrMtsfD7jW0PstBTfEOD-...
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AYg5qPLSzG_Rjt4S21J0Kz6J-cY69RBAGGT40j5Rdyvkx-Ex_zhlVzGHIAxyqtrMtsfD7jW0PstBTfEOD-7jRkgJXb1-m3TIrUnf&google_hm=0c52e386-7a59-4db0-97...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AYg5qPLSzG_Rjt4S21J0Kz6J-cY69RBAGGT40j5Rdyvkx-Ex_zhlVzGHIAxyqtrMtsfD7jW0PstBTfEOD-7jRkgJXb1-m3TIrUnf&google_hm=0c52e386-7a59-4db0-97c1-c504ee61acd4
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:45 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AYg5qPLSzG_Rjt4S21J0Kz6J-cY69RBAGGT40j5Rdyvkx-Ex_zhlVzGHIAxyqtrMtsfD7jW0PstBTfEOD-7jRkgJXb1-m3TIrUnf&google_hm=0c52e386-7a59-4db0-97c1-c504ee61acd4
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A1CD
Redirect Chain
  • https://google.ops.beeline.ru/p?ssp=gl&google_gid=CAESEPL8NOHdakge0blb7Ya_ssk&google_cver=1&google_push=AYg5qPKaMqFt0YlZv0bfcWJtngGbR0ZXGqAKWy89IFfKH3Lcvgx0Ey5lq2P-bwZc-NgCmhdo1XCIXV3ikge32tzJEoY6M...
  • https://cm.g.doubleclick.net/pixel?google_nid=vimpelcom_pjsc&google_hm=ZGJiNWFkN2EtYmRiMy00OWM1LWFlZjItOGMxMjEwYmJkZDUz&google_push=AYg5qPKaMqFt0YlZv0bfcWJtngGbR0ZXGqAKWy89IFfKH3Lcvgx0Ey5lq2P-bwZc-...
170 B
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=vimpelcom_pjsc&google_hm=ZGJiNWFkN2EtYmRiMy00OWM1LWFlZjItOGMxMjEwYmJkZDUz&google_push=AYg5qPKaMqFt0YlZv0bfcWJtngGbR0ZXGqAKWy89IFfKH3Lcvgx0Ey5lq2P-bwZc-NgCmhdo1XCIXV3ikge32tzJEoY6Mpf-1omWvQ
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 10 Jun 2021 00:22:56 GMT
x-route
http://upstream_cookiesync
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=vimpelcom_pjsc&google_hm=ZGJiNWFkN2EtYmRiMy00OWM1LWFlZjItOGMxMjEwYmJkZDUz&google_push=AYg5qPKaMqFt0YlZv0bfcWJtngGbR0ZXGqAKWy89IFfKH3Lcvgx0Ey5lq2P-bwZc-NgCmhdo1XCIXV3ikge32tzJEoY6Mpf-1omWvQ
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS, GET, HEAD, POST, OPTIONS, PUT, DELETE
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true, true
x-host
192.168.152.63
access-control-allow-headers
authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A1CD
Redirect Chain
  • https://ads.avads.net/sync/ggl?google_gid=CAESEB_2dpuLi_E34Y-s20Of48Y&google_cver=1&google_push=AYg5qPJXdKprO1Mb3fpQNaMxW1zK1bCe7rA8zCBXLgSudLpECXdhXsdMX8PjraDTmgSvTJDcMNMSKlUq9NVkpT6tkMmJJxS4-TX4rg
  • https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=MTRmNzgxMjktOGM5Yi00NTY3LTk5YmItOWQ3N2YxNzIyYzZm
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=MTRmNzgxMjktOGM5Yi00NTY3LTk5YmItOWQ3N2YxNzIyYzZm
Requested by
Host: 2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com
URL: https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=MTRmNzgxMjktOGM5Yi00NTY3LTk5YmItOWQ3N2YxNzIyYzZm
date
Thu, 10 Jun 2021 00:22:41 GMT
x-envoy-upstream-service-time
6
server
istio-envoy
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame A1CD 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LcLe96suEt0dGh2kqGKUDs5YHg3FdQxwlc4SDKz1oOGbf4hHyKAlXBMe5qOJkHffppBGJHDCw
Requested by
Host: 2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com
URL: https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:40 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
cm
gcm.ctnsnet.com/int/ Frame 8C36 		0
0
pixel
cm.g.doubleclick.net/ Frame 8C36
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEDdEKfLDmMA7g5prpd4HpBg&google_cver=1&google_push=AYg5qPKsDxLBuEIeFWNcRe0i4cYdXrhsc15yDpiPc8uxu9Rhs4T9mhxTq4HNQ1hFXnSnNl73hmYEf_oHkF073v...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk3MTk1NDA5NzMwMTg3ODkzNA%3D%3D&google_push=AYg5qPKsDxLBuEIeFWNcRe0i4cYdXrhsc15yDpiPc8uxu9Rhs4T9mhxTq4HNQ1hFXnSnNl73hmYEf_oHkF073vF-Rf...
170 B
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk3MTk1NDA5NzMwMTg3ODkzNA%3D%3D&google_push=AYg5qPKsDxLBuEIeFWNcRe0i4cYdXrhsc15yDpiPc8uxu9Rhs4T9mhxTq4HNQ1hFXnSnNl73hmYEf_oHkF073vF-RfqrqbCzP-I
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk3MTk1NDA5NzMwMTg3ODkzNA%3D%3D&google_push=AYg5qPKsDxLBuEIeFWNcRe0i4cYdXrhsc15yDpiPc8uxu9Rhs4T9mhxTq4HNQ1hFXnSnNl73hmYEf_oHkF073vF-RfqrqbCzP-I
Date
Thu, 10 Jun 2021 00:22:51 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
us.php
c.eu1.dyntrk.com/adx/ga/ Frame 8C36 		0
0
rub
px.adhigh.net/p/gm/ Frame 8C36 		0
0
google_sync_status
x.bidswitch.net/ Frame 8C36
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEMIzwOE8USa5qh4qspm3zQk&google_cver=1&google_push=AYg5qPLGSfmDd-7mQHXhstljfOI8Xbikn-_sE8pMcaJjwLEu2tXIpN8YjqN0YRaSU982026Y-AweF857zfBEVI3YFiE_...
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=3cdaff92-bc1b-44dd-978f-444a3f228382&ssp=google
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_cm=1&google_hm=YnHsMq1OQneQ7IReIj84tg==
  • https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESENLXMXZpmhOKb8JEaAlgkdg&google_cver=1
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESENLXMXZpmhOKb8JEaAlgkdg&google_cver=1
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.245.144 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:48 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESENLXMXZpmhOKb8JEaAlgkdg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
316
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
dsp.adkernel.com/ Frame 8C36 		42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEMQOjD9ZRwU3EbEN2SC0cjE&google_cver=1&google_push=AYg5qPLWB3yyNuEpt3W1iziwlouwO8hdNvpLkEJm0vzR06OGqaTGCgjg66Qz2cK2JuFHJWMNrcX8F0YDE3mW2oLjWDngsi1P_SY8
Requested by
Host: 2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com
URL: https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:42 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
pixelmatch
ap.lijit.com/dsp/google/ Frame 8C36 		0
0
attr
cm.g.doubleclick.net/pixel/ Frame 8C36 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J6B2hZpE-Qgdjepo2LSUabB5u_lXAIBVSvgGkAXlwqX2OKzRhhCm80nR0JvMRj4ZeMogWb
Requested by
Host: 2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com
URL: https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:40 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
showad.js
ads.pubmatic.com/AdServer/js/ Frame E224 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/AdServer/js/showad.js
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=243001C2-55CB-49FA-8475-D0132988CDB5; KRTBCOOKIE_1051=22884-18072662182946732675; PUBMDCID=3; KRTBCOOKIE_377=6810-d2513907-50a7-4b1a-a831-996b2a9a1e2d&KRTB&22918-d2513907-50a7-4b1a-a831-996b2a9a1e2d&KRTB&23031-d2513907-50a7-4b1a-a831-996b2a9a1e2d; repi=1; chkChromeAb67Sec=2; DPSync3=1624492800%3A201_221_226_227_232_197_219%7C1623369600%3A174; SyncRTB3=1623888000%3A2_223_15%7C1625875200%3A203%7C1624492800%3A56_54_13_166_161_71_7_8_81_55_21_3_220_22%7C1624579200%3A35%7C1624147200%3A63; KRTBCOOKIE_22=14911-2390624913052329021; KRTBCOOKIE_1101=23040-6971954097301878934; PugT=1623284560; KRTBCOOKIE_466=16530-28089516-6d3a-4447-b279-e92369718e38; SPugT=1623284558
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

last-modified
Tue, 11 May 2021 05:24:02 GMT
etag
"13006b6-96ca-5c2071a26cca4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13964
content-type
text/html; charset=UTF-8
cache-control
public, max-age=39889
expires
Thu, 10 Jun 2021 11:27:30 GMT
date
Thu, 10 Jun 2021 00:22:41 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 5961 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/AdServer/js/showad.js
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=243001C2-55CB-49FA-8475-D0132988CDB5; KRTBCOOKIE_1051=22884-18072662182946732675; PUBMDCID=3; KRTBCOOKIE_377=6810-d2513907-50a7-4b1a-a831-996b2a9a1e2d&KRTB&22918-d2513907-50a7-4b1a-a831-996b2a9a1e2d&KRTB&23031-d2513907-50a7-4b1a-a831-996b2a9a1e2d; repi=1; chkChromeAb67Sec=2; DPSync3=1624492800%3A201_221_226_227_232_197_219%7C1623369600%3A174; SyncRTB3=1623888000%3A2_223_15%7C1625875200%3A203%7C1624492800%3A56_54_13_166_161_71_7_8_81_55_21_3_220_22%7C1624579200%3A35%7C1624147200%3A63; KRTBCOOKIE_22=14911-2390624913052329021; KRTBCOOKIE_1101=23040-6971954097301878934; PugT=1623284560; KRTBCOOKIE_466=16530-28089516-6d3a-4447-b279-e92369718e38; SPugT=1623284558
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

last-modified
Tue, 11 May 2021 05:24:02 GMT
etag
"13006b6-96ca-5c2071a26cca4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13964
content-type
text/html; charset=UTF-8
cache-control
public, max-age=39889
expires
Thu, 10 Jun 2021 11:27:30 GMT
date
Thu, 10 Jun 2021 00:22:41 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 64BC 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/AdServer/js/showad.js
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=243001C2-55CB-49FA-8475-D0132988CDB5; KRTBCOOKIE_1051=22884-18072662182946732675; PUBMDCID=3; KRTBCOOKIE_377=6810-d2513907-50a7-4b1a-a831-996b2a9a1e2d&KRTB&22918-d2513907-50a7-4b1a-a831-996b2a9a1e2d&KRTB&23031-d2513907-50a7-4b1a-a831-996b2a9a1e2d; repi=1; chkChromeAb67Sec=2; DPSync3=1624492800%3A201_221_226_227_232_197_219%7C1623369600%3A174; SyncRTB3=1623888000%3A2_223_15%7C1625875200%3A203%7C1624492800%3A56_54_13_166_161_71_7_8_81_55_21_3_220_22%7C1624579200%3A35%7C1624147200%3A63; KRTBCOOKIE_22=14911-2390624913052329021; KRTBCOOKIE_1101=23040-6971954097301878934; PugT=1623284560; KRTBCOOKIE_466=16530-28089516-6d3a-4447-b279-e92369718e38; SPugT=1623284558
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

last-modified
Tue, 11 May 2021 05:24:02 GMT
etag
"13006b6-96ca-5c2071a26cca4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13964
content-type
text/html; charset=UTF-8
cache-control
public, max-age=39889
expires
Thu, 10 Jun 2021 11:27:30 GMT
date
Thu, 10 Jun 2021 00:22:41 GMT
vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame E224 		1001 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=90953635&p=159320&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
af8da32b4d4d06aeeacf4bd5e96a2396c6bf4119de2ddbd14d3b377b4b7ddc83

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
1001
content-type
text/html; charset=UTF-8
generic
match.adsrvr.org/track/cmf/ Frame EEF2 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:41 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
xuid
eb2.3lift.com/ Frame EEF2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEPqKHYPtlW2JvvX1udYRJB8&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEPqKHYPtlW2JvvX1udYRJB8&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.137.147 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:41 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:41 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEPqKHYPtlW2JvvX1udYRJB8&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame EEF2
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTE5MDUwMTUzMTQ5NTI2NTE0NTg%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTE5MDUwMTUzMTQ5NTI2NTE0NTg%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTE5MDUwMTUzMTQ5NTI2NTE0NTg%3D
date
Thu, 10 Jun 2021 00:22:41 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
c.gif
c.bing.com/ Frame EEF2 		42 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=11905015314952651458&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:41 GMT
etag
"506f5bd17ad71:0"
last-modified
Tue, 23 Feb 2021 19:11:50 GMT
x-msedge-ref
Ref A: 78AC8FB9A3664562A53BB16130B92F5E Ref B: FRAEDGE1217 Ref C: 2021-06-10T00:22:41Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
xuid
eb2.3lift.com/ Frame EEF2
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/11905015314952651458?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-0ezVTRZE2oS1tT7Y9hMZiW9j6IE5CSbL54nBGiDbVQ--~A&dongle=0883
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-0ezVTRZE2oS1tT7Y9hMZiW9j6IE5CSbL54nBGiDbVQ--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.137.147 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:41 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Thu, 10 Jun 2021 00:22:41 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-0ezVTRZE2oS1tT7Y9hMZiW9j6IE5CSbL54nBGiDbVQ--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame EEF2
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=7761284304466057866&dongle=4d58&gdpr=1&gdpr_consent=
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=7761284304466057866&dongle=4d58&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.137.147 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:41 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:41 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.8:80
AN-X-Request-Uuid
5b8660c3-9882-4441-83d0-556cab5dd521
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=7761284304466057866&dongle=4d58&gdpr=1&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
iu3
s.amazon-adsystem.com/ Frame EEF2
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=11905015314952651458
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=11905015314952651458&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=11905015314952651458&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:47 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=11905015314952651458&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame EEF2
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
  • https://eb2.3lift.com/xuid?ld=1&mid=2460&xuid=&dongle=dba8&gdpr=1&cmp_cs=&us_privacy=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=2460&xuid=&dongle=dba8&gdpr=1&cmp_cs=&us_privacy=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.137.147 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

location
/xuid?ld=1&mid=2460&xuid=&dongle=dba8&gdpr=1&cmp_cs=&us_privacy=
date
Thu, 10 Jun 2021 00:22:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
ib.adnxs.com/prebid/ Frame EEF2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=1&gdpr_consent=&uid=11905015314952651458
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
setuid
ib.adnxs.com/prebid/ Frame EEF2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=1&gdpr_consent=&uid=11905015314952651458
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
generic
match.adsrvr.org/track/cmf/ Frame 4FD5 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:41 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
xuid
eb2.3lift.com/ Frame 4FD5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEPqKHYPtlW2JvvX1udYRJB8&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEPqKHYPtlW2JvvX1udYRJB8&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.137.147 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:41 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:41 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEPqKHYPtlW2JvvX1udYRJB8&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4FD5
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTE5MDUwMTUzMTQ5NTI2NTE0NTg%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTE5MDUwMTUzMTQ5NTI2NTE0NTg%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTE5MDUwMTUzMTQ5NTI2NTE0NTg%3D
date
Thu, 10 Jun 2021 00:22:41 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
c.gif
c.bing.com/ Frame 4FD5 		42 B
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=11905015314952651458&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:41 GMT
etag
"506f5bd17ad71:0"
last-modified
Tue, 23 Feb 2021 19:11:50 GMT
x-msedge-ref
Ref A: BB2F95DA6586470E9970279757CCC7C6 Ref B: FRAEDGE1217 Ref C: 2021-06-10T00:22:41Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
xuid
eb2.3lift.com/ Frame 4FD5
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/11905015314952651458?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-0ezVTRZE2oS1tT7Y9hMZiW9j6IE5CSbL54nBGiDbVQ--~A&dongle=0883
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-0ezVTRZE2oS1tT7Y9hMZiW9j6IE5CSbL54nBGiDbVQ--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.137.147 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:41 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Thu, 10 Jun 2021 00:22:41 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-0ezVTRZE2oS1tT7Y9hMZiW9j6IE5CSbL54nBGiDbVQ--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 4FD5
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=7761284304466057866&dongle=4d58&gdpr=1&gdpr_consent=
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=7761284304466057866&dongle=4d58&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.137.147 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:43 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:43 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.43:80
AN-X-Request-Uuid
b8a85b8a-54f7-41c9-a6ce-fb0d862de785
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=7761284304466057866&dongle=4d58&gdpr=1&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
iu3
s.amazon-adsystem.com/ Frame 4FD5
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=11905015314952651458
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=11905015314952651458&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=11905015314952651458&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.232.32 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:47 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=11905015314952651458&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 4FD5
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.137.147 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:45 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
setuid
ib.adnxs.com/prebid/ Frame 4FD5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=1&gdpr_consent=&uid=11905015314952651458
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
setuid
ib.adnxs.com/prebid/ Frame 4FD5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=1&gdpr_consent=&uid=11905015314952651458
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
generic
match.adsrvr.org/track/cmf/ Frame D9C6 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:41 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
xuid
eb2.3lift.com/ Frame D9C6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEPqKHYPtlW2JvvX1udYRJB8&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEPqKHYPtlW2JvvX1udYRJB8&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.137.147 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:41 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:41 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEPqKHYPtlW2JvvX1udYRJB8&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D9C6
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTE5MDUwMTUzMTQ5NTI2NTE0NTg%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTE5MDUwMTUzMTQ5NTI2NTE0NTg%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTE5MDUwMTUzMTQ5NTI2NTE0NTg%3D
date
Thu, 10 Jun 2021 00:22:41 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
c.gif
c.bing.com/ Frame D9C6 		42 B
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=11905015314952651458&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:41 GMT
etag
"506f5bd17ad71:0"
last-modified
Tue, 23 Feb 2021 19:11:50 GMT
x-msedge-ref
Ref A: 6ABB6BC1830F4699A7CF306F07891CF9 Ref B: FRAEDGE1217 Ref C: 2021-06-10T00:22:41Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
xuid
eb2.3lift.com/ Frame D9C6
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/11905015314952651458?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-0ezVTRZE2oS1tT7Y9hMZiW9j6IE5CSbL54nBGiDbVQ--~A&dongle=0883
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-0ezVTRZE2oS1tT7Y9hMZiW9j6IE5CSbL54nBGiDbVQ--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.137.147 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:41 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Thu, 10 Jun 2021 00:22:41 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-0ezVTRZE2oS1tT7Y9hMZiW9j6IE5CSbL54nBGiDbVQ--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame D9C6
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=7761284304466057866&dongle=4d58&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?ld=1&mid=3335&xuid=7761284304466057866&dongle=4d58&gdpr=1&cmp_cs=&us_privacy=
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=3335&xuid=7761284304466057866&dongle=4d58&gdpr=1&cmp_cs=&us_privacy=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.137.147 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=3335&xuid=7761284304466057866&dongle=4d58&gdpr=1&cmp_cs=&us_privacy=
date
Thu, 10 Jun 2021 00:22:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
iu3
s.amazon-adsystem.com/ Frame D9C6
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=11905015314952651458
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=11905015314952651458&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=11905015314952651458&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:47 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=11905015314952651458&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame D9C6
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.137.147 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:45 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
setuid
ib.adnxs.com/prebid/ Frame D9C6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=1&gdpr_consent=&uid=11905015314952651458
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
setuid
ib.adnxs.com/prebid/ Frame D9C6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=1&gdpr_consent=&uid=11905015314952651458
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
Pug
simage2.pubmatic.com/AdServer/ Frame 8E32
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-4b6b31cb-0c5c-402c-be96-53a916fee2fa-003&rndcb=697988315
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=f8b554b3-f6e3-4699-a903-ae7fbffc4ee8&google_hm=ZjhiNTU0YjMtZjZlMy00Njk5LWE5MDMtYWU3ZmJmZmM0...
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEHBB4ph9kt24-ghNj6RYlE0&google_cver=1&ssp=adconductor&bsw_param=f8b554b3-f6e3-4699-a903-ae7fbffc4ee8
  • https://sync.1rx.io/usersync/bidswitch/f8b554b3-f6e3-4699-a903-ae7fbffc4ee8?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-d3cf6f02-c298-4587-af1e-2543bca75a6b-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-d3cf6f02-c298-4587-af1e-2543bca75a6b-003
42 B
269 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-d3cf6f02-c298-4587-af1e-2543bca75a6b-003
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-d3cf6f02-c298-4587-af1e-2543bca75a6b-003
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
PUBMDCID=3; KADUSERCOOKIE=DFD26154-CAF9-4A9B-A4C8-0A3924C365A8; chkChromeAb67Sec=1; DPSync3=1623369600%3A174%7C1624492800%3A197_219_201; SyncRTB3=1624579200%3A35%7C1624492800%3A7_3_166_81_161_22_99_8_56_54_234_21_71_55%7C1624147200%3A63%7C1625875200%3A203%7C1623888000%3A2_223_15; KRTBCOOKIE_153=19420-GV1jmBoPNcgCXjKcGFktmBtYNpkCCzOfSwz0MTAO&KRTB&22979-GV1jmBoPNcgCXjKcGFktmBtYNpkCCzOfSwz0MTAO; KRTBCOOKIE_27=16735-uid:62c060c1-5b59-4e00-ab8c-32c2382a2fab&KRTB&16736-uid:62c060c1-5b59-4e00-ab8c-32c2382a2fab&KRTB&23019-uid:62c060c1-5b59-4e00-ab8c-32c2382a2fab&KRTB&23114-uid:62c060c1-5b59-4e00-ab8c-32c2382a2fab; KRTBCOOKIE_80=22987-CAESENiYSvuWiW7QobS4uxh0v84&KRTB&16514-CAESENiYSvuWiW7QobS4uxh0v84&KRTB&23025-CAESENiYSvuWiW7QobS4uxh0v84; KRTBCOOKIE_391=22924-4150698187221535170&KRTB&23263-4150698187221535170; KRTBCOOKIE_377=6810-3b7ecffc-7e9a-4156-8cae-98b0d9533a0d&KRTB&22918-3b7ecffc-7e9a-4156-8cae-98b0d9533a0d&KRTB&23031-3b7ecffc-7e9a-4156-8cae-98b0d9533a0d; KRTBCOOKIE_22=14911-3765948413551573858; KRTBCOOKIE_336=5844-3987235876482715318; SPugT=1623284569; KRTBCOOKIE_218=22978-YMFbWgABq7DLVgA4&KRTB&23194-YMFbWgABq7DLVgA4&KRTB&23209-YMFbWgABq7DLVgA4&KRTB&23244-YMFbWgABq7DLVgA4; KRTBCOOKIE_699=22727-AAEOEE7BgrcAADLifD7mHw; KRTBCOOKIE_1101=23040-6971954144548550799; PugT=1623284571
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 10 Jun 2021 00:22:51 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_594=17105-RX-d3cf6f02-c298-4587-af1e-2543bca75a6b-003&KRTB&17107-RX-d3cf6f02-c298-4587-af1e-2543bca75a6b-003; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 08-Sep-2021 00:22:51 GMT; path=/ PugT=1623284571; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 10-Jul-2021 00:22:51 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 08-Sep-2021 00:22:51 GMT; path=/
x-lat
lhrpug001:0:460
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Tengine
date
Thu, 10 Jun 2021 00:22:51 GMT
content-type
text/html
set-cookie
_rxuuid=%7B%22rx_uuid%22%3A%22RX-d3cf6f02-c298-4587-af1e-2543bca75a6b-003%22%7D; path=/; expires=Fri, 10 Jun 2022 00:22:51 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-d3cf6f02-c298-4587-af1e-2543bca75a6b-003
etag
RXd3cf6f02c2984587af1e2543bca75a6b003
Pug
simage2.pubmatic.com/AdServer/ Frame 5E5B
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
0
88 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
PUBMDCID=3; KADUSERCOOKIE=DFD26154-CAF9-4A9B-A4C8-0A3924C365A8; chkChromeAb67Sec=1; DPSync3=1623369600%3A174%7C1624492800%3A197_219_201; SyncRTB3=1624579200%3A35%7C1624492800%3A7_3_166_81_161_22_99_8_56_54_234_21_71_55%7C1624147200%3A63%7C1625875200%3A203%7C1623888000%3A2_223_15; KRTBCOOKIE_153=19420-GV1jmBoPNcgCXjKcGFktmBtYNpkCCzOfSwz0MTAO&KRTB&22979-GV1jmBoPNcgCXjKcGFktmBtYNpkCCzOfSwz0MTAO; KRTBCOOKIE_27=16735-uid:62c060c1-5b59-4e00-ab8c-32c2382a2fab&KRTB&16736-uid:62c060c1-5b59-4e00-ab8c-32c2382a2fab&KRTB&23019-uid:62c060c1-5b59-4e00-ab8c-32c2382a2fab&KRTB&23114-uid:62c060c1-5b59-4e00-ab8c-32c2382a2fab; KRTBCOOKIE_80=22987-CAESENiYSvuWiW7QobS4uxh0v84&KRTB&16514-CAESENiYSvuWiW7QobS4uxh0v84&KRTB&23025-CAESENiYSvuWiW7QobS4uxh0v84; KRTBCOOKIE_391=22924-4150698187221535170&KRTB&23263-4150698187221535170; KRTBCOOKIE_377=6810-3b7ecffc-7e9a-4156-8cae-98b0d9533a0d&KRTB&22918-3b7ecffc-7e9a-4156-8cae-98b0d9533a0d&KRTB&23031-3b7ecffc-7e9a-4156-8cae-98b0d9533a0d; KRTBCOOKIE_22=14911-3765948413551573858; KRTBCOOKIE_336=5844-3987235876482715318; SPugT=1623284569; KRTBCOOKIE_218=22978-YMFbWgABq7DLVgA4&KRTB&23194-YMFbWgABq7DLVgA4&KRTB&23209-YMFbWgABq7DLVgA4&KRTB&23244-YMFbWgABq7DLVgA4; KRTBCOOKIE_699=22727-AAEOEE7BgrcAADLifD7mHw; PugT=1623284569
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 10 Jun 2021 00:22:51 GMT
content-type
text/html; charset=utf-8
x-lat
lhrpug016:2:262
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private
content-encoding
gzip

Redirect headers

set-cookie
viewer_token=5d7fe3ff-d509-49f6-b11a-0ad891e86f94; path=/; domain=csync.loopme.me; Expires=Sat, 10-Jul-2021 00:22:51 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
content-length
0
date
Thu, 10 Jun 2021 00:22:51 GMT
server
_
Pug
image2.pubmatic.com/AdServer/ Frame 7C2B
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=9mUSOjxkm4Y6koMrynzoW81W
42 B
371 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=9mUSOjxkm4Y6koMrynzoW81W
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=9mUSOjxkm4Y6koMrynzoW81W
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KRTBCOOKIE_218=22978-YMFbSAABq73bxAA4&KRTB&23194-YMFbSAABq73bxAA4&KRTB&23209-YMFbSAABq73bxAA4&KRTB&23244-YMFbSAABq73bxAA4; PugT=1623284566; PUBMDCID=3; KRTBCOOKIE_391=22924-871952570536581476&KRTB&23263-871952570536581476
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 10 Jun 2021 00:22:47 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_409=22966-9mUSOjxkm4Y6koMrynzoW81W; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 10-Jul-2021 00:22:47 GMT; path=/ PugT=1623284567; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 10-Jul-2021 00:22:47 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 08-Sep-2021 00:22:47 GMT; path=/
x-lat
amspug018:0:356
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
openresty
date
Thu, 10 Jun 2021 00:22:48 GMT
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie
u=9mUSOjxkm4Y6koMrynzoW81W; Max-Age=31536000; Domain=.erne.co; Path=/; Secure; SameSite=None
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=9mUSOjxkm4Y6koMrynzoW81W
strict-transport-security
max-age=0; includeSubDomains;
dpe
ad4m.at/ad/ Frame D35C 		42 B
1009 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Thu, 10 Jun 2021 00:22:41 GMT
content-type
image/gif
content-length
42
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
x-fastcgi-cache
BYPASS
x-backend-server
adsrv-wmp3
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
0a94e5cef100004e13b09fb000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
65ce725e49534e13-FRA
bridge
cm.adgrx.com/ Frame 6EEB 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.180.197 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host
cm.adgrx.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Date
Thu, 10 Jun 2021 00:22:48 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-1
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
p
a.audrte.com/ Frame E224
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=243001C2-55CB-49FA-8475-D0132988CDB5
  • https://a.audrte.com/p
68 B
805 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.206.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:42 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Thu, 10 Jun 2021 00:22:42 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame E224
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA%3D%26piggybackCookie%3D%24UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1208692412575765778
42 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1208692412575765778
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:49 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug006:0:294
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:49 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.199:80
AN-X-Request-Uuid
e5457d70-3d2c-4b19-9c0f-59ff7d17cef2
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1208692412575765778
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame CE47 		0
375 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cnection
close
date
Thu, 10 Jun 2021 00:22:41 GMT
content-encoding
gzip
server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache
content-type
text/plain; charset=utf-8
showad.js
ads.pubmatic.com/AdServer/js/ Frame DCB1 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/AdServer/js/showad.js
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=243001C2-55CB-49FA-8475-D0132988CDB5; KRTBCOOKIE_1051=22884-18072662182946732675; PUBMDCID=3; KRTBCOOKIE_377=6810-d2513907-50a7-4b1a-a831-996b2a9a1e2d&KRTB&22918-d2513907-50a7-4b1a-a831-996b2a9a1e2d&KRTB&23031-d2513907-50a7-4b1a-a831-996b2a9a1e2d; repi=1; KRTBCOOKIE_22=14911-2390624913052329021; KRTBCOOKIE_1101=23040-6971954097301878934; PugT=1623284560; KRTBCOOKIE_466=16530-28089516-6d3a-4447-b279-e92369718e38; chkChromeAb67Sec=3; DPSync3=1624492800%3A201_232_197_219_235_221_226_227%7C1623369600%3A174; SyncRTB3=1625875200%3A203%7C1624492800%3A13_55_21_3_230_56_54_161_71_165_204_7_99_234_88_166_8_81_220_22%7C1624147200%3A63%7C1623888000%3A223_2_15%7C1624579200%3A35; SPugT=1623284561
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

last-modified
Tue, 11 May 2021 05:24:02 GMT
etag
"13006b6-96ca-5c2071a26cca4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13964
content-type
text/html; charset=UTF-8
cache-control
public, max-age=39880
expires
Thu, 10 Jun 2021 11:27:30 GMT
date
Thu, 10 Jun 2021 00:22:50 GMT
vary
Accept-Encoding
metrics
connect-metrics-collector.s-onetag.com/ 		0
73 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://connect-metrics-collector.s-onetag.com/metrics
Requested by
Host: get.s-onetag.com
URL: http://get.s-onetag.com/7e8b2caf-3c72-4be6-9c44-36b91a473863/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.13.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 10 Jun 2021 00:22:43 GMT
content-length
0
vary
Origin
SPug
simage4.pubmatic.com/AdServer/ Frame E224 		0
154 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159320&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:42 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
async_usersync.html
acdn.adnxs.com/dmp/ Frame ED22 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instBid-3.27.1-no-userID.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://www.justjared.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
uuid2=7761284304466057866
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.justjared.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Fri, 11 Jun 2021 00:22:49 GMT
Date
Thu, 10 Jun 2021 00:22:47 GMT
Connection
keep-alive
Vary
Accept-Encoding
sync.html
cdn.aralego.net/ucfad/cookie/ Frame 0099 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/sync.html
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instBid-3.27.1-no-userID.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4cc2c709011178c06e10f7c74ba463f3e4df26d12c2b11809287f6a9a352f50

Request headers

:method
GET
:authority
cdn.aralego.net
:scheme
https
:path
/ucfad/cookie/sync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.justjared.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.justjared.com/

Response headers

date
Thu, 10 Jun 2021 00:22:44 GMT
content-type
text/html
last-modified
Wed, 16 Dec 2020 08:30:52 GMT
access-control-allow-credentials
true
cache-control
max-age=14400
cf-cache-status
HIT
age
976
cf-request-id
0a94e5d9bb00004aaa653ef000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=R2%2FRlRIdaeWSbvuGyKRMk%2BaMPllNuZh04aXZ7IWwaltUbbX66xXc4JGEfySsyrBUBXjGqoc8qcy2FACffGi9%2FMkpFa%2FVSXhnrukvmAs25BeNupyiFJqRFbLGzG6BaIOEoj4rr0KopvQ%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
65ce726f99834aaa-FRA
content-encoding
br
index.html
cdn.districtm.io/ids/ Frame 4FC7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instBid-3.27.1-no-userID.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
cdn.districtm.io
:scheme
https
:path
/ids/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.justjared.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.justjared.com/

Response headers

date
Thu, 10 Jun 2021 00:22:59 GMT
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Origin
access-control-allow-methods
GET, HEAD, POST, OPTIONS
cf-request-id
0a94e615c500000229e027f000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
65ce72cfad150229-ZRH
usync.html
eus.rubiconproject.com/ Frame E4CE 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instBid-3.27.1-no-userID.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://www.justjared.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
rsid=1|AIfsdBUH+v3fWCPuzNowDE/csJlhKa2tlCBRUZWfOQpzq4eRUmvkSc3ya9WQi+HKKRWt2jyoYTD2eRvLWSDhFgX3ng06hUEE9RUpasHbexgivGKrYKdBNKOTT8+Kbwv/ANSf; ses15=; ses10=; vis10=293666^1; khaos=KPQ5PKTL-V-4HSC; uids=eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsicnRiaG91c2UiOnsidWlkIjoibGFOTUd3TjAzTFdOMUR2Sjg3S2QiLCJleHBpcmVzIjoiMjAyMS0wNi0yNFQwMDoyMjozMi41NTZaIn0sInJ1Ymljb24iOnsidWlkIjoiS1BRNVBLVEwtVi00SFNDIiwiZXhwaXJlcyI6IjIwMjEtMDYtMjRUMDA6MjI6MzIuNDE1WiJ9LCJndW1ndW0iOnsidWlkIjoiZV81YWYzOGI3MC0zODM2LTQyODQtODcxNy0zMTkxOWEyODYxOTEiLCJleHBpcmVzIjoiMjAyMS0wNi0yNFQwMDoyMjozMi43MTRaIn19LCJiZGF5IjoiMjAyMS0wNi0xMFQwMDoyMjozMi40MTVaIn0=; vis15=153530^1&293666^1; pux=1512%3D100273%262249%3D100273%262974%3D100273%263778%3D100273%262249-DV360-Hosted%3D100273%26idl%3D100273%26brx%3D100273%26goog%3D100273%26; audit=1|naVuGyos1qojheJiu7KYlXp4/TMPY9XwzMb5byHS7FYCNhXkkZ+je92KjpcTyb52dalcOrJi9dpo2B05UvZjL2UmrsSRQiLTsqlSNZOaaDQ=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.justjared.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 10 Jun 2021 00:22:59 GMT
Connection
keep-alive
Vary
Accept-Encoding
usersync.html
ad-cdn.technoratimedia.com/html/ Frame B242 		17 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_3.27.1
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instBid-3.27.1-no-userID.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.191 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C9B) /
Resource Hash
ff8efe03e36fae8294a9f7448f03cd707e09935b213ea2d445efcbcab7370790

Request headers

:method
GET
:authority
ad-cdn.technoratimedia.com
:scheme
https
:path
/html/usersync.html?src=prebid_prebid_3.27.1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.justjared.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
tads_uid=GDPR
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.justjared.com/

Response headers

content-encoding
gzip
accept-ranges
bytes
access-control-allow-origin
*
age
453
cache-control
max-age=900
content-type
text/html; charset=UTF-8
date
Thu, 10 Jun 2021 00:22:51 GMT
etag
"42b7-5c2afe6a21300"
expires
Thu, 10 Jun 2021 00:37:51 GMT
last-modified
Wed, 19 May 2021 14:47:08 GMT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
server
ECAcc (mil/6C9B)
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-varnish
984936029
content-length
5429
/
ssc-cms.33across.com/ps/ Frame 14C0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=atx4xsU7Or6R0PaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instBid-3.27.1-no-userID.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.172 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software
33XP003 /
Resource Hash

Request headers

:method
GET
:authority
ssc-cms.33across.com
:scheme
https
:path
/ps/?m=xch&rt=html&ru=deb&id=atx4xsU7Or6R0PaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.justjared.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.justjared.com/

Response headers

x-33x-status
2020008
server
33XP003
date
Thu, 10 Jun 2021 00:22:59 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame 9BF5 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instBid-3.27.1-no-userID.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://www.justjared.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.justjared.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Thu, 10 Jun 2021 00:22:45 GMT
Connection
keep-alive
check.html
biddr.brealtime.com/ Frame A2EC 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instBid-3.27.1-no-userID.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.119.107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Host
biddr.brealtime.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://www.justjared.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.justjared.com/

Response headers

Date
Thu, 10 Jun 2021 00:22:45 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
x-amz-id-2
QPg1IxGUgjHTe7yzLH8py8UlQ29OR40peYVEDcjXTyeAHVyZwzC0KXVtNZxdJdP2rI/IbEV/hlg=
x-amz-request-id
Q2J7PAP1GZJS9FPM
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status
HIT
Age
2986
Expires
Thu, 10 Jun 2021 00:23:45 GMT
Cache-Control
public, max-age=60
cf-request-id
0a94e5ddbb00000221f21ab000000001
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
65ce7275f91c0221-ZRH
Content-Encoding
gzip
showad.js
ads.pubmatic.com/AdServer/js/ Frame 722C 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instBid-3.27.1-no-userID.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.justjared.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=243001C2-55CB-49FA-8475-D0132988CDB5; KRTBCOOKIE_1051=22884-18072662182946732675; PUBMDCID=3; KRTBCOOKIE_377=6810-d2513907-50a7-4b1a-a831-996b2a9a1e2d&KRTB&22918-d2513907-50a7-4b1a-a831-996b2a9a1e2d&KRTB&23031-d2513907-50a7-4b1a-a831-996b2a9a1e2d; repi=1; KRTBCOOKIE_22=14911-2390624913052329021; KRTBCOOKIE_1101=23040-6971954097301878934; KRTBCOOKIE_466=16530-28089516-6d3a-4447-b279-e92369718e38; chkChromeAb67Sec=3; DPSync3=1624492800%3A201_232_197_219_235_221_226_227%7C1623369600%3A174; SyncRTB3=1625875200%3A203%7C1624492800%3A13_55_21_3_230_56_54_161_71_165_204_7_99_234_88_166_8_81_220_22%7C1624147200%3A63%7C1623888000%3A223_2_15%7C1624579200%3A35; KRTBCOOKIE_699=22727-AAAzRk7BgrcAADMcIDorAA; KRTBCOOKIE_80=22987-CAESEIYemLSCDKQv2Hg48g-Ga3w&KRTB&16514-CAESEIYemLSCDKQv2Hg48g-Ga3w&KRTB&23025-CAESEIYemLSCDKQv2Hg48g-Ga3w; KRTBCOOKIE_57=22776-7761284304466057866; KRTBCOOKIE_153=19420-TMaT0k-UxNpXl8bbHMLdhk7HyIJXk8PaHsXKbE_o&KRTB&22979-TMaT0k-UxNpXl8bbHMLdhk7HyIJXk8PaHsXKbE_o; PugT=1623284562; SPugT=1623284562
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.justjared.com/

Response headers

last-modified
Tue, 11 May 2021 05:24:02 GMT
etag
"13006b6-96ca-5c2071a26cca4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13964
content-type
text/html; charset=UTF-8
cache-control
public, max-age=39880
expires
Thu, 10 Jun 2021 11:27:30 GMT
date
Thu, 10 Jun 2021 00:22:50 GMT
vary
Accept-Encoding
pd
eu-u.openx.net/w/1.0/ Frame BC6B 		668 B
816 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=76f82d4b-8581-44b9-85f2-34f5ab6622df&gdpr=0
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instBid-3.27.1-no-userID.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.208.0 /
Resource Hash
b95dc288481f0db34071e1681f683696d2f56549eed66d6c995ae3d918f34b9c

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=76f82d4b-8581-44b9-85f2-34f5ab6622df&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.justjared.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=760cdcd7-3cff-427a-b5d0-4bf9da76c70f|1623284552
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.justjared.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=760cdcd7-3cff-427a-b5d0-4bf9da76c70f|1623284552; Version=1; Expires=Fri, 10-Jun-2022 00:22:45 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1623284565|gekin0vNiygu; Version=1; Expires=Fri, 25-Jun-2021 00:22:45 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.208.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Thu, 10 Jun 2021 00:22:45 GMT
content-type
text/html
content-length
419
content-encoding
gzip
via
1.1 google
alt-svc
clear
18.gif
id5-sync.com/qp/
Redirect Chain
  • https://id5-sync.com/s/441/9.gif?puid=e_9cfc47e5-d880-4d32-b76a-dcf8c5c95563&gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=483047&dpuuid=ID5-ZHMO07tTqx4uh3NMXsYgMN1YKtDBm4Za5JEsHI6akw&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F349%2F8%2F2.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr...
  • https://id5-sync.com/c/441/349/8/2.gif?puid=50558326327517680903860398498804200514&gdpr=1&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=e531f6244b4306da9a81f2b632d62d5c&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F485%2F7%2F3.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gd...
  • https://id5-sync.com/c/441/485/7/3.gif?puid=50558326327517680903860398498804200514&gdpr=1&gdpr_consent=
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NiZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NiZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&domid=1033
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NiZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi...
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NiZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103...
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEIoMqqOwyLIklYj1NfSMNpU&sd=Y2FzY2FkZXNSZW1haW5pbmc9NiZjYXNjYWRlc0Rv...
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcookie-matching.mediarithmics.com%2Finput%3Fkey%3DAPX%26apx_uid%3D%24UID%26opid%3Dapx%26ops%3D%26utidl%3Dtech%3Agoo%3ACAESEIoMqqOwyLIklYj1NfSMN...
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=4626903868815124967&opid=apx&ops=&utidl=tech:goo:CAESEIoMqqOwyLIklYj1NfSMNpU&sd=Y2FzY2FkZXNSZW1haW5pbmc9NiZjYXNjYWRlc0RvbmU9NCZpbml0a...
  • https://id5-sync.com/qp/18.gif?puid=vec%3A17997186262&sd=Y2FzY2FkZXNSZW1haW5pbmc9NiZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/qp/18.gif?puid=vec%3A17997186262&sd=Y2FzY2FkZXNSZW1haW5pbmc9NiZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.21.8 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:21:46 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"

Redirect headers

location
https://id5-sync.com/qp/18.gif?puid=vec%3A17997186262&sd=Y2FzY2FkZXNSZW1haW5pbmc9NiZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY
date
Thu, 10 Jun 2021 00:22:57 GMT
content-length
0
strict-transport-security
max-age=63072000;includeSubDomains;preload
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=e315a43aa9&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=d2513907-50a7-4b1a-a831-996b2a9a1e2d&pubid=e315a43aa9
49 B
927 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=td&nuid=d2513907-50a7-4b1a-a831-996b2a9a1e2d&pubid=e315a43aa9
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:45 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:44 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.go.sonobi.com/us.gif?nw=td&nuid=d2513907-50a7-4b1a-a831-996b2a9a1e2d&pubid=e315a43aa9
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
227
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=sonobi&bsw_custom_parameter=28089516-6d3a-4447-b279-e92369718e38
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=sonobi&bsw_custom_parameter=28089516-6d3a-4447-b279-e92369718e38
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=28cf2283-1a2e-4cf3-a403-5eef0743c4fe&ssp=sonobi&expires=30&user_group=5&bsw_param=28089516-6d3a-4447-b279-e92369718e38
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=4&user_id=28cf2283-1a2e-4cf3-a403-5eef0743c4fe&ssp=sonobi&expires=30&user_group=5&bsw_param=28089516-6d3a-4447-b279-e92369718e38
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=6271ec32-ad4e-4277-90ec-845e223f38b6
49 B
931 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=6271ec32-ad4e-4277-90ec-845e223f38b6
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:46 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
//sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=6271ec32-ad4e-4277-90ec-845e223f38b6
date
Thu, 10 Jun 2021 00:22:46 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID]
  • https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=b72660c1-5b48-4d00-bd58-4280b2d3c0b0
49 B
931 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=b72660c1-5b48-4d00-bd58-4280b2d3c0b0
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:45 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Thu, 10 Jun 2021 00:22:37 GMT
Server
MT3 3759 5f8f15b master zrh-pixel-x13
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=b72660c1-5b48-4d00-bd58-4280b2d3c0b0
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 10 Jun 2021 00:22:36 GMT
1x1.png
cdn.aralego.net/img/ Frame 0099
Redirect Chain
  • https://sync.aralego.com/idsync?
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/0c624eba-9f73-3486-9dca-63669b00d970?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-CabvSpxE2oXshCcxgGhkjVJlao2luLy_w.LtuTA-~A&redirect=
  • https://cm.g.doubleclick.net/pixel?google_nid=ucfunnel&google_hm=MGM2MjRlYmEtOWY3My0zNDg2LTlkY2EtNjM2NjliMDBkOTcw&google_redir=https%3A%2F%2Fcdn.aralego.net%2Fimg%2F1x1.png
  • https://cm.g.doubleclick.net/pixel?google_nid=ucfunnel&google_hm=MGM2MjRlYmEtOWY3My0zNDg2LTlkY2EtNjM2NjliMDBkOTcw&google_redir=https%3A%2F%2Fcdn.aralego.net%2Fimg%2F1x1.png&google_tc=
  • https://cdn.aralego.net/img/1x1.png
68 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.aralego.net/img/1x1.png
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:45 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
313
content-length
68
cf-request-id
0a94e5de9800004aaa59bd0000000001
last-modified
Wed, 12 Jun 2019 06:09:43 GMT
server
cloudflare
etag
"5d009727-44"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=QSXyez2SwGKkr7yNpBGUMNl5VJL6Klb8OuxBqAYMZYjHvACVPqrt0GBi%2BeIxlVNmKOEdcwPWVe4OuPRJJ0yC3WkLsMX%2FYjlPEHrIzeiBndB6AIlqSqZNJIHh%2FVBIBXko0DuZ5V8kPbs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
65ce72775ad64aaa-FRA

Redirect headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:45 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cdn.aralego.net/img/1x1.png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
232
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame 5961 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/AdServer/js/showad.js
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=243001C2-55CB-49FA-8475-D0132988CDB5; KRTBCOOKIE_1051=22884-18072662182946732675; PUBMDCID=3; KRTBCOOKIE_377=6810-d2513907-50a7-4b1a-a831-996b2a9a1e2d&KRTB&22918-d2513907-50a7-4b1a-a831-996b2a9a1e2d&KRTB&23031-d2513907-50a7-4b1a-a831-996b2a9a1e2d; repi=1; KRTBCOOKIE_22=14911-2390624913052329021; KRTBCOOKIE_1101=23040-6971954097301878934; KRTBCOOKIE_466=16530-28089516-6d3a-4447-b279-e92369718e38; chkChromeAb67Sec=3; DPSync3=1624492800%3A201_232_197_219_235_221_226_227%7C1623369600%3A174; SyncRTB3=1625875200%3A203%7C1624492800%3A13_55_21_3_230_56_54_161_71_165_204_7_99_234_88_166_8_81_220_22%7C1624147200%3A63%7C1623888000%3A223_2_15%7C1624579200%3A35; KRTBCOOKIE_699=22727-AAAzRk7BgrcAADMcIDorAA; KRTBCOOKIE_80=22987-CAESEIYemLSCDKQv2Hg48g-Ga3w&KRTB&16514-CAESEIYemLSCDKQv2Hg48g-Ga3w&KRTB&23025-CAESEIYemLSCDKQv2Hg48g-Ga3w; KRTBCOOKIE_57=22776-7761284304466057866; KRTBCOOKIE_153=19420-TMaT0k-UxNpXl8bbHMLdhk7HyIJXk8PaHsXKbE_o&KRTB&22979-TMaT0k-UxNpXl8bbHMLdhk7HyIJXk8PaHsXKbE_o; SPugT=1623284563; KRTBCOOKIE_27=16735-uid:b72660c1-5b48-4d00-bd58-4280b2d3c0b0&KRTB&16736-uid:b72660c1-5b48-4d00-bd58-4280b2d3c0b0&KRTB&23019-uid:b72660c1-5b48-4d00-bd58-4280b2d3c0b0&KRTB&23114-uid:b72660c1-5b48-4d00-bd58-4280b2d3c0b0; PugT=1623284564
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

last-modified
Tue, 11 May 2021 05:24:02 GMT
etag
"13006b6-96ca-5c2071a26cca4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13964
content-type
text/html; charset=UTF-8
cache-control
public, max-age=39880
expires
Thu, 10 Jun 2021 11:27:30 GMT
date
Thu, 10 Jun 2021 00:22:50 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 64BC 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/AdServer/js/showad.js
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=243001C2-55CB-49FA-8475-D0132988CDB5; KRTBCOOKIE_1051=22884-18072662182946732675; PUBMDCID=3; KRTBCOOKIE_377=6810-d2513907-50a7-4b1a-a831-996b2a9a1e2d&KRTB&22918-d2513907-50a7-4b1a-a831-996b2a9a1e2d&KRTB&23031-d2513907-50a7-4b1a-a831-996b2a9a1e2d; repi=1; KRTBCOOKIE_22=14911-2390624913052329021; KRTBCOOKIE_1101=23040-6971954097301878934; KRTBCOOKIE_466=16530-28089516-6d3a-4447-b279-e92369718e38; chkChromeAb67Sec=3; DPSync3=1624492800%3A201_232_197_219_235_221_226_227%7C1623369600%3A174; SyncRTB3=1625875200%3A203%7C1624492800%3A13_55_21_3_230_56_54_161_71_165_204_7_99_234_88_166_8_81_220_22%7C1624147200%3A63%7C1623888000%3A223_2_15%7C1624579200%3A35; KRTBCOOKIE_699=22727-AAAzRk7BgrcAADMcIDorAA; KRTBCOOKIE_80=22987-CAESEIYemLSCDKQv2Hg48g-Ga3w&KRTB&16514-CAESEIYemLSCDKQv2Hg48g-Ga3w&KRTB&23025-CAESEIYemLSCDKQv2Hg48g-Ga3w; KRTBCOOKIE_57=22776-7761284304466057866; KRTBCOOKIE_153=19420-TMaT0k-UxNpXl8bbHMLdhk7HyIJXk8PaHsXKbE_o&KRTB&22979-TMaT0k-UxNpXl8bbHMLdhk7HyIJXk8PaHsXKbE_o; SPugT=1623284563; KRTBCOOKIE_27=16735-uid:b72660c1-5b48-4d00-bd58-4280b2d3c0b0&KRTB&16736-uid:b72660c1-5b48-4d00-bd58-4280b2d3c0b0&KRTB&23019-uid:b72660c1-5b48-4d00-bd58-4280b2d3c0b0&KRTB&23114-uid:b72660c1-5b48-4d00-bd58-4280b2d3c0b0; PugT=1623284564
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

last-modified
Tue, 11 May 2021 05:24:02 GMT
etag
"13006b6-96ca-5c2071a26cca4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13964
content-type
text/html; charset=UTF-8
cache-control
public, max-age=39880
expires
Thu, 10 Jun 2021 11:27:30 GMT
date
Thu, 10 Jun 2021 00:22:50 GMT
vary
Accept-Encoding
sd
eu-u.openx.net/w/1.0/ Frame BC6B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=121360c1-5b55-4300-8935-02b65d963cf4
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=121360c1-5b55-4300-8935-02b65d963cf4
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=76f82d4b-8581-44b9-85f2-34f5ab6622df&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.208.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:45 GMT
via
1.1 google
server
OXGW/16.208.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Thu, 10 Jun 2021 00:22:38 GMT
Server
MT3 3759 5f8f15b master zrh-pixel-x29
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=121360c1-5b55-4300-8935-02b65d963cf4
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 10 Jun 2021 00:22:37 GMT
sd
us-u.openx.net/w/1.0/ Frame BC6B
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=i4aS7IjUxOiQgcS4idDc7NmFxOSQhpW_iIL3LGkT
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=i4aS7IjUxOiQgcS4idDc7NmFxOSQhpW_iIL3LGkT
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=76f82d4b-8581-44b9-85f2-34f5ab6622df&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.208.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:45 GMT
via
1.1 google
server
OXGW/16.208.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:45 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=i4aS7IjUxOiQgcS4idDc7NmFxOSQhpW_iIL3LGkT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame BC6B
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=871952570536581476
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=871952570536581476
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=76f82d4b-8581-44b9-85f2-34f5ab6622df&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.208.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:46 GMT
via
1.1 google
server
OXGW/16.208.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:46 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=871952570536581476
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame BC6B 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=a5a0e38e-9578-7d8d-ef06-8311be51f4f2&gdpr=0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=76f82d4b-8581-44b9-85f2-34f5ab6622df&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:45 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame BC6B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODljZjMwNDQtNWMwZi0yMzI5LWZhZTYtZDlhODc0YjMzYTky
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODljZjMwNDQtNWMwZi0yMzI5LWZhZTYtZDlhODc0YjMzYTky&google_tc=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODljZjMwNDQtNWMwZi0yMzI5LWZhZTYtZDlhODc0YjMzYTky&google_tc=
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=76f82d4b-8581-44b9-85f2-34f5ab6622df&gdpr=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:45 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODljZjMwNDQtNWMwZi0yMzI5LWZhZTYtZDlhODc0YjMzYTky&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame BC6B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEO2AIdOFZOZSgHrUFEBC-CM&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEO2AIdOFZOZSgHrUFEBC-CM&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=76f82d4b-8581-44b9-85f2-34f5ab6622df&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.208.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:45 GMT
via
1.1 google
server
OXGW/16.208.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:45 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEO2AIdOFZOZSgHrUFEBC-CM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 4CC7 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c6f62e88b9130a1963e3de00810b565fabf02d9834e3e848c640ebda2a9ae6d5

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YMFbVHrq5gUsYcc01MhTygAA; CMPS=3202; CMPRO=1110; CMST=YMFbVGDBW1QA; CMRUM3=6d60c15b54276085ccf6c4a7c34ec6b41e6bee6624d15c
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
45|230|241|39|65|88|156|5
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1748
Expires
Thu, 10 Jun 2021 00:22:45 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:45 GMT
Connection
keep-alive
Set-Cookie
CMID=YMFbVHrq5gUsYcc01MhTygAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 10 Jun 2022 00:22:45 GMT CMPS=3202;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 08 Sep 2021 00:22:45 GMT CMPRO=1110;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 08 Sep 2021 00:22:45 GMT CMST=YMFbVGDBW1UA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 11 Jun 2021 00:22:45 GMT CMRUM3=9c60c15b5505a00&5860c15b5505a0&2d60c15b5505a0&f160c15b5505a0&4160c15b5505a0&0560c15b5505a0&6d60c15b54276085ccf6c4a7c34ec6b41e6bee6624d15c&e660c15b552760&2760c15b550b40;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 10 Jun 2022 00:22:45 GMT
crum
dsum-sec.casalemedia.com/ Frame 4CC7
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YMFbVHrq5gUsYcc01MhTygAA
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YMFbVHrq5gUsYcc01MhTygAA&google_tc=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIfoGnPcWCBV80ZbTG4iA24&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIfoGnPcWCBV80ZbTG4iA24&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:45 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 10 Jun 2021 00:22:45 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:45 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIfoGnPcWCBV80ZbTG4iA24&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 4CC7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YMFbVHrq5gUsYcc01MhTygAABFYAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YMFbVHrq5gUsYcc01MhTygAABFYAAAIB&gdpr_consent=&us_privacy=&gdpr=&google_tc=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEOl5XTczN-ALImftnCw1ir0&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEOl5XTczN-ALImftnCw1ir0&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:45 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Thu, 10 Jun 2021 00:22:45 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:45 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEOl5XTczN-ALImftnCw1ir0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 4CC7
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YMFbVHrq5gUsYcc01MhTygAABFYAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YMFbVHrq5gUsYcc01MhTygAABFYAAAIB&dcc=t
43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YMFbVHrq5gUsYcc01MhTygAABFYAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:57 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:47 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YMFbVHrq5gUsYcc01MhTygAABFYAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 4CC7 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YMFbVHrq5gUsYcc01MhTygAA
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:45 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
rum
dsum.casalemedia.com/ Frame 4CC7
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1623370965
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1623370965
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:46 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Thu, 10 Jun 2021 00:22:46 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1623370965
pragma
no-cache
date
Thu, 10 Jun 2021 00:22:45 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 4CC7
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=YMFbVgABq5SZtQA4
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YMFbVgABq5SZtQA4&_test=YMFbVgABq5SZtQA4
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YMFbVgABq5SZtQA4&_test=YMFbVgABq5SZtQA4
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:46 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 10 Jun 2021 00:22:46 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:46 GMT
via
1.1 varnish
server
Varnish
x-timer
S1623284567.741835,VS0,VE0
x-served-by
cache-fra19169-FRA
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YMFbVgABq5SZtQA4&_test=YMFbVgABq5SZtQA4
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
cookiesync
bttrack.com/pixel/ Frame 4CC7 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ServerName
Track004-dc3
Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:24 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
ix
ad4m.at/ad/sim/ Frame 4CC7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 4CC7 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YMFbVHrq5gUsYcc01MhTygAA%261110
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=http://www.justjared.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:45 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"da1f1d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=3468
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Thu, 10 Jun 2021 01:20:33 GMT
/
track.adform.net/serving/unload/ Frame F63D 		35 B
504 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=1644554226815624761@@46742068,7194249622548843641,0|0|0|0|0|0|0|0|0||0|1|1|60c15b4e000eebd207838574fb08a951_1|||1|0|0|jIHxYVgKKHJX7EYoWZQhUSn1V3AuSlbvPO-e_Z75i3TgTLzQqlUWC8kllzAqADQrA7z_uuw_WOM1|||11|
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:46 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame 6553 		35 B
503 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=3007421773452874671@@46742068,8773325714407147192,0|0|0|0|0|0|0|0|0||0|1|1|60c15b4e000ee9e00a8b041a3b02ece5_1|||1|0|0|jIHxYVgKKHJX7EYoWZQhUaIg8m69qz3cpGmcY3Uqp-n9VMKGF5ANl8kllzAqADQrA7z_uuw_WOM1|||11|
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:46 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
v2gks1md9V0ikLPvP1Sn_pjuj0G94iTowaWDYR1MADkAwgGIs4CTxw0qJN6Jqi2f_98dFJ-mDoDDUp8gQ
sulkycook.com/ 		197 B
596 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sulkycook.com/v2gks1md9V0ikLPvP1Sn_pjuj0G94iTowaWDYR1MADkAwgGIs4CTxw0qJN6Jqi2f_98dFJ-mDoDDUp8gQ
Requested by
Host: sulkycook.com
URL: https://sulkycook.com/v2xvlFGSxXgH04nKGo3OP9MGpH4ZVEULG9eLw54klbAbVNIIJqQ8w1ZVy_0xydXGI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.249.84 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
84.249.186.35.bc.googleusercontent.com
Software
/
Resource Hash
a023b18f1af391803e0699f5226bc58045e6c3108521b7515f5eb30d9bdccba5
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-datacenter
gce-europe-west1
date
Thu, 10 Jun 2021 00:22:47 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
http://www.justjared.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-hostname
f8becdc5
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
197
expires
Thu, 10 Jun 2021 00:22:46 GMT
bounce
ib.adnxs.com/ Frame ED22
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
826 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: www.justjared.com
URL: http://www.justjared.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:57 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.222.243:80
AN-X-Request-Uuid
63666500-fdc4-419a-aa2b-4bedc1172b5a
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:57 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.107:80
AN-X-Request-Uuid
36add4f2-8bf3-41b1-b38d-4e88663acd40
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
wrap.js
confiant-integrations.global.ssl.fastly.net/gpt/202106012030/ 		163 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://confiant-integrations.global.ssl.fastly.net/gpt/202106012030/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Server
151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
17e77d291e251b4ab9bd530f3c5910b63ceba4d27e50d146c3304fc696172fba

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:50 GMT
Content-Encoding
gzip
Age
586
X-Cache
HIT
Connection
keep-alive
Content-Length
53155
x-amz-id-2
/zkE8aExFUdHGdA8JQ9RqKZfPMgxNjmkKWDB0cv3LQfRs3m73xmGPJ6K0nHZMODNHexU9tGwwf8=
X-Served-By
cache-hhn4066-HHN
Last-Modified
Wed, 02 Jun 2021 00:32:22 GMT
Server
AmazonS3
X-Timer
S1623284570.108205,VS0,VE0
ETag
"349afda990f07e6a26edf1fd7d722477"
x-amz-request-id
GXXS4Z7TMY62K9SF
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
175
PugMaster
image6.pubmatic.com/AdServer/ Frame DCB1 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=8168223&p=156657&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
12239f8b546b1ce0302ab54434432c3a553972242a77c3673d592dd254969e21

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:49 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
match
c1.adform.net/serving/cookie/ Frame 5159
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=DFD26154-CAF9-4A9B-A4C8-0A3924C365A8
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=DFD26154-CAF9-4A9B-A4C8-0A3924C365A8
35 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=DFD26154-CAF9-4A9B-A4C8-0A3924C365A8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?CC=1&party=14&cid=DFD26154-CAF9-4A9B-A4C8-0A3924C365A8
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
C=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 10 Jun 2021 00:22:50 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=1187433137311246353; expires=Mon, 09 Aug 2021 00:22:50 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Thu, 10 Jun 2021 00:22:50 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=DFD26154-CAF9-4A9B-A4C8-0A3924C365A8
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
C=1; expires=Sat, 10 Jul 2021 00:22:50 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame BEF6
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3987235876482715318
42 B
210 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3987235876482715318
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3987235876482715318
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
PUBMDCID=3; KADUSERCOOKIE=DFD26154-CAF9-4A9B-A4C8-0A3924C365A8; chkChromeAb67Sec=1; DPSync3=1623369600%3A174%7C1624492800%3A197_219_201; SyncRTB3=1624579200%3A35%7C1624492800%3A7_3_166_81_161_22_99_8_56_54_234_21_71_55%7C1624147200%3A63%7C1625875200%3A203%7C1623888000%3A2_223_15; KRTBCOOKIE_153=19420-GV1jmBoPNcgCXjKcGFktmBtYNpkCCzOfSwz0MTAO&KRTB&22979-GV1jmBoPNcgCXjKcGFktmBtYNpkCCzOfSwz0MTAO; KRTBCOOKIE_27=16735-uid:62c060c1-5b59-4e00-ab8c-32c2382a2fab&KRTB&16736-uid:62c060c1-5b59-4e00-ab8c-32c2382a2fab&KRTB&23019-uid:62c060c1-5b59-4e00-ab8c-32c2382a2fab&KRTB&23114-uid:62c060c1-5b59-4e00-ab8c-32c2382a2fab; SPugT=1623284570; KRTBCOOKIE_80=22987-CAESENiYSvuWiW7QobS4uxh0v84&KRTB&16514-CAESENiYSvuWiW7QobS4uxh0v84&KRTB&23025-CAESENiYSvuWiW7QobS4uxh0v84; KRTBCOOKIE_391=22924-4150698187221535170&KRTB&23263-4150698187221535170; PugT=1623284570; KRTBCOOKIE_377=6810-3b7ecffc-7e9a-4156-8cae-98b0d9533a0d&KRTB&22918-3b7ecffc-7e9a-4156-8cae-98b0d9533a0d&KRTB&23031-3b7ecffc-7e9a-4156-8cae-98b0d9533a0d
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 10 Jun 2021 00:22:48 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_336=5844-3987235876482715318; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 10-Jul-2021 00:22:48 GMT; path=/ PugT=1623284568; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 10-Jul-2021 00:22:48 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 08-Sep-2021 00:22:48 GMT; path=/
x-lat
amspug010:0:422
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3987235876482715318
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame DCB1
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:62c060c1-5b59-4e00-ab8c-32c2382a2fab&gdpr=0&gdpr_consent=
42 B
492 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:62c060c1-5b59-4e00-ab8c-32c2382a2fab&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:50 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug010:0:435
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Thu, 10 Jun 2021 00:22:42 GMT
Server
MT3 3759 5f8f15b master zrh-pixel-x25
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:62c060c1-5b59-4e00-ab8c-32c2382a2fab&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 10 Jun 2021 00:22:41 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame DCB1
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4150698187221535170
42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4150698187221535170
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:50 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug016:0:389
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:50 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4150698187221535170
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
image2.pubmatic.com/AdServer/ Frame DCB1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENiYSvuWiW7QobS4uxh0v84&google_cver=1
42 B
436 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENiYSvuWiW7QobS4uxh0v84&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:48 GMT
cache-control
no-store, no-cache, private
x-lat
amspug006:0:425
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:50 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENiYSvuWiW7QobS4uxh0v84&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame DCB1
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=3b7ecffc-7e9a-4156-8cae-98b0d9533a0d
42 B
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=3b7ecffc-7e9a-4156-8cae-98b0d9533a0d
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:50 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug015:0:482
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:50 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=3b7ecffc-7e9a-4156-8cae-98b0d9533a0d
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
usersync.aspx
dis.criteo.com/dis/ Frame A669 		43 B
369 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Thu, 10 Jun 2021 00:00:00 GMT
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1184
x-powered-by
ASP.NET
date
Thu, 10 Jun 2021 00:22:52 GMT
content-length
43
Pug
image2.pubmatic.com/AdServer/ Frame DCB1
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1208692412575765778&gdpr=0&gdpr_consent=
42 B
492 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1208692412575765778&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:56 GMT
cache-control
no-store, no-cache, private
x-lat
amspug007:0:378
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:57 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.149:80
AN-X-Request-Uuid
ff533e54-9917-408f-a92f-60ae516c48ca
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1208692412575765778&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame DCB1
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=GV1jmBoPNcgCXjKcGFktmBtYNpkCCzOfSwz0MTAO
42 B
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=GV1jmBoPNcgCXjKcGFktmBtYNpkCCzOfSwz0MTAO
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:47 GMT
cache-control
no-store, no-cache, private
x-lat
amspug003:0:319
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:50 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=GV1jmBoPNcgCXjKcGFktmBtYNpkCCzOfSwz0MTAO
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame FA50
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6971954144548550799
42 B
365 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6971954144548550799
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6971954144548550799
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
PUBMDCID=3; KADUSERCOOKIE=DFD26154-CAF9-4A9B-A4C8-0A3924C365A8; chkChromeAb67Sec=1; DPSync3=1623369600%3A174%7C1624492800%3A197_219_201; SyncRTB3=1624579200%3A35%7C1624492800%3A7_3_166_81_161_22_99_8_56_54_234_21_71_55%7C1624147200%3A63%7C1625875200%3A203%7C1623888000%3A2_223_15; KRTBCOOKIE_153=19420-GV1jmBoPNcgCXjKcGFktmBtYNpkCCzOfSwz0MTAO&KRTB&22979-GV1jmBoPNcgCXjKcGFktmBtYNpkCCzOfSwz0MTAO; KRTBCOOKIE_27=16735-uid:62c060c1-5b59-4e00-ab8c-32c2382a2fab&KRTB&16736-uid:62c060c1-5b59-4e00-ab8c-32c2382a2fab&KRTB&23019-uid:62c060c1-5b59-4e00-ab8c-32c2382a2fab&KRTB&23114-uid:62c060c1-5b59-4e00-ab8c-32c2382a2fab; KRTBCOOKIE_80=22987-CAESENiYSvuWiW7QobS4uxh0v84&KRTB&16514-CAESENiYSvuWiW7QobS4uxh0v84&KRTB&23025-CAESENiYSvuWiW7QobS4uxh0v84; KRTBCOOKIE_391=22924-4150698187221535170&KRTB&23263-4150698187221535170; KRTBCOOKIE_377=6810-3b7ecffc-7e9a-4156-8cae-98b0d9533a0d&KRTB&22918-3b7ecffc-7e9a-4156-8cae-98b0d9533a0d&KRTB&23031-3b7ecffc-7e9a-4156-8cae-98b0d9533a0d; KRTBCOOKIE_22=14911-3765948413551573858; KRTBCOOKIE_336=5844-3987235876482715318; SPugT=1623284569; KRTBCOOKIE_218=22978-YMFbWgABq7DLVgA4&KRTB&23194-YMFbWgABq7DLVgA4&KRTB&23209-YMFbWgABq7DLVgA4&KRTB&23244-YMFbWgABq7DLVgA4; KRTBCOOKIE_699=22727-AAEOEE7BgrcAADLifD7mHw; PugT=1623284569
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 10 Jun 2021 00:22:51 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_1101=23040-6971954144548550799; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 10-Jul-2021 00:22:51 GMT; path=/ PugT=1623284571; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 10-Jul-2021 00:22:51 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 08-Sep-2021 00:22:51 GMT; path=/
x-lat
lhrpug011:0:333
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Thu, 10 Jun 2021 00:22:51 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=6971954144548550799; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6971954144548550799
Pug
image2.pubmatic.com/AdServer/ Frame 6AD8
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFT0VFN0JncmNBQURMaWZEN21Idw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAEOEE7BgrcAADLifD7mHw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_curre...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=6768698747352176198
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAEOEE7BgrcAADLifD7mHw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D6768698747352176198%26bee_sync_partners%3Dpm%26bee_sync...
  • https://match.prod.bidr.io/cookie-sync?userid=6768698747352176198&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAEOEE7BgrcAADLifD7mHw&pid=558502&d...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEOEE7BgrcAADLifD7mHw
42 B
214 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEOEE7BgrcAADLifD7mHw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEOEE7BgrcAADLifD7mHw
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
PUBMDCID=3; KADUSERCOOKIE=DFD26154-CAF9-4A9B-A4C8-0A3924C365A8; chkChromeAb67Sec=1; DPSync3=1623369600%3A174%7C1624492800%3A197_219_201; SyncRTB3=1624579200%3A35%7C1624492800%3A7_3_166_81_161_22_99_8_56_54_234_21_71_55%7C1624147200%3A63%7C1625875200%3A203%7C1623888000%3A2_223_15; KRTBCOOKIE_153=19420-GV1jmBoPNcgCXjKcGFktmBtYNpkCCzOfSwz0MTAO&KRTB&22979-GV1jmBoPNcgCXjKcGFktmBtYNpkCCzOfSwz0MTAO; KRTBCOOKIE_27=16735-uid:62c060c1-5b59-4e00-ab8c-32c2382a2fab&KRTB&16736-uid:62c060c1-5b59-4e00-ab8c-32c2382a2fab&KRTB&23019-uid:62c060c1-5b59-4e00-ab8c-32c2382a2fab&KRTB&23114-uid:62c060c1-5b59-4e00-ab8c-32c2382a2fab; KRTBCOOKIE_80=22987-CAESENiYSvuWiW7QobS4uxh0v84&KRTB&16514-CAESENiYSvuWiW7QobS4uxh0v84&KRTB&23025-CAESENiYSvuWiW7QobS4uxh0v84; KRTBCOOKIE_391=22924-4150698187221535170&KRTB&23263-4150698187221535170; KRTBCOOKIE_377=6810-3b7ecffc-7e9a-4156-8cae-98b0d9533a0d&KRTB&22918-3b7ecffc-7e9a-4156-8cae-98b0d9533a0d&KRTB&23031-3b7ecffc-7e9a-4156-8cae-98b0d9533a0d; KRTBCOOKIE_22=14911-3765948413551573858; KRTBCOOKIE_336=5844-3987235876482715318; SPugT=1623284569; KRTBCOOKIE_218=22978-YMFbWgABq7DLVgA4&KRTB&23194-YMFbWgABq7DLVgA4&KRTB&23209-YMFbWgABq7DLVgA4&KRTB&23244-YMFbWgABq7DLVgA4; PugT=1623284570
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 10 Jun 2021 00:22:49 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_699=22727-AAEOEE7BgrcAADLifD7mHw; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 10-Jul-2021 00:22:49 GMT; path=/ PugT=1623284569; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 10-Jul-2021 00:22:49 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 08-Sep-2021 00:22:49 GMT; path=/
x-lat
amspug015:0:324
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Date
Thu, 10 Jun 2021 00:22:50 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEOEE7BgrcAADLifD7mHw
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
pubmaticmatch
match.adsby.bidtheatre.com/ Frame DCB1 		0
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame DCB1 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 2B92
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5928506021
  • https://sync.1rx.io/usersync/tradedesk/3b7ecffc-7e9a-4156-8cae-98b0d9533a0d
  • https://sync.targeting.unrulymedia.com/csync/RX-d3cf6f02-c298-4587-af1e-2543bca75a6b-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-d3cf6f02-c298-4587-af1e-2543bca75a6b-003
42 B
136 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-d3cf6f02-c298-4587-af1e-2543bca75a6b-003
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-d3cf6f02-c298-4587-af1e-2543bca75a6b-003
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
PUBMDCID=3; KADUSERCOOKIE=DFD26154-CAF9-4A9B-A4C8-0A3924C365A8; chkChromeAb67Sec=1; DPSync3=1623369600%3A174%7C1624492800%3A197_219_201; SyncRTB3=1624579200%3A35%7C1624492800%3A7_3_166_81_161_22_99_8_56_54_234_21_71_55%7C1624147200%3A63%7C1625875200%3A203%7C1623888000%3A2_223_15; KRTBCOOKIE_153=19420-GV1jmBoPNcgCXjKcGFktmBtYNpkCCzOfSwz0MTAO&KRTB&22979-GV1jmBoPNcgCXjKcGFktmBtYNpkCCzOfSwz0MTAO; KRTBCOOKIE_27=16735-uid:62c060c1-5b59-4e00-ab8c-32c2382a2fab&KRTB&16736-uid:62c060c1-5b59-4e00-ab8c-32c2382a2fab&KRTB&23019-uid:62c060c1-5b59-4e00-ab8c-32c2382a2fab&KRTB&23114-uid:62c060c1-5b59-4e00-ab8c-32c2382a2fab; KRTBCOOKIE_80=22987-CAESENiYSvuWiW7QobS4uxh0v84&KRTB&16514-CAESENiYSvuWiW7QobS4uxh0v84&KRTB&23025-CAESENiYSvuWiW7QobS4uxh0v84; KRTBCOOKIE_391=22924-4150698187221535170&KRTB&23263-4150698187221535170; KRTBCOOKIE_377=6810-3b7ecffc-7e9a-4156-8cae-98b0d9533a0d&KRTB&22918-3b7ecffc-7e9a-4156-8cae-98b0d9533a0d&KRTB&23031-3b7ecffc-7e9a-4156-8cae-98b0d9533a0d; KRTBCOOKIE_22=14911-3765948413551573858; KRTBCOOKIE_336=5844-3987235876482715318; SPugT=1623284569; KRTBCOOKIE_218=22978-YMFbWgABq7DLVgA4&KRTB&23194-YMFbWgABq7DLVgA4&KRTB&23209-YMFbWgABq7DLVgA4&KRTB&23244-YMFbWgABq7DLVgA4; KRTBCOOKIE_699=22727-AAEOEE7BgrcAADLifD7mHw; KRTBCOOKIE_1101=23040-6971954144548550799; PugT=1623284571
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 10 Jun 2021 00:22:51 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_594=17105-RX-d3cf6f02-c298-4587-af1e-2543bca75a6b-003&KRTB&17107-RX-d3cf6f02-c298-4587-af1e-2543bca75a6b-003; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 08-Sep-2021 00:22:51 GMT; path=/ PugT=1623284571; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 10-Jul-2021 00:22:51 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 08-Sep-2021 00:22:51 GMT; path=/
x-lat
lhrpug005:0:445
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Tengine
date
Thu, 10 Jun 2021 00:22:51 GMT
content-type
text/html
set-cookie
_rxuuid=%7B%22rx_uuid%22%3A%22RX-d3cf6f02-c298-4587-af1e-2543bca75a6b-003%22%7D; path=/; expires=Fri, 10 Jun 2022 00:22:51 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-d3cf6f02-c298-4587-af1e-2543bca75a6b-003
etag
RXd3cf6f02c2984587af1e2543bca75a6b003
Pug
simage2.pubmatic.com/AdServer/ Frame 6C37
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
0
88 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
PUBMDCID=3; KADUSERCOOKIE=DFD26154-CAF9-4A9B-A4C8-0A3924C365A8; chkChromeAb67Sec=1; DPSync3=1623369600%3A174%7C1624492800%3A197_219_201; SyncRTB3=1624579200%3A35%7C1624492800%3A7_3_166_81_161_22_99_8_56_54_234_21_71_55%7C1624147200%3A63%7C1625875200%3A203%7C1623888000%3A2_223_15; KRTBCOOKIE_153=19420-GV1jmBoPNcgCXjKcGFktmBtYNpkCCzOfSwz0MTAO&KRTB&22979-GV1jmBoPNcgCXjKcGFktmBtYNpkCCzOfSwz0MTAO; KRTBCOOKIE_27=16735-uid:62c060c1-5b59-4e00-ab8c-32c2382a2fab&KRTB&16736-uid:62c060c1-5b59-4e00-ab8c-32c2382a2fab&KRTB&23019-uid:62c060c1-5b59-4e00-ab8c-32c2382a2fab&KRTB&23114-uid:62c060c1-5b59-4e00-ab8c-32c2382a2fab; KRTBCOOKIE_80=22987-CAESENiYSvuWiW7QobS4uxh0v84&KRTB&16514-CAESENiYSvuWiW7QobS4uxh0v84&KRTB&23025-CAESENiYSvuWiW7QobS4uxh0v84; KRTBCOOKIE_391=22924-4150698187221535170&KRTB&23263-4150698187221535170; KRTBCOOKIE_377=6810-3b7ecffc-7e9a-4156-8cae-98b0d9533a0d&KRTB&22918-3b7ecffc-7e9a-4156-8cae-98b0d9533a0d&KRTB&23031-3b7ecffc-7e9a-4156-8cae-98b0d9533a0d; KRTBCOOKIE_22=14911-3765948413551573858; KRTBCOOKIE_336=5844-3987235876482715318; SPugT=1623284569; KRTBCOOKIE_218=22978-YMFbWgABq7DLVgA4&KRTB&23194-YMFbWgABq7DLVgA4&KRTB&23209-YMFbWgABq7DLVgA4&KRTB&23244-YMFbWgABq7DLVgA4; KRTBCOOKIE_699=22727-AAEOEE7BgrcAADLifD7mHw; PugT=1623284569
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 10 Jun 2021 00:22:51 GMT
content-type
text/html; charset=utf-8
x-lat
lhrpug015:2:267
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private
content-encoding
gzip

Redirect headers

set-cookie
viewer_token=f8a91657-fc0b-4354-9ff3-f7bf47839aa7; path=/; domain=csync.loopme.me; Expires=Sat, 10-Jul-2021 00:22:51 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
content-length
0
date
Thu, 10 Jun 2021 00:22:51 GMT
server
_
ecm3
aax-eu.amazon-adsystem.com/s/ Frame DB06 		43 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=DFD26154-CAF9-4A9B-A4C8-0A3924C365A8&ex=pubmatic.com
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.123.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
Server
Date
Thu, 10 Jun 2021 00:22:50 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame DCB1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=39JhVMr5SpukyAo5JMNlqA%3D%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=39JhVMr5SpukyAo5JMNlqA%3D%3D&google_tc=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:50 GMT
content-encoding
gzip
last-modified
Tue, 01 Jun 2021 06:44:25 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-2080-5c3aeac410031"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=40854
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
2586
expires
Thu, 10 Jun 2021 11:43:44 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:50 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame DCB1
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=409260c1-5b59-4e00-bfc4-0d5a16ea5ff6
0
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=409260c1-5b59-4e00-bfc4-0d5a16ea5ff6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cnection
close
date
Thu, 10 Jun 2021 00:22:50 GMT
content-encoding
gzip
server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache
content-type
text/plain; charset=utf-8

Redirect headers

Date
Thu, 10 Jun 2021 00:22:42 GMT
Server
MT3 3759 5f8f15b master zrh-pixel-x26
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=409260c1-5b59-4e00-bfc4-0d5a16ea5ff6
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 10 Jun 2021 00:22:41 GMT
mw
mwzeom.zeotap.com/ Frame DCB1
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=DFD26154-CAF9-4A9B-A4C8-0A3924C365A8
  • https://spl.zeotap.com/?zdid=1332&zcluid=37ee5ff10918f95e
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=fb5cc52b-e4f6-49ce-7156-b2452846b78c&reqId=02fba9d6-9bea-4f89-5932-46ef94741b31&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEE-ni2XSprzXeRmh_TBGRwo&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=fb5cc52b-e4f6-49ce-7156-b2452846b78c&reqId=02fba9d6-9bea-4f89-5932-46e...
95 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEE-ni2XSprzXeRmh_TBGRwo&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=fb5cc52b-e4f6-49ce-7156-b2452846b78c&reqId=02fba9d6-9bea-4f89-5932-46ef94741b31&zcluid=37ee5ff10918f95e&zdid=1332
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:57 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
65ce72c1cdd5325c-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a94e60d1f0000325c6cafd000000001

Redirect headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:57 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEE-ni2XSprzXeRmh_TBGRwo&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=fb5cc52b-e4f6-49ce-7156-b2452846b78c&reqId=02fba9d6-9bea-4f89-5932-46ef94741b31&zcluid=37ee5ff10918f95e&zdid=1332
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
DFD26154-CAF9-4A9B-A4C8-0A3924C365A8
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame DCB1 		43 B
577 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/DFD26154-CAF9-4A9B-A4C8-0A3924C365A8?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:50 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame DCB1
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=DFD26154-CAF9-4A9B-A4C8-0A3924C365A8&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=DFD26154-CAF9-4A9B-A4C8-0A3924C365A8&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-hiYFRThE2uXs8g9PJkMpQcAQ6P.zI_s-~A&gdpr=0&gdpr_consent=
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-hiYFRThE2uXs8g9PJkMpQcAQ6P.zI_s-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:49 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Thu, 10 Jun 2021 00:22:50 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-hiYFRThE2uXs8g9PJkMpQcAQ6P.zI_s-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
sync
odr.mookie1.com/t/v2/ Frame DCB1
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=f8b554b3-f6e3-4699-a903-ae7fbffc4ee8&ssp=pubmatic&gdpr=0&gdpr_consent=
43 B
608 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=f8b554b3-f6e3-4699-a903-ae7fbffc4ee8&ssp=pubmatic&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:50 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
//odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=f8b554b3-f6e3-4699-a903-ae7fbffc4ee8&ssp=pubmatic&gdpr=0&gdpr_consent=
date
Thu, 10 Jun 2021 00:22:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame DCB1
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YMFbWgABq7DLVgA4&gdpr=0&gdpr_consent=&_test=YMFbWgABq7DLVgA4
1 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YMFbWgABq7DLVgA4&gdpr=0&gdpr_consent=&_test=YMFbWgABq7DLVgA4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:50 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug019:0:531
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:50 GMT
via
1.1 varnish
server
Varnish
x-timer
S1623284570.408238,VS0,VE0
x-served-by
cache-fra19169-FRA
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YMFbWgABq7DLVgA4&gdpr=0&gdpr_consent=&_test=YMFbWgABq7DLVgA4
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Pug
simage2.pubmatic.com/AdServer/ Frame DCB1
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3765948413551573858&gdpr=0&gdpr_consent=&us_privacy=
1 B
167 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3765948413551573858&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:50 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug020:0:377
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3765948413551573858&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 10 Jun 2021 00:22:49 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
current
pubmatic-match.dotomi.com/match/bounce/ Frame DCB1 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=DFD26154-CAF9-4A9B-A4C8-0A3924C365A8&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2010 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:50 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
SPug
simage4.pubmatic.com/AdServer/ Frame DCB1 		0
48 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156657&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:49 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
showad.js
ads.pubmatic.com/AdServer/js/ Frame 5961 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/AdServer/js/showad.js
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
PUBMDCID=3; KADUSERCOOKIE=DFD26154-CAF9-4A9B-A4C8-0A3924C365A8; chkChromeAb67Sec=1; DPSync3=1623369600%3A174%7C1624492800%3A197_219_201; SyncRTB3=1624579200%3A35%7C1624492800%3A7_3_166_81_161_22_99_8_56_54_234_21_71_55%7C1624147200%3A63%7C1625875200%3A203%7C1623888000%3A2_223_15; KRTBCOOKIE_153=19420-GV1jmBoPNcgCXjKcGFktmBtYNpkCCzOfSwz0MTAO&KRTB&22979-GV1jmBoPNcgCXjKcGFktmBtYNpkCCzOfSwz0MTAO; KRTBCOOKIE_27=16735-uid:62c060c1-5b59-4e00-ab8c-32c2382a2fab&KRTB&16736-uid:62c060c1-5b59-4e00-ab8c-32c2382a2fab&KRTB&23019-uid:62c060c1-5b59-4e00-ab8c-32c2382a2fab&KRTB&23114-uid:62c060c1-5b59-4e00-ab8c-32c2382a2fab; KRTBCOOKIE_80=22987-CAESENiYSvuWiW7QobS4uxh0v84&KRTB&16514-CAESENiYSvuWiW7QobS4uxh0v84&KRTB&23025-CAESENiYSvuWiW7QobS4uxh0v84; KRTBCOOKIE_391=22924-4150698187221535170&KRTB&23263-4150698187221535170; KRTBCOOKIE_377=6810-3b7ecffc-7e9a-4156-8cae-98b0d9533a0d&KRTB&22918-3b7ecffc-7e9a-4156-8cae-98b0d9533a0d&KRTB&23031-3b7ecffc-7e9a-4156-8cae-98b0d9533a0d; KRTBCOOKIE_22=14911-3765948413551573858; KRTBCOOKIE_336=5844-3987235876482715318; SPugT=1623284569; KRTBCOOKIE_218=22978-YMFbWgABq7DLVgA4&KRTB&23194-YMFbWgABq7DLVgA4&KRTB&23209-YMFbWgABq7DLVgA4&KRTB&23244-YMFbWgABq7DLVgA4; KRTBCOOKIE_699=22727-AAEOEE7BgrcAADLifD7mHw; KRTBCOOKIE_1101=23040-6971954144548550799; PugT=1623284571; KRTBCOOKIE_594=17105-RX-d3cf6f02-c298-4587-af1e-2543bca75a6b-003&KRTB&17107-RX-d3cf6f02-c298-4587-af1e-2543bca75a6b-003; repi=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

last-modified
Tue, 11 May 2021 05:24:02 GMT
etag
"13006b6-96ca-5c2071a26cca4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13964
content-type
text/html; charset=UTF-8
cache-control
public, max-age=39877
expires
Thu, 10 Jun 2021 11:27:30 GMT
date
Thu, 10 Jun 2021 00:22:53 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 64BC 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/AdServer/js/showad.js
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
PUBMDCID=3; KADUSERCOOKIE=DFD26154-CAF9-4A9B-A4C8-0A3924C365A8; chkChromeAb67Sec=1; DPSync3=1623369600%3A174%7C1624492800%3A197_219_201; SyncRTB3=1624579200%3A35%7C1624492800%3A7_3_166_81_161_22_99_8_56_54_234_21_71_55%7C1624147200%3A63%7C1625875200%3A203%7C1623888000%3A2_223_15; KRTBCOOKIE_153=19420-GV1jmBoPNcgCXjKcGFktmBtYNpkCCzOfSwz0MTAO&KRTB&22979-GV1jmBoPNcgCXjKcGFktmBtYNpkCCzOfSwz0MTAO; KRTBCOOKIE_27=16735-uid:62c060c1-5b59-4e00-ab8c-32c2382a2fab&KRTB&16736-uid:62c060c1-5b59-4e00-ab8c-32c2382a2fab&KRTB&23019-uid:62c060c1-5b59-4e00-ab8c-32c2382a2fab&KRTB&23114-uid:62c060c1-5b59-4e00-ab8c-32c2382a2fab; KRTBCOOKIE_80=22987-CAESENiYSvuWiW7QobS4uxh0v84&KRTB&16514-CAESENiYSvuWiW7QobS4uxh0v84&KRTB&23025-CAESENiYSvuWiW7QobS4uxh0v84; KRTBCOOKIE_391=22924-4150698187221535170&KRTB&23263-4150698187221535170; KRTBCOOKIE_377=6810-3b7ecffc-7e9a-4156-8cae-98b0d9533a0d&KRTB&22918-3b7ecffc-7e9a-4156-8cae-98b0d9533a0d&KRTB&23031-3b7ecffc-7e9a-4156-8cae-98b0d9533a0d; KRTBCOOKIE_22=14911-3765948413551573858; KRTBCOOKIE_336=5844-3987235876482715318; SPugT=1623284569; KRTBCOOKIE_218=22978-YMFbWgABq7DLVgA4&KRTB&23194-YMFbWgABq7DLVgA4&KRTB&23209-YMFbWgABq7DLVgA4&KRTB&23244-YMFbWgABq7DLVgA4; KRTBCOOKIE_699=22727-AAEOEE7BgrcAADLifD7mHw; KRTBCOOKIE_1101=23040-6971954144548550799; PugT=1623284571; KRTBCOOKIE_594=17105-RX-d3cf6f02-c298-4587-af1e-2543bca75a6b-003&KRTB&17107-RX-d3cf6f02-c298-4587-af1e-2543bca75a6b-003; repi=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

last-modified
Tue, 11 May 2021 05:24:02 GMT
etag
"13006b6-96ca-5c2071a26cca4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13964
content-type
text/html; charset=UTF-8
cache-control
public, max-age=39877
expires
Thu, 10 Jun 2021 11:27:30 GMT
date
Thu, 10 Jun 2021 00:22:53 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 722C 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/AdServer/js/showad.js
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
PUBMDCID=3; KADUSERCOOKIE=DFD26154-CAF9-4A9B-A4C8-0A3924C365A8; chkChromeAb67Sec=1; DPSync3=1623369600%3A174%7C1624492800%3A197_219_201; SyncRTB3=1624579200%3A35%7C1624492800%3A7_3_166_81_161_22_99_8_56_54_234_21_71_55%7C1624147200%3A63%7C1625875200%3A203%7C1623888000%3A2_223_15; KRTBCOOKIE_153=19420-GV1jmBoPNcgCXjKcGFktmBtYNpkCCzOfSwz0MTAO&KRTB&22979-GV1jmBoPNcgCXjKcGFktmBtYNpkCCzOfSwz0MTAO; KRTBCOOKIE_27=16735-uid:62c060c1-5b59-4e00-ab8c-32c2382a2fab&KRTB&16736-uid:62c060c1-5b59-4e00-ab8c-32c2382a2fab&KRTB&23019-uid:62c060c1-5b59-4e00-ab8c-32c2382a2fab&KRTB&23114-uid:62c060c1-5b59-4e00-ab8c-32c2382a2fab; KRTBCOOKIE_80=22987-CAESENiYSvuWiW7QobS4uxh0v84&KRTB&16514-CAESENiYSvuWiW7QobS4uxh0v84&KRTB&23025-CAESENiYSvuWiW7QobS4uxh0v84; KRTBCOOKIE_391=22924-4150698187221535170&KRTB&23263-4150698187221535170; KRTBCOOKIE_377=6810-3b7ecffc-7e9a-4156-8cae-98b0d9533a0d&KRTB&22918-3b7ecffc-7e9a-4156-8cae-98b0d9533a0d&KRTB&23031-3b7ecffc-7e9a-4156-8cae-98b0d9533a0d; KRTBCOOKIE_22=14911-3765948413551573858; KRTBCOOKIE_336=5844-3987235876482715318; SPugT=1623284569; KRTBCOOKIE_218=22978-YMFbWgABq7DLVgA4&KRTB&23194-YMFbWgABq7DLVgA4&KRTB&23209-YMFbWgABq7DLVgA4&KRTB&23244-YMFbWgABq7DLVgA4; KRTBCOOKIE_699=22727-AAEOEE7BgrcAADLifD7mHw; KRTBCOOKIE_1101=23040-6971954144548550799; PugT=1623284571; KRTBCOOKIE_594=17105-RX-d3cf6f02-c298-4587-af1e-2543bca75a6b-003&KRTB&17107-RX-d3cf6f02-c298-4587-af1e-2543bca75a6b-003; repi=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

last-modified
Tue, 11 May 2021 05:24:02 GMT
etag
"13006b6-96ca-5c2071a26cca4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13964
content-type
text/html; charset=UTF-8
cache-control
public, max-age=39877
expires
Thu, 10 Jun 2021 11:27:30 GMT
date
Thu, 10 Jun 2021 00:22:53 GMT
vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 5961 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=51018036&p=159320&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
387f4c0e19da90565145f8f67b1fcc8e7c1cb7c66178a7677b58ac7fbc9bbbd0

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:52 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
1561
content-type
text/html; charset=UTF-8
pubmatic
um.simpli.fi/ Frame 5961 		43 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
bc.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:56 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 09 Jun 2021 00:22:56 GMT
Pug
image2.pubmatic.com/AdServer/ Frame F46B
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=9mUSOjxkm4Y6koMrynzoW81W
42 B
371 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=9mUSOjxkm4Y6koMrynzoW81W
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=9mUSOjxkm4Y6koMrynzoW81W
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
PUBMDCID=3; KADUSERCOOKIE=DFD26154-CAF9-4A9B-A4C8-0A3924C365A8; KRTBCOOKIE_153=19420-GV1jmBoPNcgCXjKcGFktmBtYNpkCCzOfSwz0MTAO&KRTB&22979-GV1jmBoPNcgCXjKcGFktmBtYNpkCCzOfSwz0MTAO; KRTBCOOKIE_27=16735-uid:62c060c1-5b59-4e00-ab8c-32c2382a2fab&KRTB&16736-uid:62c060c1-5b59-4e00-ab8c-32c2382a2fab&KRTB&23019-uid:62c060c1-5b59-4e00-ab8c-32c2382a2fab&KRTB&23114-uid:62c060c1-5b59-4e00-ab8c-32c2382a2fab; KRTBCOOKIE_80=22987-CAESENiYSvuWiW7QobS4uxh0v84&KRTB&16514-CAESENiYSvuWiW7QobS4uxh0v84&KRTB&23025-CAESENiYSvuWiW7QobS4uxh0v84; KRTBCOOKIE_391=22924-4150698187221535170&KRTB&23263-4150698187221535170; KRTBCOOKIE_377=6810-3b7ecffc-7e9a-4156-8cae-98b0d9533a0d&KRTB&22918-3b7ecffc-7e9a-4156-8cae-98b0d9533a0d&KRTB&23031-3b7ecffc-7e9a-4156-8cae-98b0d9533a0d; KRTBCOOKIE_22=14911-3765948413551573858; KRTBCOOKIE_336=5844-3987235876482715318; SPugT=1623284569; KRTBCOOKIE_218=22978-YMFbWgABq7DLVgA4&KRTB&23194-YMFbWgABq7DLVgA4&KRTB&23209-YMFbWgABq7DLVgA4&KRTB&23244-YMFbWgABq7DLVgA4; KRTBCOOKIE_699=22727-AAEOEE7BgrcAADLifD7mHw; KRTBCOOKIE_1101=23040-6971954144548550799; PugT=1623284571; KRTBCOOKIE_594=17105-RX-d3cf6f02-c298-4587-af1e-2543bca75a6b-003&KRTB&17107-RX-d3cf6f02-c298-4587-af1e-2543bca75a6b-003; chkChromeAb67Sec=2; DPSync3=1623369600%3A174%7C1624492800%3A232_197_219_201_221_226_227; SyncRTB3=1624579200%3A35%7C1624492800%3A54_88_230_22_3_8_56_234_21_55_7_13_165_204_220_166_81_99_71_161%7C1624147200%3A63%7C1625875200%3A203%7C1623888000%3A15_2_223
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 10 Jun 2021 00:22:51 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_409=22966-9mUSOjxkm4Y6koMrynzoW81W; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 10-Jul-2021 00:22:51 GMT; path=/ PugT=1623284571; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 10-Jul-2021 00:22:51 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 08-Sep-2021 00:22:51 GMT; path=/
x-lat
amspug019:0:389
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
openresty
date
Thu, 10 Jun 2021 00:22:53 GMT
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie
u=9mUSOjxkm4Y6koMrynzoW81W; Max-Age=31536000; Domain=.erne.co; Path=/; Secure; SameSite=None
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=9mUSOjxkm4Y6koMrynzoW81W
strict-transport-security
max-age=0; includeSubDomains;
dpe
ad4m.at/ad/ Frame CFB4 		42 B
164 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Thu, 10 Jun 2021 00:22:53 GMT
content-type
image/gif
content-length
42
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
x-fastcgi-cache
BYPASS
x-backend-server
adsrv-7d3s
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
0a94e5fc1800004e13ac0cf000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
65ce72a68b4d4e13-FRA
bridge
cm.adgrx.com/ Frame 612C 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.180.197 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host
cm.adgrx.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Date
Thu, 10 Jun 2021 00:22:56 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-1
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Pug
simage2.pubmatic.com/AdServer/ Frame 5961
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA%3D%26piggybackCookie%3D%24UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6430579671915000608
42 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6430579671915000608
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:53 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug005:0:232
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Thu, 10 Jun 2021 00:22:53 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.148:80
AN-X-Request-Uuid
3c67ca9a-0c9a-4661-9354-527e43f4d9af
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6430579671915000608
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame 5961
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=DFD26154-CAF9-4A9B-A4C8-0A3924C365A8&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=DFD26154-CAF9-4A9B-A4C8-0A3924C365A8&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=DFD26154-CAF9-4A9B-A4C8-0A3924C365A8&addseg=31
7 B
78 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=DFD26154-CAF9-4A9B-A4C8-0A3924C365A8&addseg=31
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.87 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:56 GMT
content-length
7
content-type
text/plain; charset=utf-8

Redirect headers

date
Thu, 10 Jun 2021 00:22:56 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=DFD26154-CAF9-4A9B-A4C8-0A3924C365A8&addseg=31
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
135
info2
uipglob.semasio.net/pubmatic/1/ Frame 5961
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=DFD26154-CAF9-4A9B-A4C8-0A3924C365A8&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=DFD26154-CAF9-4A9B-A4C8-0A3924C365A8&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=DFD26154-CAF9-4A9B-A4C8-0A3924C365A8&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 Hjørring, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:54 GMT
frontend-id
7
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:54 GMT
frontend-id
15
location
/pubmatic/1/info2?sType=sync&sExtCookieId=DFD26154-CAF9-4A9B-A4C8-0A3924C365A8&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 5961 		95 B
490 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=DFD26154-CAF9-4A9B-A4C8-0A3924C365A8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:53 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
65ce72a6ac82325c-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a94e5fc270000325c8004f000000001
/
loadm.exelator.com/load/ Frame 5961
Redirect Chain
  • https://loadm.exelator.com/load/?p=204&g=71&buid=DFD26154-CAF9-4A9B-A4C8-0A3924C365A8&gdpr=0&gdpr_consent=&j=0
  • https://loadm.exelator.com/load/?p=204&g=71&buid=DFD26154-CAF9-4A9B-A4C8-0A3924C365A8&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=71&buid=DFD26154-CAF9-4A9B-A4C8-0A3924C365A8&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.126.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-126-47.eu-central-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:54 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date
Thu, 10 Jun 2021 00:22:54 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://loadm.exelator.com/load/?p=204&g=71&buid=DFD26154-CAF9-4A9B-A4C8-0A3924C365A8&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
cache-control
no-cache
access-control-allow-credentials
true
content-type
image/gif
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame 5961
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=REZEMjYxNTQtQ0FGOS00QTlCLUE0QzgtMEEzOTI0QzM2NUE4&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
133 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:22:51 GMT
cache-control
no-store, no-cache, private
x-lat
amspug015:0:339
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 10 Jun 2021 00:22:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
event
prebid-a.rubiconproject.com/ 		61 B
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: ads.rubiconproject.com
URL: http://ads.rubiconproject.com/prebid/21666_JustJared.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.108.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c

Request headers

Referer
http://www.justjared.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Thu, 10 Jun 2021 00:22:53 GMT
content-length
61
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json;charset=UTF-8
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Server
18.157.108.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
http://www.justjared.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 10 Jun 2021 00:22:53 GMT
content-length
0
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
access-control-allow-origin
*
access-control-allow-methods
POST
access-control-allow-headers
content-type
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
usync.js
eus.rubiconproject.com/ Frame E4CE 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1e0c500c57328bcdd6992db38ed20a78a321a8b62197c1e0659231ed3ab1eb14

Request headers

Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Jun 2021 00:22:59 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Jun 2021 21:11:51 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=41688
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9302
Expires
Thu, 10 Jun 2021 11:57:47 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ccpa-service.sp-prod.net
URL
https://ccpa-service.sp-prod.net/ccpa/consent/7443/display-dns?requestUUID=0130254f-42bf-400c-bc96-337d90d66d39
Domain
idx.liadm.com
URL
http://idx.liadm.com/idex/ie/any
Domain
match.adsrvr.org
URL
http://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=191040
Domain
api.rlcdn.com
URL
http://api.rlcdn.com/api/identity?pid=2&rt=envelope
Domain
onetag-geo.s-onetag.com
URL
https://onetag-geo.s-onetag.com/
Domain
signal-beacon.s-onetag.com
URL
https://signal-beacon.s-onetag.com/beacon.min.js
Domain
prebid.a-mo.net
URL
https://prebid.a-mo.net/a/c
Domain
prebid.a-mo.net
URL
https://prebid.a-mo.net/a/c
Domain
prebid.a-mo.net
URL
https://prebid.a-mo.net/a/c
Domain
match.deepintent.com
URL
https://match.deepintent.com/usersync/142?redir=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Domain
p.rfihub.com
URL
https://p.rfihub.com/cm?pub=42796&in=1
Domain
go1.aniview.com
URL
https://go1.aniview.com/api/adserver/tag/?AV_SECURED=0&AV_LANGUAGE=en&AV_URL=http%3A%2F%2Fwww.justjared.com%2F&AV_PUBLISHERID=5d8ccec528a0617cae5a0755&AV_CHANNELID=5e85c631d4f76c52fe4651f9&format=json&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.justjared.com&AV_DADPOS=3&AV_PLACEMENT=1&v=6.1.1.243&avtoken=553496&AV_WIDTH=640&AV_HEIGHT=360&AV_DNT=0&cb=1623284553511
Domain
bidswitch-eu.splicky.com
URL
https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=28089516-6d3a-4447-b279-e92369718e38
Domain
match.deepintent.com
URL
https://match.deepintent.com/usersync/142?redir=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Domain
p.rfihub.com
URL
https://p.rfihub.com/cm?pub=42796&in=1
Domain
bcp.crwdcntrl.net
URL
https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YMFbSGKU0Ksl.eiRobrDDQAA%261117?gdpr_consent=&us_privacy=&gdpr=
Domain
dmp.brand-display.com
URL
https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E
Domain
prebid-a.rubiconproject.com
URL
https://prebid-a.rubiconproject.com/event
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuC09k3ybMTlLwbbpYQe4r1k-wjdaniSgIiGc2xFl8GaifFDW__49R0kAqbgW4-idVuDvT40SYvmpf_U0RVsemCQcMc2h_rhV6uJ3kJQ0dbCkv9YwoNJE-bClFSEMAj8Bmct6Mvy2ySfzA9Kr1uspW90bNQabT7MqMT86m5qIbOp2u1v8Vy5mBAST855AJWzkTxL5JkWUIrcVV0zOQ5xymkKermCfRydYc_QAco2NJErD4XtBuANYfQYJ4DFbAuS2WJT_HLJcsyGBUmp2nHz1sJgRMuBCuf2_KZjLc9CYIw7jW7eH6GZnMeN3roB8Cr3ge64wbpSxp-uMChuhIlSiaxQMg8OnQ-5YtvbfDBYOVA68D6CQ&sig=Cg0ArKJSzKnlfXl0VBsQEAE&urlfix=1&adurl=
Domain
www.googletagservices.com
URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Domain
prebid-a.rubiconproject.com
URL
https://prebid-a.rubiconproject.com/event
Domain
dmx.districtm.io
URL
https://dmx.districtm.io/b/v1
Domain
prebid.technoratimedia.com
URL
https://prebid.technoratimedia.com/openrtb/bids/insticator?src=prebid_prebid_3.27.1
Domain
htlb.casalemedia.com
URL
https://htlb.casalemedia.com/cygnus?s=579236&v=7.2&r=%7B%22id%22%3A%221946e48b2e5d696%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22201d86141a5ca0e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22579236%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22217d06744cc98d9%22%2C%22ext%22%3A%7B%22siteID%22%3A%22579236%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22http%3A%2F%2Fwww.justjared.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22insticator.com%22%2C%22sid%22%3A%22bd45a367-d5fa-4207-9aec-1acba8ec52eb%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D&ac=j&sd=1
Domain
hb.aralego.com
URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-77279BE8BDEE272AFBB39AA837947EAA&tdid=&schain=1.0%2C1!insticator.com%2Cbd45a367-d5fa-4207-9aec-1acba8ec52eb%2C1%2C%2C%2C&fp=undefined&host=www.justjared.com&u=http%3A%2F%2Fwww.justjared.com%2F&xr=0&ucfUid=3fa138d0-5aef-41c7-84b9-ee134eeea7fa&w=300&h=250
Domain
hb.aralego.com
URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-77279BE8BDEE272AFBB39AA837947EAA&tdid=&schain=1.0%2C1!insticator.com%2Cbd45a367-d5fa-4207-9aec-1acba8ec52eb%2C1%2C%2C%2C&fp=undefined&host=www.justjared.com&u=http%3A%2F%2Fwww.justjared.com%2F&xr=0&ucfUid=3fa138d0-5aef-41c7-84b9-ee134eeea7fa&w=300&h=250
Domain
ssc.33across.com
URL
https://ssc.33across.com/api/v1/hb
Domain
ssc.33across.com
URL
https://ssc.33across.com/api/v1/hb
Domain
hb.emxdgt.com
URL
https://hb.emxdgt.com/?t=3000&ts=1623284555389&src=pbjs
Domain
tag.1rx.io
URL
https://tag.1rx.io/rmp/213651/0/mvo?z=1r&hbv=3.27.1,2.1
Domain
dpm.demdex.net
URL
https://dpm.demdex.net/ibs:dpid=483047&dpuuid=ID5-ZHMO07tTqx4uh3NMXsYgMN1YKtDBm4Za5JEsHI6akw&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F349%2F1%2F9.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Domain
ssp-nj.webtradehub.com
URL
https://ssp-nj.webtradehub.com/?c=o&m=cookie
Domain
api.britepool.com
URL
https://api.britepool.com/v1/britepool/id
Domain
api.britepool.com
URL
https://api.britepool.com/v1/britepool/id
Domain
match.adsrvr.org
URL
http://match.adsrvr.org/track/rid?ttd_pid=mp4hjl8&fmt=json
Domain
bcp.crwdcntrl.net
URL
https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YMFbSGKU0Ksl.eiRobrDDQAA%261117?gdpr_consent=&us_privacy=&gdpr=
Domain
match.adsby.bidtheatre.com
URL
https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Domain
pixel-sync.sitescout.com
URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Domain
google2waycm.netmng.com
URL
https://google2waycm.netmng.com/cm/?google_gid=CAESEH88QtgS6AcmygxXqWGrFIY&google_cver=1&google_push=AYg5qPJOoOFT8m9S0KkXrDfZN063OcU74kOeaVFVXBzibL00Fr155AwgyYuCqr9_Kfw9fz8P2XBHQ9iThDQzn0JuB9oqxVki3F2c
Domain
gcm.ctnsnet.com
URL
https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEJ02VFl5gdEMXU1DnBrPZKc&google_cver=1&google_push=AYg5qPIwcrrx0mDi2McaILOz1-7ucVPXsW81FvxHIgiA-JlGW6oS-TCY1hWLnEypSXv8w-uUgSOk1xtCvTciYoR5H3oCunMJhVrV
Domain
c.eu1.dyntrk.com
URL
https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEEajtk1OUtsXs5kIL1E7dv0&google_cver=1&google_push=AYg5qPJpfroZiFM318zOaGoyPDBnWU3NErXImq85mL87QJaXztGYaRXrUdCTKLhkdyxe3ejSwUdKLq8QMglwU-9qj11R5MjDcBfC
Domain
px.adhigh.net
URL
https://px.adhigh.net/p/gm/rub?google_gid=CAESEMZ9nBviPK6jLeD3pdQeLu4&google_cver=1&google_push=AYg5qPIGG11vQSZhdOFcmqJ8FVfS8B9i7rLWBktHazVPqjX4gQ3CFc6joJyLBmBo4a64A540hqpnGbKKNxtso-kOUUilM_NiyHfB
Domain
ap.lijit.com
URL
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEJiFQAZFrjgOLtN4pzeR4D8&google_cver=1&google_push=AYg5qPJ_mlerPvXoe-VsaGko554ZIz4hj6CQlaKdglmlF17Kwk6SUjrQ8jKJXeDuiXDpYezdLdH6N7r3JFars2JBYLLQMQYsHzmE
Domain
match.adsby.bidtheatre.com
URL
https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Domain
pixel-sync.sitescout.com
URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

173 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| 35 object| 36 object| 37 object| 38 object| 39 object| 40 object| 41 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| gtag object| dataLayer function| getOutboundLink object| _comscore object| _qevents function| __tcfapi function| __uspapi object| _sp_ object| _sp_ccpa object| core string| ggv2id number| is_home object| google number| _sf_startpt function| getSelectionText function| is_touch_device function| returnToMobile function| del_cookie object| rScr number| ord undefined| ccScr object| dmScr object| pbScr object| sigScr undefined| dmScr2 undefined| newTarg boolean| mob object| googletag object| ggeac object| google_js_reporting_queue object| google_tag_manager function| get_real_link object| __SKIM_JS_GLOBAL__ object| skimlinksAPI object| google_tag_data string| GoogleAnalyticsObject function| ga boolean| apstagLOADED object| apstag object| __bt_tag_d object| __bt_intrnl boolean| __bt_already_invoked function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| _sp_queue function| quantserve function| __qc object| ezt object| _qoptions function| qtrack object| __twttrll object| twttr object| __twttr object| FB function| $ function| jQuery object| webpackChunkMediaTradecraft_Template object| regeneratorRuntime object| webpackJsonpDefineSlot object| pbjs function| admiral object| gaplugins object| gaGlobal object| gaData object| headertag string| pubcidCookie object| sublime object| ayads function| 4dm1r11545242527 function| udm_ object| ns_p object| COMSCORE function| pbjsChunk object| _pbjsGlobals object| ggevents undefined| bean object| GUMGUM object| ggData object| __connect function| sublimeOptchk object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb function| avPlayer object| storageAni object| e9PageData object| Insticator object| insticatorQueue string| embedUUID function| checkAndConfirmEmbedUUID function| embedLoad function| appendEmbedElements boolean| headerTagInjected number| insticator_tg object| InsticatorApp string| insticatorHeaderCodeVersion object| PWT object| instBid object| ads_list object| embeds_list boolean| isPageviewSent boolean| insticatorIframeLoaded object| confiant function| instBidChunk object| insticatorUserTrackingMessage function| owpbjsChunk object| owpbjs boolean| creativeVendorLibraryLoaded number| google_srt function| googleCompanionsServicePresent function| googleGetCompanionAdSlots function| googleSetCompanionAdContents function| google_companion_error object| ampInaboxIframes object| ampInaboxPendingMessages

0 Cookies

21 Console Messages

Source Level URL
Text
console-api warning URL: http://www.google.com/jsapi(Line 141)
Message:
Loading modules with the jsapi loader is deprecated. Please load jquery directly from https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js.
console-api log URL: https://cdn.privacy-mgmt.com/wrapperMessagingWithoutDetection.js(Line 1)
Message:
Messaging without detection successfully executed.
console-api log URL: http://d188m5xxcpvuue.cloudfront.net/justjared/main.js(Line 1)
Message:
router:home
console-api log URL: http://d188m5xxcpvuue.cloudfront.net/justjared/95.ead3eb953ad0bf3e9e2d.js(Line 1)
Message:
home: desktop configuration
console-api log URL: http://d188m5xxcpvuue.cloudfront.net/justjared/95.ead3eb953ad0bf3e9e2d.js(Line 1)
Message:
NO VENATUS
console-api log URL: http://d188m5xxcpvuue.cloudfront.net/justjared/95.ead3eb953ad0bf3e9e2d.js(Line 1)
Message:
insticator::insticator_video_jjjr
console-api log URL: http://d3lcz8vpax4lo2.cloudfront.net/ads-code/2cdf4c71-ad6c-487e-b43a-8f1af912284a.js(Line 132)
Message:
Prepare to load embed: 0eb717a5-edb3-4ba3-8a50-e9f78184d544
console-api log URL: http://d3lcz8vpax4lo2.cloudfront.net/header-tags/2cdf4c71-ad6c-487e-b43a-8f1af912284a/0d973e93-712c-4a2e-965d-e8d79c298b38.js(Line 162)
Message:
dom ready!
console-api log URL: http://d3lcz8vpax4lo2.cloudfront.net/header-tags/2cdf4c71-ad6c-487e-b43a-8f1af912284a/0d973e93-712c-4a2e-965d-e8d79c298b38.js(Line 451)
Message:
topFrame: [object Object]
console-api log URL: http://d3lcz8vpax4lo2.cloudfront.net/header-tags/2cdf4c71-ad6c-487e-b43a-8f1af912284a/0d973e93-712c-4a2e-965d-e8d79c298b38.js(Line 212)
Message:
params: [object URLSearchParams]
console-api log URL: http://d3lcz8vpax4lo2.cloudfront.net/header-tags/2cdf4c71-ad6c-487e-b43a-8f1af912284a/0d973e93-712c-4a2e-965d-e8d79c298b38.js(Line 331)
Message:
Cookie enabled, set cookie
console-api log URL: http://d3lcz8vpax4lo2.cloudfront.net/header-tags/2cdf4c71-ad6c-487e-b43a-8f1af912284a/0d973e93-712c-4a2e-965d-e8d79c298b38.js(Line 297)
Message:
session: [object Object]
console-api log URL: http://d3lcz8vpax4lo2.cloudfront.net/header-tags/2cdf4c71-ad6c-487e-b43a-8f1af912284a/0d973e93-712c-4a2e-965d-e8d79c298b38.js(Line 407)
Message:
Send pageview now
console-api error URL: http://c.amazon-adsystem.com/aax2/apstag.js(Line 2)
Message:
Error: `apstag.init` was called multiple times with different pubIDs (78a541f2-9748-4ba5-9cda-85fd7a44b234 then 70fb13d1-ab65-42ac-a7ca-0b4e680d5c92)
console-api log URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/0eb717a5-edb3-4ba3-8a50-e9f78184d544.js(Line 1)
Message:
TypeError: Cannot read property 'setItem' of null
console-api log URL: http://d3lcz8vpax4lo2.cloudfront.net/header-tags/2cdf4c71-ad6c-487e-b43a-8f1af912284a/0d973e93-712c-4a2e-965d-e8d79c298b38.js(Line 212)
Message:
params: [object URLSearchParams]
console-api log URL: http://d3lcz8vpax4lo2.cloudfront.net/header-tags/2cdf4c71-ad6c-487e-b43a-8f1af912284a/0d973e93-712c-4a2e-965d-e8d79c298b38.js(Line 331)
Message:
Cookie enabled, set cookie
console-api log URL: http://d3lcz8vpax4lo2.cloudfront.net/header-tags/2cdf4c71-ad6c-487e-b43a-8f1af912284a/0d973e93-712c-4a2e-965d-e8d79c298b38.js(Line 307)
Message:
session: [object Object]
console-api log URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/0eb717a5-edb3-4ba3-8a50-e9f78184d544.js(Line 1)
Message:
%s EMBED VERSION: 4.5.25.5
console-api log URL: http://d3lcz8vpax4lo2.cloudfront.net/header-tags/2cdf4c71-ad6c-487e-b43a-8f1af912284a/0d973e93-712c-4a2e-965d-e8d79c298b38.js(Line 412)
Message:
formatedPageview: {"timestamp":"2021-06-10T00:22:34.511Z","user_data":{"session_details":{"id":"92a34260-ac4e-48cd-b1c9-a168c1f8f814","referrer":"","campaign":{"source":null,"medium":null,"campaign":null,"term":null,"content":null}}},"embed_context":{"site":{"id":"2cdf4c71-ad6c-487e-b43a-8f1af912284a","page_url":"http://www.justjared.com/","hostname":"www.justjared.com"},"environment":{"device":"DESKTOP"}},"event_data":{"type":"load","data":{"pageview_type":"EMBED_AND_AD","integration_type":"HARD_CODE","ads":["div-insticator-ad-1","div-insticator-ad-2"],"embed":["0eb717a5-edb3-4ba3-8a50-e9f78184d544"],"header_code_version":"STANDARD-V_4_0_4-2021-06-09 18:58:06","test_group":"1"}}}
console-api warning URL: http://ads.pubmatic.com/AdServer/js/pwt/95054/2912/pwt.js(Line 1)
Message:
fun-hooks: referenced 'checkAdUnitSetup' but it was never created

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1x1.a-mo.net
2455700da9952b2a9fdae87e2b8b3ab0.safeframe.googlesyndication.com
a.audrte.com
a.c.appier.net
a.sportradarserving.com
a.teads.tv
a.tribalfusion.com
a.volvelle.tech
aa.agkn.com
aa5208257b043a118cd885646456b3fa.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad-cdn.technoratimedia.com
ad.360yield.com
ad.doubleclick.net
ad.turn.com
ad4m.at
ads.avads.net
ads.avct.cloud
ads.creative-serving.com
ads.playground.xyz
ads.pubmatic.com
ads.rubiconproject.com
ads.travelaudience.com
ads.yahoo.com
adservice.google.ch
adservice.google.com
ajax.googleapis.com
amazon-tam-match.dotomi.com
antenna.ayads.co
ap.lijit.com
apex.go.sonobi.com
api.britepool.com
api.rlcdn.com
as-sec.casalemedia.com
assets.bly.ch
aud.pubmatic.com
b.scorecardresearch.com
b1sync.zemanta.com
b2c.insticator.com
bcp.crwdcntrl.net
beacon.krxd.net
bh.contextweb.com
biddr.brealtime.com
bidswitch-eu.splicky.com
btloader.com
bttrack.com
c.amazon-adsystem.com
c.bing.com
c.eu1.dyntrk.com
c1.adform.net
campaigns.cembra.ch
casale-match.dotomi.com
ccpa-service.sp-prod.net
ccpa.sp-prod.net
cct.connects.ch
cct.shop.post.ch
cdn.aralego.net
cdn.districtm.io
cdn.privacy-mgmt.com
cdn01.cdn.justjared.com
cdn01.cdn.justjaredjr.com
cdn02.cdn.justjared.com
cdn02.cdn.justjaredjr.com
cdn03.cdn.justjared.com
cdn03.cdn.justjaredjr.com
cdn04.cdn.justjared.com
cdnx.tribalfusion.com
ce.lijit.com
check.analytics.rlcdn.com
cm.adgrx.com
cm.ctnsnet.com
cm.g.doubleclick.net
cms.insticator.com
confiant-integrations.global.ssl.fastly.net
connect-metrics-collector.s-onetag.com
connect.facebook.net
cookie-matching.mediarithmics.com
creativecdn.com
cs.admanmedia.com
cs.emxdgt.com
csync.loopme.me
d.adroll.com
d188m5xxcpvuue.cloudfront.net
d2na2p72vtqyok.cloudfront.net
d3lcz8vpax4lo2.cloudfront.net
d5p.de17a.com
df80k0z3fi8zg.cloudfront.net
dfp-gateway.s-onetag.com
dh014lg6uwepv.cloudfront.net
dis.criteo.com
dmp.brand-display.com
dmx.districtm.io
dpm.demdex.net
dsp.adfarm1.adition.com
dsp.adkernel.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
edge.quantserve.com
eu-u.openx.net
eus.rubiconproject.com
event.insticator.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
gcm.ctnsnet.com
geoip.insticator.com
geoworker.ayads.co
get.s-onetag.com
go1.aniview.com
google.ops.beeline.ru
google2waycm.netmng.com
googleads.g.doubleclick.net
green.erne.co
gum.criteo.com
hb.aralego.com
hb.emxdgt.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.crwdcntrl.net
id.rlcdn.com
id5-sync.com
idx.liadm.com
ie-lb.gumgum.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
img.tradedoubler.com
impch.tradedoubler.com
impfr.tradedoubler.com
insticator-d.openx.net
js-sec.indexww.com
js.gumgum.com
justjared.com
loadm.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
media1.giphy.com
mediatradecraft-com.videoplayerhub.com
message.sp-prod.net
mug.criteo.com
mwzeom.zeotap.com
odr.mookie1.com
onetag-geo.s-onetag.com
optchk.ayads.co
p.rfihub.com
p.skimresources.com
pagead2.googlesyndication.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
platform.twitter.com
player.aniview.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-a.rubiconproject.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.technoratimedia.com
public-prod-dspcookiematching.dmxleo.com
pubmatic-match.dotomi.com
px.adhigh.net
px.britepool.com
r.skimresources.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.gumgum.com
rules.quantcount.com
s.ad.smaato.net
s.amazon-adsystem.com
s.skimresources.com
s.tribalfusion.com
s1.adform.net
sac.ayads.co
sb.scorecardresearch.com
secure.adnxs.com
securepubads.g.doubleclick.net
signal-beacon.s-onetag.com
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssc-cms.33across.com
ssc.33across.com
ssp-nj.webtradehub.com
ssum-sec.casalemedia.com
static.cloudflareinsights.com
stats.g.doubleclick.net
sulkycook.com
sync-tm.everesttech.net
sync.1rx.io
sync.aralego.com
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
syndication.twitter.com
t.myvisualiq.net
t.skimresources.com
tag.1rx.io
tags.bluekai.com
tags.expo9.exponential.com
tg.socdm.com
thrtle.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tps.doubleverify.com
track.adform.net
track1.aniview.com
tracking.adtracker.ch
tradecraft.s.llnwi.net
uipglob.semasio.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
use.fontawesome.com
vht.tradedoubler.com
visitor.fiftyt.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.justjared.com
www.post.ch
www8.smartadserver.com
x.bidswitch.net
ap.lijit.com
api.britepool.com
api.rlcdn.com
bcp.crwdcntrl.net
bidswitch-eu.splicky.com
c.eu1.dyntrk.com
ccpa-service.sp-prod.net
dmp.brand-display.com
dmx.districtm.io
dpm.demdex.net
gcm.ctnsnet.com
go1.aniview.com
google2waycm.netmng.com
hb.aralego.com
hb.emxdgt.com
htlb.casalemedia.com
idx.liadm.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
onetag-geo.s-onetag.com
p.rfihub.com
pixel-sync.sitescout.com
prebid-a.rubiconproject.com
prebid.a-mo.net
prebid.technoratimedia.com
px.adhigh.net
securepubads.g.doubleclick.net
signal-beacon.s-onetag.com
ssc.33across.com
ssp-nj.webtradehub.com
tag.1rx.io
www.googletagservices.com
104.109.78.125
104.16.68.69
104.17.119.107
104.244.42.136
108.128.8.132
13.248.242.197
139.162.84.221
142.250.185.134
142.250.185.66
142.250.186.66
143.204.98.56
143.204.98.69
150.136.25.38
151.101.113.194
151.101.114.49
151.101.14.49
151.139.128.11
152.199.22.191
154.59.122.79
159.253.128.188
162.210.196.208
162.55.6.212
173.231.180.197
174.137.133.49
178.162.133.149
178.162.133.150
178.250.0.157
178.250.2.151
178.79.242.181
18.157.108.214
18.193.144.52
18.195.155.181
18.196.163.197
18.197.137.147
18.197.54.206
18.198.126.47
18.200.182.178
185.184.8.65
185.29.133.208
185.33.220.243
185.33.221.53
185.64.189.110
185.64.189.112
185.64.189.114
185.64.190.78
185.64.190.80
185.64.190.87
185.86.137.110
185.86.137.113
185.94.180.126
192.132.33.46
193.122.174.27
198.148.27.139
199.232.82.2
2.18.232.130
2.18.232.7
2.18.233.180
2.18.234.21
2.19.35.65
2.21.111.28
2001:678:cb4:bbbb::11
202.241.208.100
208.100.17.172
213.155.156.166
213.19.147.45
213.19.162.31
213.254.244.24
216.52.2.39
23.111.9.35
23.45.99.241
2600:9000:2156:6c00:1a:5302:20c0:21
2600:9000:218c:be00:10:3422:3f00:21
2600:9000:218c:d200:1c:386f:ec80:21
2600:9000:218d:1e00:0:bed9:b980:21
2600:9000:218d:600:6:44e3:f8c0:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::6814:a25
2606:4700:10::6816:1857
2606:4700:20::681a:567
2606:4700:20::681a:78b
2606:4700:20::681a:ad1
2606:4700:3039::6815:c076
2606:4700::6810:5f41
2606:4700::6812:417
2606:4700::6812:c05
2606:4700::6812:d05
2620:116:800d:21:5a23:9c4e:e774:96c1
2620:116:800d:21:f916:5049:f87f:108e
2620:1ec:c11::200
2a00:1288:110:c305::8000
2a00:1288:80:800::7001
2a00:1450:4001:801::2003
2a00:1450:4001:801::2008
2a00:1450:4001:803::2002
2a00:1450:4001:811::2001
2a00:1450:4001:811::2002
2a00:1450:4001:811::200a
2a00:1450:4001:812::2001
2a00:1450:4001:812::2002
2a00:1450:4001:812::200a
2a00:1450:4001:813::2003
2a00:1450:4001:813::2004
2a00:1450:4001:813::200e
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:831::2002
2a00:1450:400c:c00::9b
2a00:1450:400c:c00::9d
2a00:17c8:0:103::20a
2a01:ab20:0:203::1:245
2a02:2638:1::13
2a02:26f0:6c00:28a::2c79
2a02:fa8:8806:16::1400
2a02:fa8:8806:20::2010
2a03:2880:f01c:8012:face:b00c:0:3
3.120.68.251
3.123.96.39
3.126.56.137
3.127.92.82
3.216.185.149
3.226.4.134
34.120.133.55
34.120.25.144
34.204.22.100
34.234.30.113
34.238.106.121
34.253.109.165
34.96.87.151
34.98.107.212
34.98.64.218
34.98.67.61
35.156.153.71
35.156.245.144
35.157.116.120
35.157.13.31
35.178.117.251
35.186.193.173
35.186.249.84
35.190.0.66
35.190.59.101
35.190.91.160
35.201.67.47
35.201.96.126
35.205.207.25
35.210.178.101
35.244.159.8
35.244.174.68
37.157.2.237
37.157.2.248
37.157.3.29
37.252.172.36
37.252.173.22
37.9.245.57
5.148.168.135
51.210.112.63
51.83.106.180
51.89.21.8
52.17.151.21
52.17.54.18
52.18.52.16
52.204.206.9
52.208.41.69
52.212.101.97
52.222.174.102
52.222.174.106
52.222.174.113
52.222.174.116
52.222.174.121
52.222.174.42
52.222.174.58
52.222.174.75
52.222.200.121
52.29.29.202
52.44.237.179
52.44.64.106
52.49.238.187
52.73.31.234
52.84.174.32
52.84.186.116
52.94.232.32
52.95.123.167
54.175.176.13
54.228.36.200
54.239.17.112
54.78.251.22
54.85.196.20
69.16.175.10
69.16.175.42
69.173.144.165
70.42.32.127
72.251.249.14
75.2.13.80
77.243.60.138
84.200.5.215
85.114.159.93
87.98.228.78
88.214.206.247
94.130.16.67
02050300780e6994c47fe3f944bc51e3a5d787035030981af5ea662172336fd9
0227dda975a19f769cc8725f63e4c4762774afe3c364cfad1c8c05541ed54b1d
02c6619a43bc679d2d881e6660f49c1f21380e992d2d29513274993202ba150e
03222b73e6aaa024f8d68e53f54ce11b4c282e39f826b6fc47b757a8dd6e8931
03ce331da06be9af85d81ad9b9524c9d1cf2c2f2229eb9e319d53a82ff1b368b
047ee8cbb709a647294dc1d32a0ce0c78c44bcab5ca8ddcc7af4c0d2b2948834
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0544aba21173bcaae55abd61a1b928c9b8406eea1d1f12beb29a84dbdc59def2
058edf53f777d5ee4e6e2003b6b095430e234c6cbf6984cf3ea6cde06d949353
05de65bf444ae8b3ec5193542daa17d1a70b079e38c5cf83953d8d9594f920b9
064da82acd8872a2cc29ecdb3e5256d446b780a1b88f4d0d2e5cafab1cecaaa8
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
085ddb2ec0f17b64f0ab2964c9c51f6454e6a07364f91c5619fc28dccf457d2c
0a8f070341d03be263cd2fdf329aca04efaa321be66b35175b84a660e26302bb
0b0f62719efee7a8a3548115ada8f568a54709e7843a6ead1e6032111ae07ea2
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0cc73e3604e2a59111d602e6bbe0dbd21f1744b38fc78b7eaec321ebdb2907f7
0d99e1e91e57c018b5bd96d7b049f15b275dfb4edd1476098f062adfd00dc32f
0deed1eabc971c7f3736e1c893fff7f5a74d77e54afce1e63265d8fe692faee0
0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299
0ebf8c889620effeddc8a3758961a2e15c5ece40f7e930eaa67095cfd3d43117
0f38cb3352201a843dc2646083934f8c2bccb8d9bcb151d4f0fb8e1333bb0156
0f4b08d07ecca9f8fcaf108ea78bb163fc98cfc19a844bd0f87412ab34a41873
10e6a052296ced51fb4bfd0013fdd1591f8edc520fe90c96190f95315c23b33a
10eb6332f4978a4ee7ef166e0062d9cf47d49e7e106f4e2bce42e383e7d5a1b7
11f6326c7a1032c3ac85291537cac3bad5d2d9c67f782dee97ce1028b8f789ab
12239f8b546b1ce0302ab54434432c3a553972242a77c3673d592dd254969e21
151c4c52c25dd28c33321aaaeabe879c4814087d4eaf7545d93f5d81d4d1c4f3
1528e29e532e044bd6cccb9c85dfcfb0254f82afb7781244d41a5941c4d6850d
15c2484e4c9d126e98adc14975ad47a6eb45e20b2a9f05d76412f0d7f84393ee
15c6f028fc7bed8a2002555ab88fb36301567df75157c2ef7af4453c3e80bff1
16600b031f7e2e59efe4b96a23e07fb4a56b411833e73070c1c8b60bc7116cf5
1677ee1b31b47635a448144c8a81b4c5d1835fadcaab9a6c3daf6c3134bc4278
16bb6ec6db7947852c13d789c1c9959ef61443f1249092b76572b441b8574f19
1758358d0928e42c5bbd0a4a4003b82d558ef345ecaf2e5f7d40721f33a07b14
17e77d291e251b4ab9bd530f3c5910b63ceba4d27e50d146c3304fc696172fba
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
181653a0bef6a09a09ddab1d7582cf0d8da54b1f13fc7061cd65ae9b335291c6
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
198745a1e8c714850d87cbb59efa7858216537ab97735ec5442ed10c3ed4fee6
1b6a1dfd7ef53f1f53eca58b568521540eba3a64849aec9754020bed71b8b44d
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74
1c80738b8c5bfd2b41093e978f4b094ee8d0d7441685ad2c44b69645dcf387a1
1c8c9ad7a54751bea6faa267ae3edf7bdaab82b822fe8fc76fb3c381ace9974b
1d00f1fcd4a407ed4d34e36f39364195e37ecf56b8cfcb39790d639c8043ba8b
1d8c7ce12428be733a9213b2fecae66db6950a933c276d68bf7c8271829a627d
1e0c500c57328bcdd6992db38ed20a78a321a8b62197c1e0659231ed3ab1eb14
1e7f8330be17f5d9db88adffbbe094b8d50b77f4aad6673263e4965bbf65a947
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
1fbe70181b89fe91061faebdb0e6be654cb398642e859c006e6642b27ca24905
21128c3efad2be6d3fd0f9d6353b151b6929b8485788bd26da6d35eba65eff85
230f68ea264e64019c582d4e9f21195606ef0e5fe2f55bda216d75d368a2851d
23e0bfaf8050b6d8c737ce4b83c04a828fa6c93df0128580701ff76837eac129
24f7e397faec79e62c37ff2f00b170f6dc1557fb46ac169f9f1897a9d641dd03
2629fc7347f82a42995da8e54b28567c1838b66f0663c92d058cf14114efe534
26a397eb44ac1cf1e0edb58e2b5f9aff7d27cb8422f00e2898c54712d2eff6e2
2730c5c36ad203407cf1083655cdda0ab2c9a8cfb9e3a8363687b444f25011e4
27bb6dfb9f15f7f2b1282311eb59214790162803b2c7e9c6a7f24d7835ea36f9
2a9937c6565c5ac4c13501e4dfdfb028b7f93bfebf5f320058724c5d19e2263f
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2ab3185248b863348abaa3ecb6a683d09150e95d4c5e8d46fed8e36e6982c253
2ba7697530bdd01e695c09b7dd7eca73f878377f6459d3f6126efc1790eb26f7
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2dbfd358b1763284fdd6f3a91c939364255c32992e33b98434b6765137fb49cb
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f28c37beb838d695f95710805308cfe7f1fcc286bd744ab0184a23a10d5a4ec
2fd8b544304d19a5969ba072dcad5f833205de22050d22ef2af14229434df746
2fe7d4c61b5ff8df86e2f196e838327ce1989b790dfd282b95ad5f76195455b4
30333fcd41679759e25fefcc761f4e98e3ea023dce3eb36b86a15cb1cd90aba7
323ea81b9ff5c91410966fb383641258dc6e254cb3357368f3993ff424d31f5d
33353c853630b0a620dcbd866e2bd49ebcb667b167aa11935934b89560e652d9
336235bd83543a7c33fc68f80b234b0e21b109ea9a3a056f5064be394a35386b
34685fe875aff4e059dd8d9c5e8c402b3c8b0a9e4f8560fea983678c98a2ea6f
350c605abf46fc8368cc3ad01f4059f624cffe7e6cc0aa30387016d3505c4724
357b7a8c6a18c7e4a61f550857c7664a144588923da63b8bb98cfe6f4c50c375
3613cc14c86a302e6123102daddf621174e9442a82f5aebbff8cc63d768ff90e
373015d4e34dbf73ecb406228a102a191bf689ab1531ad0afa629e97b6a4a7bd
387f4c0e19da90565145f8f67b1fcc8e7c1cb7c66178a7677b58ac7fbc9bbbd0
39a2f1f6f32cae16ff5f42922319ccabd7f6c2103fae4ac3e9ee080d86c2b9f6
3a677da8f32851941b090ee6e9294757cba154033200b20231b2a4ca7f62a820
3ba5427a680a411847777c424d62ced3acccd3444cc24cf4427ed1b55b08b36c
3cca9f17d14d725b3ea07b4e2561e53dea9e66c124e1032167ff8bfca2fd3b21
3d0e685f99e9414dedf37e0a55f10faf2562d9f4a3f66d47c6ffef8b5b600432
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3dd3eddc67a3bcd0b6d9785767b3096b2fbeb7f12347dccd755e3cd6be0a712b
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f3bd411e584342f97dd415f4b53a585b1c7e2a4ff7ce59c152d5df767e5cc91
3fbd2d61930151f20acb5168106d7e0fd1f40f559efbde90f0cea1356ec9cb78
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
401889ab4827a00d020ca2b13fe3b57a88acb390f3425faa0a07fb46ef1ea24f
433d5c6da53723f67e11e99c8482d2dd1a5a9a2dd944a4386fcdfb83699553d7
4376199dd0df8fd1a4e4f6654f329ca7520cec6bdd20fbdee7e759aa6a5b6bf4
438546ab319911389625ab2478027cbfbc8d5645c969131055f3ed8b2bd429b4
4557926a05164a4923ff16ce8cc7b2641f8759d34c965860e5264f81d485ee37
4612a731e8965beeb0f6f9d55bbc6ba91b2fd3672296d4561a8d42b502285a6c
4698afeb8a607026f1dc2bd145a6f0c2cbaf8e6ab89f7efed42cc64baf3c0873
46ec1c0e1ab2b8dbad8d5e5a89623be23c5ed0143de6e770d457a877f7a683d5
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49120de5d47bd735b7fe51736fde6bfd75dcdadbe3862c7eff507f27214ad6c2
49e327757815dbf393efb44776ae9942d9d90b8c801768483aa8f595ec875378
4dd992ebbb512edbbebaac41f045897500920d34679c12eb15e9949cfde0de44
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
528e08fc0def5fa605cd721a0010d95c9d68da909fec05177095a749cd86a854
52b04ccb62661945ee9f969429d41521a800ee9288acd4cb179f572787edfee7
52ce5a7da55fcf76761b5e98ea2306407267971828dbf86c4fa39562b9fdc194
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
5722702001788ee03a5638c5af46828d25917c12659977dd752ae46befd56ab6
579cb7ff98207f29f91bcfc5253508268a1b27b76a05e217c197e0ce5c5c010f
5a4918ffe64106f49bc51cc7105702b64ddeb8a72bd89e5b2d242e7682b7d691
5c53a8a2e98b1341eb6036cce0609193eee4a04e28c9b0c5e60291b41f8b7fc1
5df98d6a35cd7c205ae498e037904234a71c88620b39747b947a7766f762317c
5e8227bbd60e1f18eb0df4a580d5d84aa082f6b14f7ac2bfc320943ef88b2c04
5eb763740d8b0da04a2b24ae137d482593148ba1aa6110291309e57597d9e14d
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3
609b9141f6e3340b6184957498cfa161ac0f3f08af205bcdcd326a76a5d0de0e
61faf69bd293c8013b79cc909ad87baff566039fc340f42324fd1cf8d32f3eb3
62323efc5a606c1754f2900e0a5aca1a51d58b0366f6760808e04b1eacdf32fa
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
65784230d0d43d4203897c719df894ffe9277858457c1170dbb29ec202c95d6e
688b9a81997c0b9b2f47f30f4cb93c8eae78107d089650e79f284a331468df90
68b89c1f3ec9e9be7dc91c35dfc3184b2f0d88aaf7764da9f9e1322e047f8345
694c48e9addf53abacbe9e561c7e64063f9359b72246032672aa4317ac9b3e50
695ce10188e5306fcbf679b7cc125b6eac681d124a85a5908bbd8d0079a47e9a
69c8c56f185d739269fd58b980ceb4801b09c5d688c86a7e10b2df7e1b3ff286
69f4c93036ca13519885c8379e55a9e80c06380a8425a5e0e709aa07febf85bd
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b5600aee676958ae62273fbaf8b9738ab097c7caf144bdca2c3f1a22d066a18
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c48053cbfeab2800707c69fc0ebfb27739a4582a6dbcda6bd7e3f098bfe4d72
6c4aa0b188daf9fb45476c3844b6fdb6be6f0d8b090c9be422684c9b94afba45
6ca9c6777086d4cf13e7f288aeae7749e4efcc48aedc9f1f726e8c3536a2854a
6d0198699889967159b2072c7d455ce65720f2443d5bf5b4a95483792c75cbf8
6da7ccdbf9d1666df4d2de4b79578c7b2bd7cf540b7d260710a240dde103db80
6efde964cef044ecb200bd00d433e200456253510af7f4c5f52cc6515e4b7719
70772a7a36ab39e1f8cc319770a5eea261d23326e087c878d390eca09963d83b
708df3aeb30e06153a1d6d797aeae9c15043a2b5d812c5509cc82cbfd03b8972
720f13b16a005bbfddea132ce695e546167d8ab16a88ff5b9ca661ef81740d75
73b4d780445fdef277c6bdbe589971b58d167b3e61027169707758b22542f0fe
7469aebd27c020ddb4e40d58fc2d32536e1a1c23802039426328c4df8494ecc0
74864ac77c343c7a82d64faa1b962645ad5a11cfb177aad9f0fde10d897f4dd5
74b9b19e533f7065894dfd6c92e6751b9f0cdcf89d60ba3e0e880acad4385bde
75620f0ba09738161676e992fa799aebf1ad97407f2d4b49613cf48fcf9b0e19
758620a47e0b78dafa9f84bf31bf7b5286d3ec308898ef9a84210e200e155156
75f82aafde938180a887ba3ae050a79bafc336f879cde0c3a228bef1acea5c89
761c5d128949e6a0a3054e863c31bebc46866ec17538e8f4a6e78257b3864cdb
7798165ee5a3c6809310d8261dcbe7c8d0c12d795b7b09a71af3eb86ec8f33f2
7832cdd3678c86f85df323d4ad202f77a487b7314fa86b81a2f38f1f3e5f7946
78642e87f45f1ada5ef49b6a4b15991a30469af14dd93d4948bc6d1bf2d249bf
7bef61f69be3c640d404e119c56ba80044049b57343bd73ee855bd013c33c642
7d3c2e1f4da61db466093443965de518af2a14b288fa9b018623045a8d5cc254
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7f33a1fdceb5d9775534fc94fd84f8d0b4ce045f389476680512df4d22bb0f12
81017b77e6b32a8df8203193353169a8871b371dde24cc129fc797af8c3488fc
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
857de8f799aa927187faded6d2f45bf0e400a6e58bf5ace81af263ce877ab362
85a703d2d88ceb5a803c601ad8e596579f6864ef5dfc526f196db0f0c5a3b239
85f2debf26ab62202bca8710e8050b38ff8254bc3cca4a9de1318092b8854fd2
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
86dac89d5c5493cd385a462d6f46bda95fe9173e2e00d3b1218de845a6671979
88097b976a86b73590125551ac1ac07d2fa2fb0b0663bd0f992a23b8a6e03f9e
8a2214181039daf9d64f6d6d384829027ee15c0fe26f2545c23a7cc1e66f4604
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8daf7c4ed794b0b378c601fe12d72033585f350d780fc76bae98e8f38e8b8f82
8eaa3be9055370c233d3df6b3bf088768915c503748caf2cff104298afee9934
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
9054a0f7da37d8f7e12911a80a14f72463939cd06b4f566c56eeabfa7396e7cb
913eb8f14d0a12fc4b36e3c42e660450a7a3c1fec874f88c9169a3b89d6b25e3
91e2be63904d1abd904d52a42609b9cd50d63151076585845dbb04bd76ea0357
94fc677e12759a4ff807d8b0939a719f0a978a41386348b63cbcd1ff8df9d4cd
95d3073105313580bb2f7f8ee61573268617bdf05317eb91df7d442e24491eb4
984bca55409990098cf74adc47ed650c3d22c68900739950bd14c04c9d45f8f7
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9dd5a9d5052c8f4eb1125b94f04e48a1a89fe3f8b7a27a73b0d3962922bf049a
9e1730f6e3c5de3802debd93767fdba6642db300c757fea46e667dd8915a1f54
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2
9fcb974930a8b0db6460f66d3ebdb7d96ccd107680d83323057acf8d71011fc0
9fdcf154302a87b6f9cf33033bf07c3c3fc8238794eae4f5faaa478fd23f277a
a023b18f1af391803e0699f5226bc58045e6c3108521b7515f5eb30d9bdccba5
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0db99d9da0149da51b9b345ca059f998277fa95e8071b4a24b559926ce7b798
a0f20ea9cf6454114ad642cb1d979414a11e1d56c2664ab01ec1e5db30ef3ace
a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19
a1da6246173632c0bb2f56b9ee26fd9bc6781eb07a380565b9009f8a5fe7a487
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2b0958b48c3026a004c84275ce9e83b9a1b7523263adb54336781fad1b5163d
a2dc66b52f38698dd05b7a5a9a1b7a5c9c47a1c9d3dcd80a5381aa2ff6899d7e
a3ca410e2b8bfa703696c31cf30e1ba7009e8f7e13795ed2f024c27af0c27ef8
a49f4d8fadea490054eb1092442ed11701616ec3049199aea3504fd694e1a0e6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4aad772c25f048a20f838024ad793352624f5d64ff8d92d24f8d3e58f3e4683
a55b9272dbfcad8f1c9a7a747b437205c888c8a8b172e35b97880dd129ce4a73
a5ce32dcf9131cc58ef562d6b91fb64929f0d25df7cf26e0e85b06b899df178e
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a73e34e986dddc00d9e0f27047c88d78aabf6b01387183571d499fcbc8c78d69
a7874b862d1faf089608da188395aac2437dfa955dbe02539d1946f8452eb75f
a78f3c394abdb5185b2a1235457e0e9a50b97625ef7c01a276a0aef6c5dd87fb
a7933f860e68cec1fb6bc2d7dc4206f21e221aa6c77f4847add0d9e119c88f48
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
ab5f3bc8c637f3383c8b24b3e5ca63346bd69c52ccf287a9273f3dbb52918d18
ad2cb250bec4215626d326c2dde6c1fe55317ff119df311b5b9a43ca96f1cab8
adeacac4167dc188f54213893f0444ea5d60995143ad0552dcb4c383199a740b
ae62dd075f4359b389158ec0ce732971da832938b5d630a24eb2e89111b00e1b
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aee7edbcb570cae2ec689ea12a8195acddbdef7396e20f6389bba9f0608b39d3
af32a26ee374d22f4c0d2a8f9e3a1168a79c589e347793082964816c120081c5
af8da32b4d4d06aeeacf4bd5e96a2396c6bf4119de2ddbd14d3b377b4b7ddc83
afb24970f48d7aae6cc543dfed6a1a3df272e2dea2d013eea31110d83db82a19
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1903d716f202ad14f158840dd6e4ef52958acd379830dbda3adce9d356aa05e
b4945da99b055e70afdb05fb9a3aa304058fda95b7998a1934c35dea4171419e
b50836ef88b58e78151f63895b7c478c270b9fd57bc86c41243a757678693440
b56c553700b064ca711e6818f4a7a82f390d5e85d8a697b485fcf305bfe70cba
b6025a4fcefa0b8608fb06afedce99f6c842fb1d67177e771eba9748c8e489fa
b943ac9eb37bac5937d3fdec8a4295e7e330f8c1ff4b481fb2810d3ae4bca8dd
b95dc288481f0db34071e1681f683696d2f56549eed66d6c995ae3d918f34b9c
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bba375f7380feb84fd63bf9271069dd9eb884dd28cea5f1be7190707d879e156
bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012
bbf7d5f3c51524a743ef6e4208db936c8d47720d7658c98ae6a446a772bb2aaf
bf7a1a088786e44d4f09bd052851d3f39f34cf3aef2a6c9353cac1500a77ee65
c074313895686b0de0ea14df05b7bacfccfe00121314213853bf9ddfadb66e85
c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6
c1e487e44b8b2f105c31c000e8f29cf427da6e1e638ffd5007f7719328055eeb
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c221738b15c839ae6859f7d87c8355c0e2c2f7d98825deeee80df4c21ddd3389
c2aee95bc086399f34d2f60ae04f5efd2a638ad35ac0fd4ce279e553fa0696f5
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c3c283103a0bb705ab9790249be705c40c8337daf1f0537d5b3cb5fddfb548ec
c499ce33b2a130245a2e37676df8c9197b81c23c90015c00d36aa7d827e5dce2
c53acfba50e5a03627e8be676e2eeffae2acc298353cbb0dc4d0c32317344b1c
c59064803e1f033c94eb2900314d4d3b46755683a6bbb1a0276db67771d6a3b2
c5bec43970e646e700bd0c887bc37944087479b629969427f9fe2916bf5b5754
c6f62e88b9130a1963e3de00810b565fabf02d9834e3e848c640ebda2a9ae6d5
c7cfcde04f4d67f9a622885d416a95614e789602cc0f9007a4ce38e836f1078f
c9815821ab1442501b9e9bae3d4bc5730315d6a513c8b40141b2d47b76da1916
c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed
ca3c0fef7c6558b2d0244228980559d778d8b69aab9f81ba102395c8dcc074cc
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc0cf471d51fc2e0718ac3d31ab0c1d87aef59b57a6ac44859a2e8cd393ded28
ccffb3d568c9b420f05e8a4d5bd33fa23bed2eba1dae2e67f400ea13e0feadc5
ce228fe909a2d596d995ef8c95991d201dcb87527814d7037b1d07355fa2c257
ce7a06aab85be0d13838baab4aba2530e041c774b93ced51a5a83227cb83c3c7
ced5c873136c4fab4584c0c6d26dcd530c748303d7ed9b7a7966b2fe1d6f5915
ced8ffd5f64a8d4ada571057bd26b22fe590ae694f624b167e56d5294da8dc6d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf691a260498d64f5fde0f039dab98349d396b6894cac32e22069bc2e7271e84
d05210ec7272a11872150a17e08935aa61052df4a11ed2525a474ddcc950ae27
d0b3850a417ef733c6acaff02a3311c7ce9a5b7ee55d2cd76d8c7f1f661bcb20
d13e6ca9d1f7d26fa44110e49c9b207f5fc42f0f06203ea23584ff4c1d48bb51
d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5
d210cd0f02c4eb3c200ff32c9d223c4422949783272d0f092eead584c8ea0993
d283fd53639dba4a2b284ccb118167072b939560a747ef179a5f93279ec4260a
d4cc2c709011178c06e10f7c74ba463f3e4df26d12c2b11809287f6a9a352f50
d4dbdcbe094e30b86787917637b30973c02cf2ef25d575c040dc72f3b9ee7829
d533d520a7bc97bbb3f7eb3fdbbe4a9a0e42495c5fd6cd3c0adaec0f07f4dc4c
dc5a281743479dcc6f352b67e5219524b6153d1a73da652498a687e7aa16c81a
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dcf42b32f3d47a09a6bcfc81f79aa31d8efa3a4e3e3311d433d56d77d7fe983f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc
df2740a669815549f8340f3819359ff7dd7407d6b440bb5f915bb684707059c4
e08b363ca703656b7a31c71270d58fe37b0e8edfe2b581adf59f3cfda4bd86bb
e1e18913c0bfd43458de7afbc1e1b5dad05ceb719f831c5e6b01352c1a753fe1
e1f3ed7e09b0a37d9b832f730bd1341009bb0ddb748f29829b7fb0674175fbc8
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59
e2923098d7ce3a0e918ad52d744372d02b13498fd6ca6540fb881d0cfffcba10
e2eee82dbc12dbb2736176fd340330e17ae82e29c665dca251d27598c4447e53
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb
e6b9a3ebab04f35aa5b3532b44b1d4aba5659fb6cf39a4c1c3008c8f70fe7598
e781beabe50c0ae2715a94f66b19d89cef82ef08a4523946f12cdabe434ae4de
e9249ae527fa7da9d4880430969e7035ead404d1348401f09a95f43911d76613
eadea86431f8599b51b8f9c5fa3b5ac4fefb7e9d6bb0c9fe2280900d86d89d47
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c
ee50d0b272120afdf86764b6dbdce40d5eebaaa5044f36be7924b95a83ad3649
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
efdde317b774ed03a69918bb931553608881c84987ce79e68c7f9d32d6138a96
f01de67e61cc8fd53112b8636ffb1d84f5b293b8b866900fd818235ea56df2a3
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a
f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0
f4628b6ab214412067e28526e84a0908da3243cc69654d9a51c296a26bf43aa8
f61b94954d7412fb16b4df2d0296bfcd46546aab0bafa7ee3b400a105e931fef
f6248573434a6b4f50dbfe3166d5892c7e62ee1296a2328d50006fe88510cecf
f69882d53f5ac02ebcc9cec889cb442ffd54a1253137b976c241bf272369aec0
f8350f4c9ccb46bc9d58bf293fbba224ad4da056c1b6cdc13b9128b8558658e5
fa9afed7ba851a289c65ac652091f4e1d660a261a7c8b5ccf5f4e7f2a2b2916c
fba4accd2025c8c3dd6c60596965cac90bc9bb290d43a5a88c70e8659d7b2bbd
fc0a6f4424f099c3b226a62a045f4ba5f1d80f08738ff58cc881371a7862ccd4
fc0fbadd0003a518363a079597843305fcab3a583fc69bb67f352c98e57b68a2
fc1341fdff2e16e13e656d5c06d22406cab87b5e3043bc625db9952afc04f7dd
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
fce4d55d2141dd9c259cdca934ff21faf514f6f45f7c025e91b9b5abe699d564
ff8efe03e36fae8294a9f7448f03cd707e09935b213ea2d445efcbcab7370790
ff8f564d49e32a39c6caf2dade2e669daaf3a0a608bcba426ef88eeb10d215d9